urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
104.83.196.116  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.heraldsun.com.au/
Effective URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Submission: On November 19 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 147 IPs in 14 countries across 126 domains to perform 581 HTTP transactions. The main IP is 104.83.196.116, located in Singapore, Singapore and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 236185.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 7th 2022. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 41 104.83.196.116 16625 (AKAMAI-AS)
1 11 104.83.196.200 16625 (AKAMAI-AS)
11 23.52.112.182 16625 (AKAMAI-AS)
1 151.101.2.217 54113 (FASTLY)
1 18 151.101.65.44 54113 (FASTLY)
1 192.0.66.122 2635 (AUTOMATTIC)
4 52.95.129.82 16509 (AMAZON-02)
1 13.33.33.30 16509 (AMAZON-02)
18 142.251.12.132 15169 (GOOGLE)
2 34.160.169.226 15169 (GOOGLE)
1 4 13.33.88.104 16509 (AMAZON-02)
1 172.64.133.15 13335 (CLOUDFLAR...)
7 18.161.111.105 16509 (AMAZON-02)
3 104.69.108.119 16625 (AKAMAI-AS)
4 23.52.112.234 16625 (AKAMAI-AS)
2 10 141.226.229.48 200478 (TABOOLA-AS)
1 199.36.158.100 54113 (FASTLY)
2 54.192.150.8 16509 (AMAZON-02)
1 4 74.125.130.149 15169 (GOOGLE)
1 13.33.91.15 16509 (AMAZON-02)
2 157.240.15.13 32934 (FACEBOOK)
1 13.227.138.100 16509 (AMAZON-02)
2 3.224.58.51 14618 (AMAZON-AES)
1 151.101.65.175 54113 (FASTLY)
2 104.22.52.86 13335 (CLOUDFLAR...)
1 104.65.228.244 16625 (AKAMAI-AS)
2 10 74.125.24.154 15169 (GOOGLE)
1 3 13.224.158.57 16509 (AMAZON-02)
1 13.33.100.143 16509 (AMAZON-02)
1 54.192.150.4 16509 (AMAZON-02)
2 104.26.6.155 13335 (CLOUDFLAR...)
2 2 18.194.192.141 16509 (AMAZON-02)
1 52.52.52.67 16509 (AMAZON-02)
2 2 124.146.215.48 2514 (INFOSPHER...)
8 11 69.173.158.64 26667 (RUBICONPR...)
19 67.199.150.86 3257 (GTT-BACKB...)
17 58 74.125.24.157 15169 (GOOGLE)
9 19 15.197.193.217 16509 (AMAZON-02)
1 2 209.191.163.209 14744 (INTERNAP-...)
1 74.214.196.131 19189 (PULSEPOINT)
1 23.106.127.53 59253 (LEASEWEB-...)
1 3.215.244.231 14618 (AMAZON-AES)
2 2 182.161.73.146 55569 (CRITEO-AS...)
8 12 162.19.138.119 16276 (OVH)
5 6 185.84.60.30 198622 (ADFORM)
2 3 119.9.108.180 45187 (RACKSPACE...)
4 5 107.178.244.193 15169 (GOOGLE)
4 4 103.229.205.243 30419 (MEDIAMATH...)
5 10 104.254.151.68 29990 (ASN-APPNEX)
3 3 18.141.80.142 16509 (AMAZON-02)
8 8 35.213.12.39 15169 (GOOGLE)
3 4 202.131.200.84 17941 (BIT-ISLE ...)
1 1 202.131.200.82 17941 (BIT-ISLE ...)
2 2 35.156.139.93 16509 (AMAZON-02)
2 4 34.98.64.218 396982 (GOOGLE-CL...)
1 2 52.223.2.229 16509 (AMAZON-02)
1 44.239.168.124 16509 (AMAZON-02)
3 3 35.174.181.179 14618 (AMAZON-AES)
1 82.145.213.8 39832 (NO-OPERA)
7 142.251.10.157 15169 (GOOGLE)
1 9 172.253.118.139 15169 (GOOGLE)
5 3.214.69.6 14618 (AMAZON-AES)
1 16 52.33.87.56 16509 (AMAZON-02)
3 13.33.88.113 16509 (AMAZON-02)
1 54.230.61.52 16509 (AMAZON-02)
1 104.16.89.20 13335 (CLOUDFLAR...)
1 54.149.113.230 16509 (AMAZON-02)
3 63.140.48.156 16509 (AMAZON-02)
1 1 54.169.17.254 16509 (AMAZON-02)
1 162.19.138.83 16276 (OVH)
1 162.19.138.118 16276 (OVH)
4 54.192.150.97 16509 (AMAZON-02)
2 23.59.168.10 20940 (AKAMAI-ASN1)
3 3 50.116.239.135 6336 (TURN-US-ASN)
4 3.105.150.206 16509 (AMAZON-02)
1 13.227.138.6 16509 (AMAZON-02)
1 13.33.88.56 16509 (AMAZON-02)
1 6 104.65.228.208 16625 (AKAMAI-AS)
2 3 104.18.33.19 13335 (CLOUDFLAR...)
1 1 199.127.207.180 26120 (RHYTHMONE)
1 1 107.22.173.254 14618 (AMAZON-AES)
5 54.202.29.137 16509 (AMAZON-02)
2 2 23.73.13.201 16625 (AKAMAI-AS)
11 12 151.101.66.49 54113 (FASTLY)
4 20 139.5.84.243 27381 (CASALE-MEDIA)
5 103.231.98.194 62713 (AS-PUBMATIC)
1 2 103.71.26.125 132134 (SPOTX-AS-...)
3 157.240.15.35 32934 (FACEBOOK)
4 5 74.118.186.45 26120 (RHYTHMONE)
1 141.226.224.32 200478 (TABOOLA-AS)
4 69.173.158.65 26667 (RUBICONPR...)
2 54.237.32.183 14618 (AMAZON-AES)
1 3 34.102.253.54 396982 (GOOGLE-CL...)
1 103.231.98.193 62713 (AS-PUBMATIC)
1 182.161.73.145 55569 (CRITEO-AS...)
1 13.227.248.101 16509 (AMAZON-02)
7 142.251.10.94 15169 (GOOGLE)
7 54.254.49.143 16509 (AMAZON-02)
3 74.125.200.94 15169 (GOOGLE)
2 7 52.46.128.147 16509 (AMAZON-02)
1 18.155.68.99 16509 (AMAZON-02)
4 13.250.213.124 16509 (AMAZON-02)
1 54.192.150.117 16509 (AMAZON-02)
2 182.161.73.129 55569 (CRITEO-AS...)
7 74.125.200.101 15169 (GOOGLE)
1 18.142.41.66 16509 (AMAZON-02)
4 67.199.150.81 3257 (GTT-BACKB...)
1 13.33.33.73 16509 (AMAZON-02)
4 52.84.228.218 16509 (AMAZON-02)
1 199.232.44.157 54113 (FASTLY)
1 23.49.60.167 20940 (AKAMAI-ASN1)
2 172.253.118.97 15169 (GOOGLE)
2 151.101.65.108 54113 (FASTLY)
2 4 172.217.194.149 15169 (GOOGLE)
1 142.250.4.156 15169 (GOOGLE)
3 4 35.227.202.26 15169 (GOOGLE)
2 5 104.254.150.228 29990 (ASN-APPNEX)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
6 67.199.150.85 62713 (AS-PUBMATIC)
1 2 34.126.167.117 396982 (GOOGLE-CL...)
2 4 18.142.1.26 16509 (AMAZON-02)
1 142.250.4.155 15169 (GOOGLE)
3 172.217.194.156 15169 (GOOGLE)
3 142.250.4.132 15169 (GOOGLE)
7 142.251.12.156 15169 (GOOGLE)
1 34.120.155.137 396982 (GOOGLE-CL...)
2 13.114.188.47 16509 (AMAZON-02)
3 172.64.154.237 13335 (CLOUDFLAR...)
2 184.31.5.52 16625 (AKAMAI-AS)
1 172.64.151.162 13335 (CLOUDFLAR...)
2 2 18.181.124.83 16509 (AMAZON-02)
4 4 23.106.69.72 59253 (LEASEWEB-...)
3 3 50.31.142.127 23352 (SERVERCEN...)
1 13.251.70.29 16509 (AMAZON-02)
10 172.217.194.157 15169 (GOOGLE)
5 142.250.4.104 15169 (GOOGLE)
1 104.18.36.94 13335 (CLOUDFLAR...)
3 3 52.74.162.2 16509 (AMAZON-02)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
2 13.35.8.26 16509 (AMAZON-02)
4 5 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.101.194 13335 (CLOUDFLAR...)
1 52.94.222.140 16509 (AMAZON-02)
2 4 146.20.132.166 27357 (RACKSPACE)
15 142.251.12.148 15169 (GOOGLE)
1 2 103.229.10.211 16509 (AMAZON-02)
2 2 13.33.88.20 16509 (AMAZON-02)
2 2 172.104.45.159 63949 (LINODE-AP...)
2 2 23.36.48.24 16625 (AKAMAI-AS)
1 1 23.106.127.164 59253 (LEASEWEB-...)
2 151.101.66.133 54113 (FASTLY)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 124.146.153.150 2514 (INFOSPHER...)
1 1 133.186.161.88 45974 (NHN-AS-KR...)
2 52.28.196.126 16509 (AMAZON-02)
1 1 18.138.18.111 16509 (AMAZON-02)
1 1 52.197.202.80 16509 (AMAZON-02)
15 54.192.150.94 16509 (AMAZON-02)
1 151.101.194.133 54113 (FASTLY)
1 2 35.186.193.173 15169 (GOOGLE)
1 18.176.115.166 16509 (AMAZON-02)
2 2 52.220.190.140 16509 (AMAZON-02)
2 2 173.231.184.20 32475 (SINGLEHOP...)
1 2 3.1.116.111 16509 (AMAZON-02)
2 2 89.207.22.73 399104 (CNVR-APAC)
24 52.54.226.35 14618 (AMAZON-AES)
2 142.251.12.95 15169 (GOOGLE)
6 13.33.88.67 16509 (AMAZON-02)
7 13.33.88.60 16509 (AMAZON-02)
1 169.197.150.8 398989 (DEEPINTENT)
1 195.5.165.20 44968 (IPROM-AS)
1 2 104.18.25.173 13335 (CLOUDFLAR...)
1 35.214.223.115 15169 (GOOGLE)
581 147
41    104.83.196.116 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-116.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
content.api.news
mhr.talk.news.com.au
11    104.83.196.200 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-200.deploy.static.akamaitechnologies.com
tags.news.com.au
11    23.52.112.182 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-112-182.deploy.static.akamaitechnologies.com
resourcesssl.newscdn.com.au
1    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
18    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
widget.perfectmarket.com
trc.taboola.com
images.taboola.com
match.taboola.com
pips.taboola.com
1    192.0.66.122 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
origin.go.heraldsun.com.au
4    52.95.129.82 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
1    13.33.33.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-30.sin2.r.cloudfront.net
edition.pagesuite.com
18    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
cdn.ampproject.org
tpc.googlesyndication.com
2    34.160.169.226 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 226.169.160.34.bc.googleusercontent.com
bedsberry.com
4    13.33.88.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-104.sin2.r.cloudfront.net
sb.scorecardresearch.com
1    172.64.133.15 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
7    18.161.111.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-111-105.mrs52.r.cloudfront.net
static.adsafeprotected.com
3    104.69.108.119 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-108-119.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.heraldsun.com.au
4    23.52.112.234 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-112-234.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
10    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)
sg-trc-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
1    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
ts2020-indies-client.web.app
2    54.192.150.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-8.sin2.r.cloudfront.net
assets.vidora.com
4    74.125.130.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f149.1e100.net
ad.doubleclick.net
1    13.33.91.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-91-15.sin2.r.cloudfront.net
static.chartbeat.com
2    157.240.15.13 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-03-sin6.fbcdn.net
connect.facebook.net
1    13.227.138.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-138-100.bom50.r.cloudfront.net
au.tags.newscgp.com
2    3.224.58.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-58-51.compute-1.amazonaws.com
pixel.zprk.io
1    151.101.65.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
2    104.22.52.86 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    104.65.228.244 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-65-228-244.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
10    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
bid.g.doubleclick.net
3    13.224.158.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-158-57.hkg54.r.cloudfront.net
c.amazon-adsystem.com
1    13.33.100.143 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-100-143.sin2.r.cloudfront.net
d3div1mtym39ic.cloudfront.net
1    54.192.150.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-4.sin2.r.cloudfront.net
ats-wrapper.privacymanager.io
2    104.26.6.155 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
2    18.194.192.141 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-192-141.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    52.52.52.67 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-52-67.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
2    124.146.215.48 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
11    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
19    67.199.150.86 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
58    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
cm.g.doubleclick.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
19    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    209.191.163.209 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ce.lijit.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    23.106.127.53 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
1    3.215.244.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-244-231.compute-1.amazonaws.com
e1.emxdgt.com
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
12    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
6    185.84.60.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    119.9.108.180 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
5    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
4    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
10    104.254.151.68 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
3    18.141.80.142 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com
ps.eyeota.net
8    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
4    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
1    202.131.200.82 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-tapi.admatrix.jp
2    35.156.139.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-139-93.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
2    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    44.239.168.124 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-168-124.us-west-2.compute.amazonaws.com
visitor.omnitagjs.com
3    35.174.181.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-181-179.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
7    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
googleads4.g.doubleclick.net
9    172.253.118.139 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f139.1e100.net
news.google.com
5    3.214.69.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-69-6.compute-1.amazonaws.com
ping.chartbeat.net
16    52.33.87.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-87-56.us-west-2.compute.amazonaws.com
dpm.demdex.net
3    13.33.88.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-113.sin2.r.cloudfront.net
cdn-gl.imrworldwide.com
1    54.230.61.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-61-52.icn54.r.cloudfront.net
cdn.adsafeprotected.com
1    104.16.89.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    54.149.113.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-113-230.us-west-2.compute.amazonaws.com
newscorpau.demdex.net
3    63.140.48.156 (United States)

ASN16509 (AMAZON-02, US)
metrics.heraldsun.com.au
edge.adobedc.net
1    54.169.17.254 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-17-254.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
1    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
lbs.eu-1-id5-sync.com
4    54.192.150.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-97.sin2.r.cloudfront.net
au-script.dotmetrics.net
2    23.59.168.10 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-59-168-10.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
3    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
ad.turn.com
4    3.105.150.206 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-105-150-206.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
1    13.227.138.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-138-6.bom50.r.cloudfront.net
ncg.tags.news.com.au
1    13.33.88.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-56.sin2.r.cloudfront.net
au.audience.newscgp.com
6    104.65.228.208 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-65-228-208.deploy.static.akamaitechnologies.com
image5.pubmatic.com
ads.pubmatic.com
3    104.18.33.19 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
htlb.casalemedia.com
1    199.127.207.180 (United States)

ASN26120 (RHYTHMONE, US)
dt.scanscout.com
1    107.22.173.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-173-254.compute-1.amazonaws.com
usermatch.krxd.net
5    54.202.29.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-202-29-137.us-west-2.compute.amazonaws.com
beacon.krxd.net
2    23.73.13.201 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-13-201.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
12    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
20    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
5    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    103.71.26.125 (Singapore, Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
3    157.240.15.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-03-sin6.facebook.com
www.facebook.com
5    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
4    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    54.237.32.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-32-183.compute-1.amazonaws.com
mfad.inskinad.com
3    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    13.227.248.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-248-101.sin52.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
7    142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
www.gstatic.com
www.google.com.au
7    54.254.49.143 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-49-143.ap-southeast-1.compute.amazonaws.com
pixel.adsafeprotected.com
3    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
fonts.gstatic.com
7    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    18.155.68.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-99.sin52.r.cloudfront.net
rm-script.dotmetrics.net
4    13.250.213.124 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-213-124.ap-southeast-1.compute.amazonaws.com
secure-sdk.imrworldwide.com
secure-gg.imrworldwide.com
1    54.192.150.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-117.sin2.r.cloudfront.net
8828iayzkvjstuhtt6jcely8u8zcy1668828016.nuid.imrworldwide.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
7    74.125.200.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f101.1e100.net
play.google.com
1    18.142.41.66 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-41-66.ap-southeast-1.compute.amazonaws.com
bs.serving-sys.com
4    67.199.150.81 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    13.33.33.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-73.sin2.r.cloudfront.net
check.analytics.rlcdn.com
4    52.84.228.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-228-218.sin2.r.cloudfront.net
js.adsrvr.org
1    199.232.44.157 (Singapore, Singapore)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    23.49.60.167 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-60-167.deploy.static.akamaitechnologies.com
snap.licdn.com
2    172.253.118.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f97.1e100.net
www.googletagmanager.com
2    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    172.217.194.149 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f149.1e100.net
8228261.fls.doubleclick.net
1    142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net
www.googleadservices.com
4    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
au-gmtdmp.mookie1.com
odr.mookie1.com
5    104.254.150.228 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
6    67.199.150.85 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    34.126.167.117 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.167.126.34.bc.googleusercontent.com
um.simpli.fi
4    18.142.1.26 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-1-26.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
adservice.google.com.au
3    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
adservice.google.com
3    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
7    142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net
googleads.g.doubleclick.net
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    13.114.188.47 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-188-47.ap-northeast-1.compute.amazonaws.com
prebid-a.rubiconproject.com
3    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    184.31.5.52 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-5-52.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    18.181.124.83 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-181-124-83.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
4    23.106.69.72 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
3    50.31.142.127 (Elmhurst, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    13.251.70.29 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-70-29.ap-southeast-1.compute.amazonaws.com
invoke.bonzai.co
10    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
www.googletagservices.com
5    142.250.4.104 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f104.1e100.net
www.google.com
1    104.18.36.94 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
3    52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    13.35.8.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-26.sin5.r.cloudfront.net
cdn.linkedin.oribi.io
5    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
2    104.18.101.194 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    146.20.132.166 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
15    142.251.12.148 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f148.1e100.net
s0.2mdn.net
2    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    13.33.88.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-20.sin2.r.cloudfront.net
cr-p1.ladsp.com
2    172.104.45.159 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1625-159.members.linode.com
a.c.appier.net
gocm.c.appier.net
2    23.36.48.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-48-24.deploy.static.akamaitechnologies.com
cs.media.net
1    23.106.127.164 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
2    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    124.146.153.150 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
gdn.socdm.com
1    133.186.161.88 (Japan)

ASN45974 (NHN-AS-KR NHN, KR)
app.cauly.co.kr
2    52.28.196.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-196-126.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    52.197.202.80 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-202-80.ap-northeast-1.compute.amazonaws.com
aa.agkn.com
15    54.192.150.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-94.sin2.r.cloudfront.net
massets.bonzai.co
1    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
consumer.krxd.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    18.176.115.166 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-115-166.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
2    52.220.190.140 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-190-140.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
2    173.231.184.20 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-cassandra-1.sys.adgear.com
cm.adgrx.com
2    3.1.116.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-116-111.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
2    89.207.22.73 (Singapore, Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin01-usadmm-ds.dotomi.com
pubmatic-match.dotomi.com
24    52.54.226.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-226-35.compute-1.amazonaws.com
dt.adsafeprotected.com
2    142.251.12.95 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f95.1e100.net
fonts.googleapis.com
6    13.33.88.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-67.sin2.r.cloudfront.net
dcollector.bonzai.co
7    13.33.88.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-60.sin2.r.cloudfront.net
s.bzcdn.co
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    104.18.25.173 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
Apex Domain
Subdomains		 Transfer
71 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 173
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 226357
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
bid.g.doubleclick.net — Cisco Umbrella Rank: 672
315 KB
41 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 671
image5.pubmatic.com — Cisco Umbrella Rank: 55246
image2.pubmatic.com — Cisco Umbrella Rank: 882
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
ads.pubmatic.com — Cisco Umbrella Rank: 458
image6.pubmatic.com — Cisco Umbrella Rank: 662
image4.pubmatic.com — Cisco Umbrella Rank: 822
simage4.pubmatic.com — Cisco Umbrella Rank: 1110
70 KB
39 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 546
cdn.adsafeprotected.com — Cisco Umbrella Rank: 2994
pixel.adsafeprotected.com — Cisco Umbrella Rank: 605
dt.adsafeprotected.com — Cisco Umbrella Rank: 518
302 KB
37 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
202 KB
27 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 996
trc.taboola.com — Cisco Umbrella Rank: 636
images.taboola.com — Cisco Umbrella Rank: 1558
sg-trc-events.taboola.com — Cisco Umbrella Rank: 34482
sync.taboola.com — Cisco Umbrella Rank: 938
sync-t1.taboola.com — Cisco Umbrella Rank: 1187
match.taboola.com — Cisco Umbrella Rank: 4200
pips.taboola.com — Cisco Umbrella Rank: 1453
cds.taboola.com — Cisco Umbrella Rank: 1454
209 KB
26 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1273
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
htlb.casalemedia.com — Cisco Umbrella Rank: 491
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
21 KB
25 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 236185
origin.go.heraldsun.com.au
subscriptions.heraldsun.com.au
metrics.heraldsun.com.au
846 KB
24 google.com
news.google.com — Cisco Umbrella Rank: 5373
play.google.com — Cisco Umbrella Rank: 23
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
74 KB
23 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
js.adsrvr.org — Cisco Umbrella Rank: 1393
insight.adsrvr.org — Cisco Umbrella Rank: 573
20 KB
22 bonzai.co
invoke.bonzai.co — Cisco Umbrella Rank: 172248
massets.bonzai.co — Cisco Umbrella Rank: 176270
collector.bonzai.co Failed
dcollector.bonzai.co — Cisco Umbrella Rank: 172789
4 MB
19 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
token.rubiconproject.com — Cisco Umbrella Rank: 544
fastlane.rubiconproject.com — Cisco Umbrella Rank: 439
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2899
eus.rubiconproject.com — Cisco Umbrella Rank: 541
21 KB
19 api.news
content.api.news — Cisco Umbrella Rank: 61433
293 KB
17 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
newscorpau.demdex.net — Cisco Umbrella Rank: 119892
21 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
acdn.adnxs.com — Cisco Umbrella Rank: 579
secure.adnxs.com — Cisco Umbrella Rank: 426
34 KB
15 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
288 KB
14 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1084
id5-sync.com — Cisco Umbrella Rank: 479
50 KB
13 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1007
sync-tm.everesttech.net — Cisco Umbrella Rank: 533
3 KB
13 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 55840
mhr.talk.news.com.au — Cisco Umbrella Rank: 732770
ncg.tags.news.com.au — Cisco Umbrella Rank: 158627
236 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 290
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915
10 KB
11 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 105713
83 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
412 KB
9 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1283
beacon.krxd.net — Cisco Umbrella Rank: 530
cdn.krxd.net — Cisco Umbrella Rank: 1638
consumer.krxd.net — Cisco Umbrella Rank: 2207
91 KB
8 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2328
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 6710
8828iayzkvjstuhtt6jcely8u8zcy1668828016.nuid.imrworldwide.com
secure-gg.imrworldwide.com — Cisco Umbrella Rank: 2945
69 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
4 KB
7 bzcdn.co
s.bzcdn.co — Cisco Umbrella Rank: 330131
106 KB
7 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
3 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
192 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 582
3 KB
6 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 131368
au.pixel.newscgp.com — Cisco Umbrella Rank: 194491
au.audience.newscgp.com — Cisco Umbrella Rank: 215967
49 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
www.linkedin.com — Cisco Umbrella Rank: 576
4 KB
5 rlcdn.com
check.analytics.rlcdn.com — Cisco Umbrella Rank: 3831
idsync.rlcdn.com — Cisco Umbrella Rank: 321
api.rlcdn.com — Cisco Umbrella Rank: 762
1 KB
5 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 1922
bs.serving-sys.com — Cisco Umbrella Rank: 1181
lm.serving-sys.com — Cisco Umbrella Rank: 1931
26 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 50344
rm-script.dotmetrics.net — Cisco Umbrella Rank: 5506
40 KB
5 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1132
1001 B
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 400
908 B
4 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 2663
2 KB
4 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 924
2 KB
4 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 79993
www.google.com.au — Cisco Umbrella Rank: 24281
2 KB
4 mookie1.com
au-gmtdmp.mookie1.com — Cisco Umbrella Rank: 345065
odr.mookie1.com — Cisco Umbrella Rank: 929
1 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 519
2 KB
4 openx.net
u.openx.net — Cisco Umbrella Rank: 656
us-u.openx.net — Cisco Umbrella Rank: 407
577 B
4 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2606
1 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 446
2 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 944
24 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 146
5 KB
4 amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com — Cisco Umbrella Rank: 973623
60 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 531
2 KB
3 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3659
428 B
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
586 B
3 turn.com
d.turn.com — Cisco Umbrella Rank: 1098
ad.turn.com — Cisco Umbrella Rank: 708
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 665
1 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 926
2 KB
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1134
2 KB
3 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 631
bidder.criteo.com — Cisco Umbrella Rank: 691
1 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 883
gdn.socdm.com — Cisco Umbrella Rank: 78863
3 KB
3 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 353
18 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 745
s.tribalfusion.com — Cisco Umbrella Rank: 1840
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
2 KB
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3009
745 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 714
857 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1298
1009 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
2 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5115
673 B
2 media.net
cs.media.net — Cisco Umbrella Rank: 1349
2 KB
2 appier.net
a.c.appier.net — Cisco Umbrella Rank: 13802
gocm.c.appier.net — Cisco Umbrella Rank: 1971
934 B
2 ladsp.com
cr-p1.ladsp.com — Cisco Umbrella Rank: 118049
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 615
1 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 471
466 B
2 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1409
367 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 465
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 587
cdn.indexww.com — Cisco Umbrella Rank: 1490
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 752
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 668
716 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
104 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
57 KB
2 inskinad.com
mfad.inskinad.com — Cisco Umbrella Rank: 24529
1 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 557
1 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 508
stags.bluekai.com — Cisco Umbrella Rank: 480
962 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1158
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1326
695 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 339
738 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 865
1 KB
2 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 607
ssbsync.smartadserver.com — Cisco Umbrella Rank: 807
1005 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 862
1 KB
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 2703
629 B
2 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3216
17 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 19495
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 139
112 KB
2 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 16571
6 KB
2 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 159632
3 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3110
32 KB
2 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 95687
28 KB
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 840
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5822
279 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 801
44 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1004
527 B
1 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 19687
220 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 434
517 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 25038
654 B
1 cauly.co.kr
app.cauly.co.kr — Cisco Umbrella Rank: 129219
539 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2182
173 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 528
396 B
1 t.co
t.co — Cisco Umbrella Rank: 475
379 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3986
391 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 160
17 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 716
5 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 603
15 KB
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 7546
836 B
1 scanscout.com
dt.scanscout.com — Cisco Umbrella Rank: 29559
698 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
2 KB
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1729
467 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 901
385 B
1 admatrix.jp
sync-tapi.admatrix.jp — Cisco Umbrella Rank: 89778
529 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1146
67 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 510
729 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 967
539 B
1 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 4920
27 KB
1 cloudfront.net
d3div1mtym39ic.cloudfront.net
40 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 29473
20 KB
1 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4338
949 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1239
24 KB
1 web.app
ts2020-indies-client.web.app — Cisco Umbrella Rank: 200369
2 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 867
12 KB
1 pagesuite.com
edition.pagesuite.com — Cisco Umbrella Rank: 86633
49 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 5069
7 KB
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
0 sonobi.com Failed
syd-1-apex.go.sonobi.com Failed
581 126
Domain Requested by
37 cm.g.doubleclick.net 19 redirects www.heraldsun.com.au
googleads.g.doubleclick.net
bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
24 dt.adsafeprotected.com www.heraldsun.com.au
21 www.heraldsun.com.au 2 redirects www.heraldsun.com.au
20 dsum-sec.casalemedia.com 4 redirects www.heraldsun.com.au
ssum-sec.casalemedia.com
googleads.g.doubleclick.net
19 pagead2.googlesyndication.com ad.doubleclick.net
bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.heraldsun.com.au
www.googletagservices.com
19 simage2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
19 content.api.news www.heraldsun.com.au
16 dpm.demdex.net 1 redirects www.heraldsun.com.au
tags.news.com.au
ssum-sec.casalemedia.com
16 match.adsrvr.org 8 redirects ssum-sec.casalemedia.com
js.adsrvr.org
www.heraldsun.com.au
15 massets.bonzai.co invoke.bonzai.co
massets.bonzai.co
www.heraldsun.com.au
15 s0.2mdn.net www.heraldsun.com.au
s0.2mdn.net
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
ad.doubleclick.net
tpc.googlesyndication.com
12 sync-tm.everesttech.net 11 redirects www.heraldsun.com.au
12 id5-sync.com 8 redirects cdn.id5-sync.com
www.heraldsun.com.au
tags.news.com.au
11 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
www.googletagservices.com
11 resourcesssl.newscdn.com.au www.heraldsun.com.au
ts2020-indies-client.web.app
11 tags.news.com.au 1 redirects www.heraldsun.com.au
tags.tiqcdn.com
au.tags.newscgp.com
10 www.googletagservices.com securepubads.g.doubleclick.net
bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
www.googletagservices.com
www.heraldsun.com.au
s0.2mdn.net
10 ib.adnxs.com 5 redirects www.heraldsun.com.au
tags.news.com.au
acdn.adnxs.com
9 news.google.com 1 redirects subscriptions.heraldsun.com.au
news.google.com
www.heraldsun.com.au
www.gstatic.com
8 x.bidswitch.net 8 redirects
7 s.bzcdn.co www.heraldsun.com.au
massets.bonzai.co
s.bzcdn.co
7 googleads.g.doubleclick.net www.googleadservices.com
bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
www.heraldsun.com.au
www.googletagmanager.com
7 play.google.com www.gstatic.com
7 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ads.pubmatic.com
ssum-sec.casalemedia.com
www.heraldsun.com.au
7 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
7 googleads4.g.doubleclick.net ad.doubleclick.net
www.heraldsun.com.au
7 static.adsafeprotected.com bedsberry.com
pixel.adsafeprotected.com
www.heraldsun.com.au
7 cdn.taboola.com www.heraldsun.com.au
cdn.taboola.com
6 dcollector.bonzai.co www.heraldsun.com.au
6 c1.adform.net 5 redirects ads.pubmatic.com
6 pixel.rubiconproject.com 4 redirects www.heraldsun.com.au
6 sync.taboola.com 2 redirects www.heraldsun.com.au
6 trc.taboola.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
5 www.google.com securepubads.g.doubleclick.net
bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
www.heraldsun.com.au
5 secure.adnxs.com 2 redirects www.heraldsun.com.au
5 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
tags.news.com.au
bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
5 image2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
5 beacon.krxd.net www.heraldsun.com.au
cdn.krxd.net
5 token.rubiconproject.com 4 redirects www.heraldsun.com.au
5 ping.chartbeat.net www.heraldsun.com.au
5 pixel.tapad.com 4 redirects www.heraldsun.com.au
4 cs.lkqd.net 2 redirects googleads.g.doubleclick.net
4 simage4.pubmatic.com ads.pubmatic.com
4 px.ads.linkedin.com 3 redirects www.heraldsun.com.au
4 gu.dyntrk.com 4 redirects
4 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 8228261.fls.doubleclick.net 2 redirects www.heraldsun.com.au
4 js.adsrvr.org secure-ds.serving-sys.com
insight.adsrvr.org
4 image6.pubmatic.com ads.pubmatic.com
4 www.gstatic.com news.google.com
www.gstatic.com
4 fastlane.rubiconproject.com tags.news.com.au
4 sync.1rx.io 3 redirects www.heraldsun.com.au
4 au.pixel.newscgp.com au.tags.newscgp.com
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
4 sync-dsp.ad-m.asia 3 redirects ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 ad.doubleclick.net 1 redirects tags.tiqcdn.com
www.googletagservices.com
www.heraldsun.com.au
4 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
4 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
widget.perfectmarket.com
3 odr.mookie1.com 3 redirects
3 www.google.com.au www.heraldsun.com.au
3 ups.analytics.yahoo.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 ssum-sec.casalemedia.com tags.news.com.au
js-sec.indexww.com
ssum-sec.casalemedia.com
3 bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adservice.google.com securepubads.g.doubleclick.net
8228261.fls.doubleclick.net
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 insight.adsrvr.org 1 redirects js.adsrvr.org
3 fonts.gstatic.com news.google.com
fonts.googleapis.com
3 ads.playground.xyz 1 redirects tags.news.com.au
www.heraldsun.com.au
3 www.facebook.com www.heraldsun.com.au
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 sync.srv.stackadapt.com 3 redirects
3 ps.eyeota.net 3 redirects
3 uipglob.semasio.net 2 redirects www.heraldsun.com.au
3 sync-t1.taboola.com www.heraldsun.com.au
3 c.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
3 cdn.ampproject.org www.heraldsun.com.au
2 fonts.googleapis.com s0.2mdn.net
2 pubmatic-match.dotomi.com 2 redirects
2 sync.crwdcntrl.net 1 redirects www.heraldsun.com.au
2 cm.adgrx.com 2 redirects
2 pm.w55c.net 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 secure-gg.imrworldwide.com bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
2 lm.serving-sys.com secure-ds.serving-sys.com
2 cdn.krxd.net ad.doubleclick.net
cdn.krxd.net
2 cs.media.net 2 redirects
2 cr-p1.ladsp.com 2 redirects
2 cms.quantserve.com 1 redirects bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
2 p.adsymptotic.com 1 redirects www.heraldsun.com.au
2 cdn.linkedin.oribi.io snap.licdn.com
2 ad.turn.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 eus.rubiconproject.com tags.news.com.au
eus.rubiconproject.com
2 prebid-a.rubiconproject.com tags.news.com.au
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 acdn.adnxs.com www.heraldsun.com.au
tags.news.com.au
2 www.googletagmanager.com secure-ds.serving-sys.com
2 static.criteo.net tags.news.com.au
static.criteo.net
2 secure-sdk.imrworldwide.com www.heraldsun.com.au
2 mfad.inskinad.com tags.news.com.au
ssum-sec.casalemedia.com
2 sync.search.spotxchange.com 1 redirects www.heraldsun.com.au
2 us-u.openx.net 1 redirects www.heraldsun.com.au
2 ssum.casalemedia.com 2 redirects
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 metrics.heraldsun.com.au tags.news.com.au
2 eb2.3lift.com 1 redirects www.heraldsun.com.au
2 u.openx.net 1 redirects www.heraldsun.com.au
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com 2 redirects
2 ce.lijit.com 1 redirects www.heraldsun.com.au
2 tg.socdm.com 2 redirects
2 ih.adscale.de 2 redirects
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 cdn.id5-sync.com tags.tiqcdn.com
securepubads.g.doubleclick.net
2 pixel.zprk.io tags.tiqcdn.com
www.heraldsun.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 assets.vidora.com www.heraldsun.com.au
assets.vidora.com
2 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 bedsberry.com www.heraldsun.com.au
bedsberry.com
2 news-networkeditorial.s3-ap-southeast-2.amazonaws.com www.heraldsun.com.au
2 news-networkeditorial.s3.ap-southeast-2.amazonaws.com www.heraldsun.com.au
1 csync.loopme.me ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 consumer.krxd.net cdn.krxd.net
1 aa.agkn.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 app.cauly.co.kr 1 redirects
1 gdn.socdm.com bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
1 tr.blismedia.com bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
1 ssbsync.smartadserver.com 1 redirects
1 a.c.appier.net 1 redirects
1 aax-eu.amazon-adsystem.com www.heraldsun.com.au
1 www.linkedin.com 1 redirects
1 analytics.twitter.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 cdn.indexww.com ssum-sec.casalemedia.com
1 invoke.bonzai.co www.heraldsun.com.au
1 stags.bluekai.com 1 redirects
1 js-sec.indexww.com tags.news.com.au
1 api.rlcdn.com tags.news.com.au
1 bid.g.doubleclick.net www.googleadservices.com
1 adservice.google.com.au securepubads.g.doubleclick.net
1 tags.rd.linksynergy.com 1 redirects
1 au-gmtdmp.mookie1.com www.heraldsun.com.au
1 www.googleadservices.com secure-ds.serving-sys.com
1 snap.licdn.com www.heraldsun.com.au
1 static.ads-twitter.com www.heraldsun.com.au
1 check.analytics.rlcdn.com tags.news.com.au
1 bs.serving-sys.com secure-ds.serving-sys.com
1 8828iayzkvjstuhtt6jcely8u8zcy1668828016.nuid.imrworldwide.com www.heraldsun.com.au
1 rm-script.dotmetrics.net www.heraldsun.com.au
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 htlb.casalemedia.com tags.news.com.au
1 bidder.criteo.com tags.news.com.au
1 hbopenbid.pubmatic.com tags.news.com.au
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 edge.adobedc.net cdn1.adoberesources.net
1 tags.bluekai.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 dt.scanscout.com 1 redirects
1 image5.pubmatic.com 1 redirects
1 au.audience.newscgp.com au.tags.newscgp.com
1 ncg.tags.news.com.au au.tags.newscgp.com
1 d.turn.com 1 redirects
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 cdn.jsdelivr.net tags.news.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 t.adx.opera.com www.heraldsun.com.au
1 visitor.omnitagjs.com www.heraldsun.com.au
1 match.taboola.com www.heraldsun.com.au
1 sync-tapi.admatrix.jp 1 redirects
1 e1.emxdgt.com www.heraldsun.com.au
1 rtb-csync.smartadserver.com www.heraldsun.com.au
1 bh.contextweb.com www.heraldsun.com.au
1 jadserve.postrelease.com www.heraldsun.com.au
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 d3div1mtym39ic.cloudfront.net www.heraldsun.com.au
1 cdn1.adoberesources.net tags.tiqcdn.com
1 nebula-cdn.kampyle.com tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 sg-trc-events.taboola.com www.heraldsun.com.au
1 mhr.talk.news.com.au www.heraldsun.com.au
1 images.taboola.com www.heraldsun.com.au
1 use.fontawesome.com cdn.taboola.com
1 edition.pagesuite.com www.heraldsun.com.au
1 origin.go.heraldsun.com.au www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
0 collector.bonzai.co Failed www.heraldsun.com.au
0 cs.chocolateplatform.com Failed bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
0 syd-1-apex.go.sonobi.com Failed tags.news.com.au
581 209
Subject Issuer Validity Valid
news.com.au
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-07-16 -
2023-08-17		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
origin.go.heraldsun.com.au
R3		 2022-11-16 -
2023-02-14		 3 months crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon		 2022-09-21 -
2023-09-05		 a year crt.sh
edition.pagesuite.com
Amazon		 2022-09-17 -
2023-10-15		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
bedsberry.com
R3		 2022-11-15 -
2023-02-13		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-27 -
2023-10-29		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
web.app
GTS CA 1D4		 2022-10-19 -
2023-01-17		 3 months crt.sh
*.vidora.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-28 -
2022-11-26		 3 months crt.sh
au.tags.newscgp.com
Amazon		 2022-01-11 -
2023-02-08		 a year crt.sh
*.zprk.io
Amazon		 2022-10-19 -
2023-11-17		 a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-22 -
2023-03-26		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-29 -
2023-01-27		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
metrics.heraldsun.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-17 -
2023-07-18		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.dotmetrics.net
Amazon		 2022-09-23 -
2023-10-21		 a year crt.sh
secure-ds.serving-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-05 -
2023-03-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
www.newsconnect.com.au
Amazon		 2022-04-09 -
2023-05-08		 a year crt.sh
au.audience.newscgp.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
edge.adobedc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-19 -
2023-11-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
mfad.inskinad.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
ads.playground.xyz
GTS CA 1D4		 2022-10-13 -
2023-01-11		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.nuid.imrworldwide.com
Amazon		 2022-05-12 -
2023-06-10		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
bs.serving-sys.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
analytics.rlcdn.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
bonzai.co
Amazon		 2022-10-28 -
2023-11-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-10 -
2023-02-10		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-10 -
2023-02-10		 a year crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-26 -
2023-10-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
lm.serving-sys.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.bonzai.co
Amazon		 2022-01-25 -
2023-02-23		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-07		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-18 -
2023-04-19		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.bzcdn.co
Amazon		 2022-01-12 -
2023-02-10		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh

This page contains 83 frames:

Primary Page: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Frame ID: 981DCCA49A7D2A74FA95DC96423CFDF2
Requests: 232 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=VeQiimjGDac9x5pmvMM6hfOQQDYxFQGP&nonce=ISkslFHLTfo~ujkJHZ~4C4TmmA3J1_91&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: 9691918812ECA652D0335E1F36EA2EEF
Requests: 3 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/stroerrtb-network/1/rtb-h/?taboola_hm=24fea13f909440d9af96d96f62c9831e
Frame ID: 1689384DF214B88468B8CAB27E3423FA
Requests: 23 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 8C3DC596F30FCCC490369BE940192BE1
Requests: 22 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: DB72288A0A75F0FFFCA076606F92CE41
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=463563&publicationId=heraldsun.com.au
Frame ID: 1EED43C8B1FF5CD0A4F07678DB895B1C
Requests: 13 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5&dcc=t
Frame ID: DD98EF9C9F959B6EAC199BCA8D42B04B
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 1F6FC9D3997FAFDC4BEE6EA9C4F051EF
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 045C4A8BAB3B507E77C73566DE1D8440
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 3B7603704843709ACCAAD5A67F535E21
Requests: 11 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 716900A398FD74BA58E1DDA08A243E8B
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 3AB6290327A5B620FF0058C470F0ECD0
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: 3EA6584F552F078C364AB93E087B3404
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: CA437A20BE0042C7D5F8BDBB9ECFB12A
Requests: 4 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 1A3330993FDF6DC11C663814E05EC555
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 6118C6DCB3DD23459D2ABCA3A9EDD8DC
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPyO-emkufsCFS7AcwEdtF8OOQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2456246492691.7227
Frame ID: 656D44FA5A5EE1A63FF676A39F9A675D
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=COqU-emkufsCFWyd2AUdwEoLjA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4049920485645.826
Frame ID: 43633168CBEB7C9E3A00BD97F6ADD5AD
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 230E96EBD1375DC6A65709E8BA205D33
Requests: 4 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 414C6F2B3C622931DAB3ECAB7CC59EA8
Requests: 4 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1fbac794-a072-4166-a080-d44c7a6c596e&expiration=1671420021&gdpr=0&gdpr_consent=
Frame ID: F919889867F185CFEDBD6B2032803055
Requests: 1 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: B6333D56A33A6B543E8463B0F77F5E68
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
Frame ID: CCBD2493A5BA6DAD9691966CB7AFD212
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&gdpr=0&gdpr_consent=
Frame ID: C2143065B2830F29718050CA7CF94EF0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:79ff6378-4b71-4500-b7b3-2c6b61442a02&gdpr=0&gdpr_consent=
Frame ID: CC8024523584CD1F15BE5C04568E5192
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDB4720C8F-DDC6-447E-B3B7-C00B6CD12D23
Frame ID: 43A163850155B32901EB6FE57679CE91
Requests: 1 HTTP requests in this frame

Frame: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5128BE31468051D7601813D86B9F2BC4
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: CAFD5CC302575FE1CB01DC7A6164E5B3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: EAB00E6C7BC53055AA466DDCCCF854D7
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Frame ID: 89AAB55D59635F4EC5C66AE208A1AD4E
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 891EFF8CDDBAB7FA8618BFD932C95ED0
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4CFA642114419B232C2D5337CA2EE2CE
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4BFCB679D001D64F2BA833606636D6B8
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: 1ED8AC966CFDB86311557F6E25D5B0E4
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: 61174DE24D35754BEA87FAD0681793B1
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CDD88D1891D2639CC09F8E0AFB323114
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7uVsGwdx2peiufrZnBB_j3wCZi6SvLVC_AS5wghm6CfNr8j-i8iBAxZFHwN_aE6xZR_9j4YswdNAdTApqftMttxERBFudGvXe8MshfiVLAZGLZJ7o4HCip5AJO_1_o7gPZ9v0lhvPm2lebvnnWBrjRbvZG_174wyh8mqD7LSlZe3PZ_x5uPzHAJuQNIFs8C-8IuDvw3IeUt5o0np0TYmUY_da--Zl8QK9vVPyyx1R1jw2YSuSKgBr4vnoLiqmr76lxrsGIoyFqcjzg9egsyk3zcn1c66GEHmah1f40_sw2bQf5CfRjwURyiElG3GNlt9rj2FicyVNeaUwCHRyq0Jy&sai=AMfl-YRLv66aSSmyJ7N5aOiSilW6vU7zY7UK3Xc1DR7SCen38UwLTg14bTTpc5TUctPTRdrHLsGWo1fjoMA_WPqsYtFST1ZO5AvY1MR4v0iWSgNxHJ5kkxdxYbU9-1Hn2exn&sig=Cg0ArKJSzLmMnAxZbc6aEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B669745281A23CA817A1825F76FDF1D7
Requests: 28 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuKA8kV7aLREWdWqxrVCxhWed1vaiaf7zNpglp4tD26_pvuAZt8XucUOvjfKh52Ply_UlL5LjXT-rz5ym-keOkspYcKuwN8ATyIT_ujH_mgUa0L1a6ii8SQRRgDaWL3SBef22r2Q7rm5oU_HI6mhQW2tiwiwO4CFHW4ZaKFFMZur4PDVJa2YBMRivF6sBHZgwIQQMLqn1-sCMJaHRXcGJ7xl2wY68cgc4ZRus16w_p0hPNF7qlc3P4xyTaDMztGMqNANb0Afq4In5INudN5S15AW3XvJUBd7PotRBuXfro4ccibkQqS4GZAeDvL0h5gJTWp9H_BgaFxbNgq9tnMu1F&sai=AMfl-YRDgpE9Lk7J9c-X8UpKy_ttIj02LCUyIbontlEpfeIgoEucxPFuJ9llxlxPeA18kEpO7uT5DLHbCQRl6bmLD6mIQpYy_m7KhSHbJ32m_sd7k7qVQo5OjtomJUg4PKSI&sig=Cg0ArKJSzOH-EoZoPHlGEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1A3ACDC814BF9201E007D93B67DE4EE1
Requests: 22 HTTP requests in this frame

Frame: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4F5289A0E047C8883F54F669C744905D
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRJ2YAtRmzfJghBKVp2qHbZy4cQQW8WCp3iOT127xBYMSUvd7dYBwTRE7P6z6FwKjdGKQp1RMCw5Bhfxi45wZUiAqy4qLm-L2k08T9AhOIFoY8v9D3OZFxiqokIDqyBSd4Oz4OlHPvzUxRcagNGZF8Ogv1sBXRIBQidKEBHxL2BBTFfMTlrFBp4sV5Qemmcsg_W8fKpa8cBEVwPesDyNIBOUk_px8BxsYZQbOHDPB_aFZ3LIZcNk6T4qDYZJnIE7o9RSlnVtDG-ap6JfAUK7coSmK8z3zAC3brPC72SoQMF0Zy4ZH22yxJQChLBirICP54qEEqbImBXkLzobKiczxw&sai=AMfl-YSUKBJuDszRlMQUSbAk7SBAHtyXHDZnpZhTxi8NuTTHPdEBHmLPtSG51G5OKVXKHwqq5V1E8AD88Kl_iH9EPWdIBL3ZmWPe_yuUH_64mIDEZKoIt_gPKGHziJ4KlKMI&sig=Cg0ArKJSzJXsnlPgOhtEEAE&uach_m=[UACH]&adurl=
Frame ID: 4755D2692EBF28B83F0540FDC7C4760D
Requests: 8 HTTP requests in this frame

Frame: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6235C87B69A8FE6F3C4A8EC877B2321E
Requests: 18 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: D0FAB0A69FD401A9C6A7D434D11E4CD3
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-KJ5AcbZE2uL7Ug0uOnH0f_gfefKuo3Q-~A&gdpr=0&gdpr_consent=
Frame ID: 59024A21F032B97977F303A09C6D599F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=1fbac794-a072-4166-a080-d44c7a6c596e&google_gid=CAESED9CGU-Kc4k8LiBNbOeDFTE&google_cver=1
Frame ID: 62F3D3566D9A78A55621E9364569DE13
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: C6024F4797ADEAAC8CEFE98166BA5C75
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=1fbac794-a072-4166-a080-d44c7a6c596e&google_gid=CAESED9CGU-Kc4k8LiBNbOeDFTE&google_cver=1
Frame ID: E052796B7CD603F8667417D1BD6F8ACE
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-KJ5AcbZE2uL7Ug0uOnH0f_gfefKuo3Q-~A&gdpr=0&gdpr_consent=
Frame ID: D8016132957699BB41678C93D22F9E48
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7C2ZoCEIfmwZ0CGML0ktQBMAE&v=APEucNW45ZdHSnn3eTZsJP5NCmQjKgEH9t1WiFVaX0I9ZWJWSGlZk1jrOlPNN1Fytb7KTLiGyCDYYKGdhJ6aw6toByyZJyrFMQ
Frame ID: 4CB0F2567AB901B7E302B9E8AA36B3FB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7C2ZoCEIfmwZ0CGK_xktQBMAE&v=APEucNXD-DIuyTvB0kGuTQEpa1kFX0z2zVjMbvrDhs5ZPECEzKHJnSrmNuJbM869gxc2fZpiX4tZonkkuTTOStBcsqG-bXW5Xw
Frame ID: 282FB369D6D414D5F52E870FAD1F2CF4
Requests: 5 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138413026295&pubOrder=3068195175&cb=1525276461&custom=homepage&custom3=168400391&adsafe_par&impId=16442a12-67b9-11ed-a75b-0679fa08ad36
Frame ID: D377BA6CBFD599A7123A312C106F8C32
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6AE93A2C09ACA6B133A451FAB3F0DC88
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EC727D41FCC227DA7FABC40F0E3CF8D9
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C3E334B84B29FA8893F97A3B931291AA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E833C559B2DBD23B9E89AC2B1429FF40
Requests: 9 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138412773756&pubOrder=3068195175&cb=1108170245&custom=homepage&custom3=168400391&adsafe_par&impId=16442a15-67b9-11ed-a75b-0679fa08ad36
Frame ID: 126B583895AB50CABA8B57381C396709
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 16BBA4D278264E08085733E9F9EC8427
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B976287D500AB641F334B0C83E1C5E7F
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hLagAAARhXzQA7&gdpr=0&gdpr_consent=
Frame ID: 5BF9E25CE9E25034C08BF22136E51F91
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xvbdsp9y67t
Frame ID: D70CF34E8245190691333E370B0B2060
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cnUi4nAkIu9pI3TrISU4u3NwceNpJyy5dnWMAlQY
Frame ID: 85E7E5B7F4E201E0229FC0840B1C3503
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=557869551418898506&gdpr=0&gdpr_consent=
Frame ID: 2C36FB05FB62EFF6DE8B8611D792DF07
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: F8CA3B3BF37B7A8FCEA2DA7D00F86C70
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=O3yAKFybQ8Bgjmk6w6vnJ6310aU
Frame ID: 0563D10B2B9795ECB1CFE2AF8E5E9FCB
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8429175054428509462/index.html
Frame ID: 624EE6EBCA1B9281A412964CD01675A9
Requests: 9 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138413026298&pubOrder=3068195175&cb=254077713&custom=homepage&custom3=168400391&adsafe_par&impId=16442a13-67b9-11ed-a75b-0679fa08ad36
Frame ID: 1D5DDBB3E0DF89FB8CAE7BEFEF64CC0E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EA879955075A71398E0980168C701D4B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4795973331100619613/index.html
Frame ID: 1AB4C58159ACB608AE1B650C8AC85B9A
Requests: 9 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=dlg_uEOpC6C1B-otdUt4Yw
Frame ID: 85E8BAA81012ED6991754A6F6581E63D
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 8A53132EAFBEA2319038E02991064EF8
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 6FB13D6FAF18D800D475F9076AFF8D68
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=b8099646608b43bb8210e909025f3e56
Frame ID: 1464AC3A519F2B062DD7A6BA86FD12BF
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23
Frame ID: 3461C1917329D9BCFABADB88C6183AD8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9af9a5e5-3c27-4120-9a90-c0b57ad4b46e-004
Frame ID: B93059832565E44F53D36CBC1D154B3E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:USZ8x5kB1OWep15&gdpr=0&gdpr_consent=
Frame ID: A1A805ED95B183F1BB20488762B310D2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=1abe8abe-67b9-11ed-a73a-2ee288dff49c
Frame ID: 7C7C80840DBF2F0A24BC374ECFC35BA3
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B1FCAF6D84E866B0C0ACBBDAAD6A517F
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 1893499D79C9011E8E5B405C1FFFE663
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 347DD945CDA88CC5D493804FA816366A
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 5B5305A57C04280B92BF3E0BD4D158D9
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: A729082594D24B6037E1CF6909015D43
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A0E167F6646285A420EF1888EDA1058A
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 330352BF0349734CE47AB1E1B6D706F0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5C3DCA0D4C614A8AB9EF97C994B48D9D&gdpr=0&gdpr_consent=
Frame ID: FA74D2F8EE377ACDF841A072C11CD934
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Herald Sun | Breaking News and Headlines from Melbourne and Victoria | Herald Sun

Page URL History Show full URLs

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&166... HTTP 302
    https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

581
Requests

82 %
HTTPS

0 %
IPv6

126
Domains

209
Subdomains

147
IPs

14
Countries

8354 kB
Transfer

16272 kB
Size

227
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1668827994324829732 HTTP 302
    https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1668828001860&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1668828001860&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
Request Chain 98
  • https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Request Chain 104
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=24fea13f909440d9af96d96f62c9831e HTTP 302
  • https://sync.taboola.com/sg/stroerrtb-network/1/rtb-h/?taboola_hm=24fea13f909440d9af96d96f62c9831e
Request Chain 106
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y3hLasCo8YkAACscxfsAAAAA
Request Chain 107
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LAND3X3Y-1A-L80Q
Request Chain 108
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEN8TxzoqqcSMLpMdsgMj7DU&google_cver=1
Request Chain 110
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1
Request Chain 111
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1fbac794-a072-4166-a080-d44c7a6c596e
Request Chain 112
  • https://ce.lijit.com/merge?pid=42&3pid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 116
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4e7d4dad-2529-4774-8853-f67d798557ac
Request Chain 117
  • https://id5-sync.com/s/464/9.gif?puid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F6%2F2.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F6%2F2.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/10/6/2.gif?puid=6416496943234349779&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F5%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F5%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/5/3.gif?puid=2D54C4DDDD464A38&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F4%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F4%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/4/4.gif?puid=0e11d93b-d848-45dd-9911-3ebf4e499df8&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=1fbac794-a072-4166-a080-d44c7a6c596e&ttl=%%TTL%% HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOmxsiuN_zjUdPsHjrdn4VtWbgXmozbvpbwY-IOA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F2%2F6.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/2/6.gif?puid=79ff6378-4b71-4500-b7b3-2c6b61442a02&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/1/7.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/1/7.gif?puid=557869551418898506&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F123%2F0%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/123/0/8.gif?puid=1848de69557-cd9000001085983&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOmxsiuN_zjUdPsHjrdn4VtWbgXmozbvpbwY-IOA
Request Chain 118
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1 HTTP 302
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dbidswitch%26bidswitch%5Fssp%5Fid%3Dtaboola%26uid%2Dset%3D1%26auid%3D HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1&auid=71674732-0ed8-4bc5-8d07-165a6e9111d0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=96&user_id=mDuP-nPazd0-Wg&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=3cab3366-7473-4804-944c-659682ec4039
Request Chain 119
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=40ecc522-b1c4-4ff5-970d-190433732455 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=40ecc522-b1c4-4ff5-970d-190433732455&tbid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&query=taboola_hm%3D40ecc522-b1c4-4ff5-970d-190433732455&isDirect=0
Request Chain 121
  • https://eb2.3lift.com/xuid?mid=7772&xuid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 123
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=O3yAKFybQ8Bgjmk6w6vnJ6310aU
Request Chain 124
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=453&user_id=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3cab3366-7473-4804-944c-659682ec4039&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 126
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=520d2216-dad5-4818-95f2-c7409ac0fb4a
Request Chain 136
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1668828005547 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1668828005547
Request Chain 147
  • https://cm.everesttech.net/cm/dd?d_uuid=22351096293973863592816500108686719027 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3hLagAAARhXzQA7&d_uuid=22351096293973863592816500108686719027
Request Chain 159
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=557869551418898506
Request Chain 160
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=4508445342604819091
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjIzNTEwOTYyOTM5NzM4NjM1OTI4MTY1MDAxMDg2ODY3MTkwMjc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHrpMddrpIozQRSRjig5dkU&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 167
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=1fbac794-a072-4166-a080-d44c7a6c596e
Request Chain 168
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
Request Chain 169
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3hLaa2fgsAZB0xPZIQo1QAA%264757
Request Chain 170
  • https://dt.scanscout.com/ssframework/uid?UIAA=22351096293973863592816500108686719027&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-abbf335a118fa5039abd5dc17c4923c2
Request Chain 172
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=22351096293973863592816500108686719027&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=22351096293973863592816500108686719027&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 173
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=22351096293973863592816500108686719027 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=22351096293973863592816500108686719027
Request Chain 174
  • https://tags.bluekai.com/site/43981?id=22351096293973863592816500108686719027&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 175
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=Y3hLaQAAAJlvngAW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTNoTGFRQUFBSmx2bmdBVw==&_test=Y3hLaQAAAJlvngAW
Request Chain 176
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y3hLaQAAAC5UBQA7
Request Chain 179
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y3hLagAAARhXzQA7 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3hLagAAARhXzQA7&_test=Y3hLagAAARhXzQA7
Request Chain 180
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=Y3hLaQAAAJlvngAW
Request Chain 181
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y3hLaQAAAJlvngAW HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y3hLaQAAAJlvngAW
Request Chain 182
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hLagAAARhXzQA7
Request Chain 183
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3hLagAAARhXzQA7&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3hLagAAARhXzQA7&img=1&__user_check__=1&sync_id=137abd6f-67b9-11ed-b4df-1457a7f90107
Request Chain 184
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3hLagAAARhXzQA7&t=2592000&o=0
Request Chain 185
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1
Request Chain 193
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=463563&publicationId=heraldsun.com.au HTTP 301
  • https://news.google.com/swg/ui/v1/serviceiframe?_=463563&publicationId=heraldsun.com.au
Request Chain 215
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5&dcc=t
Request Chain 248
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2456246492691.7227 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPyO-emkufsCFS7AcwEdtF8OOQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2456246492691.7227
Request Chain 249
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4049920485645.826 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=COqU-emkufsCFWyd2AUdwEoLjA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4049920485645.826
Request Chain 252
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3 HTTP 302
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=1fbac794-a072-4166-a080-d44c7a6c596e&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1fbac794-a072-4166-a080-d44c7a6c596e&expiration=1671420021&gdpr=0&gdpr_consent=
Request Chain 258
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:79ff6378-4b71-4500-b7b3-2c6b61442a02&gdpr=0&gdpr_consent=
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tHIMj93GRH6zt8ALbNEtIw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 261
  • https://idsync.rlcdn.com/420486.gif?partner_uid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEI0NzIwQzhGLUREQzYtNDQ3RS1CM0I3LUMwMEI2Q0QxMkQyMxAAGg0I8pbhmwYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=486595613efefed2af4eb6926271045c7edc936806d424acc7787196578db6a6791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA0ODY1OTU2MTNlZmVmZWQyYWY0ZWI2OTI2MjcxMDQ1YzdlZGM5MzY4MDZkNDI0YWNjNzc4NzE5NjU3OGRiNmE2NzkxNDI2YjU0MTdkY2UyMRAAGgwI85bhmwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA0ODY1OTU2MTNlZmVmZWQyYWY0ZWI2OTI2MjcxMDQ1YzdlZGM5MzY4MDZkNDI0YWNjNzc4NzE5NjU3OGRiNmE2NzkxNDI2YjU0MTdkY2UyMRAAGgwI85bhmwYSBAgCEABCAEoA&google_gid=CAESEKYGUl-M8UhhdeIVHE13J8A&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=e833fca7-a76c-4eb3-a698-31823a7bd91a
Request Chain 262
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=79ff6378-4b71-4500-b7b3-2c6b61442a02
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjQ3MjBDOEYtRERDNi00NDdFLUIzQjctQzAwQjZDRDEyRDIz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBFwG9Kjby0UGyulW60Of_8&google_cver=1
Request Chain 267
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1fbac794-a072-4166-a080-d44c7a6c596e&gdpr=0&gdpr_consent=
Request Chain 284
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=557869551418898506
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3hLaa2fgsAZB0xPZIQo1QAAEpUAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGaEWVTaFEQxYCYq0bb4ZEA&google_cver=1
Request Chain 296
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3hLaa2fgsAZB0xPZIQo1QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
Request Chain 298
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAI9BE7G8JcAACBhVbgCwQ&expiration=1670037620
Request Chain 299
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_63784b7448744&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63784b7448744
Request Chain 300
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=vpiWxSqG-JMAKk57XIgU&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD25TQNFLXQU3RI4WUUTKBJNVTKN2YJFTVK HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD25TQNFLXQU3RI4WUUTKBJNVTKN2YJFTVK HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=vpiWxSqG-JMAKk57XIgU
Request Chain 318
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=557869551418898506
Request Chain 319
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=79ff6378-4b71-4500-b7b3-2c6b61442a02
Request Chain 320
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4508445342604819091
Request Chain 322
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=O3yAKFybQ8Bgjmk6w6vnJ6310aU
Request Chain 323
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_63784b745e964&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63784b745e964
Request Chain 324
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3hLaa2fgsAZB0xPZIQo1QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
Request Chain 326
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1fbac794-a072-4166-a080-d44c7a6c596e&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Request Chain 327
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=1fbac794-a072-4166-a080-d44c7a6c596e&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-KJ5AcbZE2uL7Ug0uOnH0f_gfefKuo3Q-~A&gdpr=0&gdpr_consent=
Request Chain 328
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MWZiYWM3OTQtYTA3Mi00MTY2LWEwODAtZDQ0YzdhNmM1OTZl&gdpr=0&gdpr_consent=&ttd_tdid=1fbac794-a072-4166-a080-d44c7a6c596e HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=1fbac794-a072-4166-a080-d44c7a6c596e&google_gid=CAESED9CGU-Kc4k8LiBNbOeDFTE&google_cver=1
Request Chain 329
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1fbac794-a072-4166-a080-d44c7a6c596e&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Request Chain 330
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MWZiYWM3OTQtYTA3Mi00MTY2LWEwODAtZDQ0YzdhNmM1OTZl&gdpr=0&gdpr_consent=&ttd_tdid=1fbac794-a072-4166-a080-d44c7a6c596e HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=1fbac794-a072-4166-a080-d44c7a6c596e&google_gid=CAESED9CGU-Kc4k8LiBNbOeDFTE&google_cver=1
Request Chain 331
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=1fbac794-a072-4166-a080-d44c7a6c596e&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-KJ5AcbZE2uL7Ug0uOnH0f_gfefKuo3Q-~A&gdpr=0&gdpr_consent=
Request Chain 355
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1668828020059&url=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1668828020059&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1668828020059%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1668828020059&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true&liSync=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f6c3de59-d85c-4cb4-8569-c5a7574356d7 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f6c3de59-d85c-4cb4-8569-c5a7574356d7&_expected_cookie=97d96716428dd83a9162f30fa11d6a46
Request Chain 361
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAND3X3Y-1A-L80Q
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOeCZdANp2xdpowmkWUH_M8&google_cver=1
Request Chain 363
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjM0NWJhNzVkYzI3NGRmZjVhNGE5NWJmOGY4YzcxNWIxM2RkZmM1Ng
Request Chain 364
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ltIIdqByQGGba5q8CyrnLg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ltIIdqByQGGba5q8CyrnLg
Request Chain 366
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Tg00tO8u-_a83oJk7ieKv8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6483728979704233368
Request Chain 368
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFORDNYM1ktMUEtTDgwUQ==
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEPXTi9bnwRXqm5L1FiYFVZE&google_cver=1
Request Chain 371
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=b1E2cVQwcWxyN2M
Request Chain 372
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
Request Chain 373
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3hLaa2fgsAZB0xPZIQo1QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
Request Chain 374
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEPXTi9bnwRXqm5L1FiYFVZE&google_cver=1
Request Chain 375
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=Y01HZVA3QjdUMVE
Request Chain 376
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
Request Chain 377
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3hLaa2fgsAZB0xPZIQo1QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
Request Chain 398
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=ASkJ3FapoSMHDdY3HN2pncQ5lmYMDAqQOuSd1_yZ3D0g_5kiILwwh6-iPgR6NMzUBYoMQUfXO02E07EKzTIjQhmuUna8c_enEmX-&google_gid=CAESEGXVnuXvyTm_eJgCTy0nwRg&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=ASkJ3FapoSMHDdY3HN2pncQ5lmYMDAqQOuSd1_yZ3D0g_5kiILwwh6-iPgR6NMzUBYoMQUfXO02E07EKzTIjQhmuUna8c_enEmX-&google_gid=CAESEGXVnuXvyTm_eJgCTy0nwRg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3FapoSMHDdY3HN2pncQ5lmYMDAqQOuSd1_yZ3D0g_5kiILwwh6-iPgR6NMzUBYoMQUfXO02E07EKzTIjQhmuUna8c_enEmX-&google_hm=AQ6k4SspdTkxks8ADv_jGrk4-cA
Request Chain 399
  • https://a.c.appier.net/gcm?google_gid=CAESEOJimvr8rKEDHbcUbxe07cU&google_cver=1&google_push=ASkJ3FYPPbTuIrotP9cALeeuJC4Q7TYdVBo1PiZ2hnvh2ZzdBBy2Ri9VYjcvnZR9XUD-We2XGHJtNkYpCMLmS44Mr8Y4ygzo-Zk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZGxnX3VFT3BDNkMxQi1vdGRVdDRZdw%3D%3D&google_push=ASkJ3FYPPbTuIrotP9cALeeuJC4Q7TYdVBo1PiZ2hnvh2ZzdBBy2Ri9VYjcvnZR9XUD-We2XGHJtNkYpCMLmS44Mr8Y4ygzo-Zk
Request Chain 400
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIG_KgE2sfKD-eVuhN916sc&google_cver=1&google_push=ASkJ3FYFz6du6KAsPfr4yVAwoFbxydPW81497DXpPb0ZAuO7P3KDn6x_yzuYRiUC_67CDjjRvtdu4DeQn_QlinOxN4GXMb-OQdo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYFz6du6KAsPfr4yVAwoFbxydPW81497DXpPb0ZAuO7P3KDn6x_yzuYRiUC_67CDjjRvtdu4DeQn_QlinOxN4GXMb-OQdo&google_hm=NjQ4MzcyODk3OTcwNDIzMzM2OA%3D%3D
Request Chain 401
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKpxL3hPfw2n58CEF3LX7ds&google_cver=1&google_push=ASkJ3FZtfPO-MpKG5J8ofcJCPg713QSufu9xhaM8zjzQRu5kuSIpGUPyVpM74OAGOUWg2KVxUfRhrasMcINYi9JvMNgs50zK8rKP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FZtfPO-MpKG5J8ofcJCPg713QSufu9xhaM8zjzQRu5kuSIpGUPyVpM74OAGOUWg2KVxUfRhrasMcINYi9JvMNgs50zK8rKP&google_hm=dnBpV3hTcUctSk1BS2s1N1hJZ1U=
Request Chain 402
  • https://cs.media.net/cksync?type=g&google_gid=CAESEMHP5h0mlic_KDIJ63ikocU&google_cver=1&google_push=ASkJ3FYuQYHrT51pj7TnHc6jxDrGsFy3yrjmnikzZNPxk5Gp66GDbtCG2-lBdkO-F9KOft79t_cvrr-0BMzVzEqmIpee1niS6bAM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzExODI5NjIyNjgzNTc0NTAwMFYxMA%3d%3d&mn_hm=MzExODI5NjIyNjgzNTc0NTAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FYuQYHrT51pj7TnHc6jxDrGsFy3yrjmnikzZNPxk5Gp66GDbtCG2-lBdkO-F9KOft79t_cvrr-0BMzVzEqmIpee1niS6bAM&gdpr=&gdpr_consent=
Request Chain 403
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFMJwFrBEhG6wpHU3u_kMnw&google_cver=1&google_push=ASkJ3FbKD8HzSR-JVQoVKtEce5UnaOkl3WUEfkH1qtykxCAy1bbxhkl3NUp5u9kev5LNKeegV4h3fZeDfww8-x-2T4bEgXVeBT0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ASkJ3FbKD8HzSR-JVQoVKtEce5UnaOkl3WUEfkH1qtykxCAy1bbxhkl3NUp5u9kev5LNKeegV4h3fZeDfww8-x-2T4bEgXVeBT0&google_hm=Mzk4NzA0MTI0ODE4OTA4MTYwNw%3D%3D
Request Chain 414
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEBJLqV_1z6iDBNk5zEfw32Y&google_cver=1&google_push=ASkJ3FYuQS0JzSPMnCjuxhGYszequrbZzmSjKFbvPDninWgiWsD7m5eA4sLllYYM_RkWLR6EjWP9-tVFz_bn5r157t7RPO5gZY7AfSrtp7FcizB7NuSZOjBEbo9kQ165iZfYGzpp4hq3Ttq_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WTNoTGFzQ284WWtBQUNzY3hmc0FBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEBJLqV_1z6iDBNk5zEfw32Y&google_cver=1
Request Chain 415
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIUKu3r9ZYkQNwLkYkTlyAc&google_cver=1&google_push=ASkJ3Fbyx1lG5jg6i_lx0spFN3FQgWtPLwp1ISfwzpoLoUzJY07C0jQheiqUNI5ydfGYrXHdL5XD6g1RdtkWRcM0ZEOh6TEa779JEN5ldFfdfQyC3XSM1JzzPTrvlpux7kaOeMcdVoc-e3eU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQxNjQ5Njk0MzIzNDM0OTc3OQ&google_push=ASkJ3Fbyx1lG5jg6i_lx0spFN3FQgWtPLwp1ISfwzpoLoUzJY07C0jQheiqUNI5ydfGYrXHdL5XD6g1RdtkWRcM0ZEOh6TEa779JEN5ldFfdfQyC3XSM1JzzPTrvlpux7kaOeMcdVoc-e3eU
Request Chain 416
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIUKu3r9ZYkQNwLkYkTlyAc&google_cver=1&google_push=ASkJ3FY0RL73J1Tem5WwTvqlHFCisbddf0ZMMBomwvPBtXTIf3ImM96CgRJ51DFS8KCHJivsIEhTtTJ_4QsbmnqK-6JJ_CXxUJkp6iEsiVHdOEg47aovrUUj58m_cQEXw-SZKKt0buvY3wJfMg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQxNjQ5Njk0MzIzNDM0OTc3OQ&google_push=ASkJ3FY0RL73J1Tem5WwTvqlHFCisbddf0ZMMBomwvPBtXTIf3ImM96CgRJ51DFS8KCHJivsIEhTtTJ_4QsbmnqK-6JJ_CXxUJkp6iEsiVHdOEg47aovrUUj58m_cQEXw-SZKKt0buvY3wJfMg
Request Chain 417
  • https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEOHQt24ld_0rDKktjgJ_bIA&google_cver=1&google_push=ASkJ3FYED4NlzFeq6JnnNcdz_STuNBHuStehT9rYKPULM3b5c0YgF4OtLWmv2JRbHgBTCN_1lQpNMKHKh3PCSB8pENrbV0KvX7GXZUmnwJGW-l38t3C1FuIBe3P1lGmQRDhYozByyGD6G5pS HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=ASkJ3FYED4NlzFeq6JnnNcdz_STuNBHuStehT9rYKPULM3b5c0YgF4OtLWmv2JRbHgBTCN_1lQpNMKHKh3PCSB8pENrbV0KvX7GXZUmnwJGW-l38t3C1FuIBe3P1lGmQRDhYozByyGD6G5pS
Request Chain 418
  • https://cs.media.net/cksync?type=g&google_gid=CAESEMHP5h0mlic_KDIJ63ikocU&google_cver=1&google_push=ASkJ3FaajVoN_B9zx-4sn9hBh9lOkWnuzwSb2EwowMDwEQJdi2yp4N4Ht_RUKpK2WT4fu5wJ97aoybJX2lVpNcNb5UBC7J7FlJ3KDGYlXFsjmYzEKxAgdl6YjIfTzO3U-CK6ITlU01WkawlN7Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzExODI5NjIyNjgzNTc1MjAwMFYxMA%3d%3d&mn_hm=MzExODI5NjIyNjgzNTc1MjAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FaajVoN_B9zx-4sn9hBh9lOkWnuzwSb2EwowMDwEQJdi2yp4N4Ht_RUKpK2WT4fu5wJ97aoybJX2lVpNcNb5UBC7J7FlJ3KDGYlXFsjmYzEKxAgdl6YjIfTzO3U-CK6ITlU01WkawlN7Q&gdpr=&gdpr_consent=
Request Chain 432
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hLagAAARhXzQA7&gdpr=0&gdpr_consent=
Request Chain 433
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xvbdsp9y67t
Request Chain 434
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cnUi4nAkIu9pI3TrISU4u3NwceNpJyy5dnWMAlQY
Request Chain 435
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=557869551418898506&gdpr=0&gdpr_consent=
Request Chain 436
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 437
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=O3yAKFybQ8Bgjmk6w6vnJ6310aU
Request Chain 438
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oDR6E01E2uXGZ35oGJGLTap53WWzjgQ-~A&gdpr=0&gdpr_consent=
Request Chain 439
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6416496943234349779
Request Chain 440
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3cab3366-7473-4804-944c-659682ec4039&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10521886487974600733&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=0e11d93b-d848-45dd-9911-3ebf4e499df8&ssp=pubmatic&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10521886487974600733&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=231733304340001964306&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10521886487974600733&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3cab3366-7473-4804-944c-659682ec4039&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 441
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4508445342604819091&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 466
  • https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28611619.347748519;dc_trk_aid=538999851;dc_trk_cid=178895209;ord=1128617417;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28611619.347748519;dc_pre=COm6yuukufsCFWUOtwAdEDEFdA;dc_trk_aid=538999851;dc_trk_cid=178895209;ord=1128617417;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
Request Chain 479
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=dlg_uEOpC6C1B-otdUt4Yw
Request Chain 482
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=b8099646608b43bb8210e909025f3e56
Request Chain 484
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1668828023007 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6687245709 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/1fbac794-a072-4166-a080-d44c7a6c596e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9af9a5e5-3c27-4120-9a90-c0b57ad4b46e-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-9af9a5e5-3c27-4120-9a90-c0b57ad4b46e-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9af9a5e5-3c27-4120-9a90-c0b57ad4b46e-004
Request Chain 485
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:USZ8x5kB1OWep15&gdpr=0&gdpr_consent=
Request Chain 486
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=1abe8abe-67b9-11ed-a73a-2ee288dff49c
Request Chain 488
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&gdpr=0&gdpr_consent=&ct=y
Request Chain 489
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0e11d93b-d848-45dd-9911-3ebf4e499df8%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1fbac794-a072-4166-a080-d44c7a6c596e&ttd_puid=0e11d93b-d848-45dd-9911-3ebf4e499df8%2C
Request Chain 490
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=557869551418898506
Request Chain 491
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=33d1b29053371b3d&is_secure=true&networkId=17100&version=1&nuid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJrVTUrTtctwN1Her-AAAAAAA&expiration=1668914423&nuid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 557
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 559
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5C3DCA0D4C614A8AB9EF97C994B48D9D&gdpr=0&gdpr_consent=

581 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heraldsun.com.au/
Redirect Chain
  • http://www.heraldsun.com.au/
  • https://www.heraldsun.com.au/
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1668827994324829732
  • https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
536 KB
94 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
9f2c555739a5381db81ff8608f59cb3fd19d57d32e896ee9456d76553e04b531
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 03:19:57 GMT
expires
Sat, 19 Nov 2022 03:19:57 GMT
host-header
a9130478a60e5f9135f765b23f26593b
is-https
true
pragma
no-cache
server
nginx
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 548544 0 pmb=mTOE,4
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3d8723608110cc15873df457753e57bc88-1668827996&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=8723608110cc15873df457753e57bc88
x-bpath
OLD
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options
nosniff
x-opw
4
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
nrt1 0 2 9980
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-xss-protection
1

Redirect headers

cache-control
max-age=3297
content-length
154
content-type
text/html
date
Sat, 19 Nov 2022 03:19:56 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1652934576.471666"
location
https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
server
AkamaiNetStorage
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:19:59 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
4VFNVPXJT1D02W0C
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=151218
accept-ranges
bytes
content-length
11472
x-amz-id-2
4uO6i4l63P3DNlB0tW3K2bdAjOLd3xyco9qrYSl7SZSnILDGDrgUyc9FaquYDLsV5es7sIoqweY=
expires
Sun, 20 Nov 2022 21:20:17 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:19:59 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
7H6DNWJR8XFXB459
etag
"ad24be3fafec705de20c00e56afe05ae"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=404514
accept-ranges
bytes
content-length
12052
x-amz-id-2
lHWHL2qpmY04V7fzoJ+nsOIn7dzQf4BfyEJjcP6qNYtp19y7KNQNyCQPrDRXbsXXod83Knp4Rnc=
expires
Wed, 23 Nov 2022 19:41:53 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:19:59 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
3Z0GHM044FR4D820
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=85731
accept-ranges
bytes
content-length
12440
x-amz-id-2
2YrJF17m3YFqg4u+b0bGyR1eyKvaQLDDf4Ev+7Hkwp5R3fsidxJ04Onc1TnT7lN8qvXJyrKX0D8=
expires
Sun, 20 Nov 2022 03:08:50 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:19:59 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
7X7T428JPY46HNHE
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=489180
accept-ranges
bytes
content-length
11372
x-amz-id-2
qUs/d/Ic2YoKrRJT36hdvlaLY6ZbhAp2uy18zKrNVn+7r6E5BdZIXwXl4DVjEM7jV1n3jSbfzG8=
expires
Thu, 24 Nov 2022 19:12:59 GMT
lux.js
cdn.speedcurve.com/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
3ee455138c5a2ac218dfaef865fb6e8131490ad85d6d63492cebc49a2b335c85

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
1781
date
Sat, 19 Nov 2022 03:20:00 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
9858
x-cache
HIT
content-length
7152
x-served-by
cache-syd10150-SYD
last-modified
Sat, 19 Nov 2022 00:35:42 GMT
server
Apache
x-timer
S1668828000.243124,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Nov 2022 00:35:42 GMT
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f948c330c0e25b79dfcb7a2f039dfa3af4ddacdbea9077cbfe722d438f09f5a4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 03:20:01 GMT
date
Sat, 19 Nov 2022 03:20:00 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
958
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 03:15:59 GMT
server
nginx
etag
W/"6369c9ef-879"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b26cf16fceae57ae7d806f7cb4e9f3da3e9c82c1a4c36a3a06c187a962b22334
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 03:20:01 GMT
date
Sat, 19 Nov 2022 03:20:00 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2968
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 03:15:59 GMT
server
nginx
etag
W/"6369c9ef-1dbd"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 03:20:17 GMT
date
Sat, 19 Nov 2022 03:20:16 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1537
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 01:29:16 GMT
server
nginx
etag
W/"6369b0ec-2b9b"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 03:20:17 GMT
date
Sat, 19 Nov 2022 03:20:16 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
6236
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 00:59:47 GMT
server
nginx
etag
W/"6369aa03-7b68"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 03:20:17 GMT
date
Sat, 19 Nov 2022 03:20:16 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
894
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 00:59:47 GMT
server
nginx
etag
W/"6369aa03-b62"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 		239 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2a50c5b694cb8c9add6c3f64eeaad489f022ba77189193f14dde4da22262978

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
8bsW0jMybKyERIZMc96wPl.sYTnxbgTH
content-encoding
gzip
via
1.1 varnish
date
Sat, 19 Nov 2022 03:20:00 GMT
x-amz-request-id
MPSKD5VN9K1C5BE7
age
36
x-cache
HIT
content-length
36089
x-amz-id-2
E7P1V2xxSh5GTptY+8U57+Nj0/EsDbwY3AYGK2YGjwNikJ9m3XJNDqMxldSvke1mzL57Ri5KMEM=
x-served-by
cache-syd10127-SYD
last-modified
Thu, 17 Nov 2022 16:29:16 GMT
server
AmazonS3
x-timer
S1668828000.410317,VS0,VE1
etag
"4d84e2defed968352beb7fa9f3914eb9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
69
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
6f350e2e
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/6f350e2e
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9cd5d42c8875eb8d6fcba62b801117f3fd40d8deca0adba6b41678e08d77fab6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 03:20:00 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Sat, 19 Nov 2022 03:20:00 GMT
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-arrrg4
https://www.heraldsun.com.au/
x-opw
4
content-length
8783
pragma
no-cache
x-bpath
OLD
blaizehappened
true
etag
"30bbc21efaddbd8d1e2f5f5f363b14587a48b2af633855ebef4df2fa1c68ed30"
vary
User-Agent, Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f6f350e2e&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=6f350e2e&session=8723608110cc15873df457753e57bc88
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:19:59 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
K7Q77N69686DWRDS
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=288590
accept-ranges
bytes
content-length
16112
x-amz-id-2
EB7QAIVZ6OIyPK1MBzX5+1sn8EqlGJsU2/7MUbJddtKgZPL2PyetFh+aDSJDBBJnH5R17aAzZL8=
expires
Tue, 22 Nov 2022 11:29:49 GMT
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Mon, 05 Dec 2022 11:29:31 GMT
date
Sat, 19 Nov 2022 03:19:58 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3055
x-rq
sin1 0 2 9980
last-modified
Tue, 18 Oct 2022 08:59:23 GMT
server
nginx
etag
W/"634e6aeb-1f69"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1411773
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:19:59 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
63PJEVSTV4SQC4J6
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=296060
accept-ranges
bytes
content-length
15948
x-amz-id-2
7LWlVawAUmj3Lyb/cmUBmBBNzHixh616MPrdm2RM1ajwfbi3WjHpNF8ar4RGe9KpjuzcIQdYFas=
expires
Tue, 22 Nov 2022 13:34:19 GMT
3325f7e593d005520fe2c516a646a78f
content.api.news/v3/images/bin/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3325f7e593d005520fe2c516a646a78f?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
98abddb65ee0b41c1ebaec4f837afc504de8975050dc0a81d370c1fc4191b543

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:19:58 GMT
last-modified
Sat, 19 Nov 2022 01:02:43 GMT
server
Akamai Image Manager
etag
f5ac4e7dc16665d2d27740c2ace4ebd9-3325f7e593d005520fe2c516a646a78f-650
edge-cache-tag
3325f7e593d005520fe2c516a646a78f
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5175793
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
49028
expires
Wed, 18 Jan 2023 01:03:11 GMT
cbe6d73e914ef5fec2336e5bc458db6a
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/cbe6d73e914ef5fec2336e5bc458db6a?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ec4e9596258110f20801c5d0a1c5956a15c4e8c69d8ca24eb0aac83885ed3007

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:19:58 GMT
last-modified
Fri, 18 Nov 2022 20:00:44 GMT
server
Akamai Image Manager
etag
9bf3bd6409e954547ec5d4f7ded2266d-cbe6d73e914ef5fec2336e5bc458db6a-150
edge-cache-tag
cbe6d73e914ef5fec2336e5bc458db6a
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5157628
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4785
expires
Tue, 17 Jan 2023 20:00:26 GMT
156246071bfc76504bcc2ad44f52f9bf
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/156246071bfc76504bcc2ad44f52f9bf?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
88337d7fa9071989053ff7effabb582fb3dacd3637cbea1b8b3cf652f06a26d3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:00 GMT
edge-cache-tag
156246071bfc76504bcc2ad44f52f9bf
x-akamai-im-skip-dlr
1
content-length
4198
last-modified
Sat, 19 Nov 2022 01:47:23 GMT
server
Akamai Image Server
etag
5adfb01921622b29f1429e0b80706b2f-156246071bfc76504bcc2ad44f52f9bf-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, max-age=1800
x-o
CF
x-akamai-note
original-image
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 19 Nov 2022 03:50:00 GMT
f3ad2343d2ad19b42079a61f0d41dc15
content.api.news/v3/images/bin/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f3ad2343d2ad19b42079a61f0d41dc15?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
548d4dd829439a4c2f766017b751377f3be1a5ea2213f9d4e1447ae5a027cef0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:19:58 GMT
last-modified
Sat, 19 Nov 2022 01:01:13 GMT
server
Akamai Image Manager
etag
32224d56e4fbbe201368fea25251d8f0-f3ad2343d2ad19b42079a61f0d41dc15-150
edge-cache-tag
f3ad2343d2ad19b42079a61f0d41dc15
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5175690
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
1748
expires
Wed, 18 Jan 2023 01:01:28 GMT
692d177e6a96cdd0230a305aea4a29f3
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/692d177e6a96cdd0230a305aea4a29f3?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c9ed73cb1cb030ef97f37d50539840a9de3cf14916a6ee0bbe331c2119161192

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:19:58 GMT
x-check-cacheable
YES
edge-cache-tag
692d177e6a96cdd0230a305aea4a29f3
content-length
3583
last-modified
Sat, 19 Nov 2022 00:24:01 GMT
server
Akamai Image Manager
x-serial
118
etag
24f5385ca628c2cea8f5eed0b765a3d6-692d177e6a96cdd0230a305aea4a29f3-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5173404
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 18 Jan 2023 00:23:22 GMT
509f37d60aae62bff00b09c73ee93c42
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/509f37d60aae62bff00b09c73ee93c42?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
9ffba5fabb4279da3b75965cb391091f1271fa2ad919ae51f998e863ee7d5399

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:19:58 GMT
x-check-cacheable
YES
edge-cache-tag
509f37d60aae62bff00b09c73ee93c42
content-length
5851
last-modified
Sat, 19 Nov 2022 03:13:55 GMT
server
Akamai Image Manager
x-serial
514
etag
e08c7408b92aac457c91c19d6add68e8-509f37d60aae62bff00b09c73ee93c42-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5183625
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 18 Jan 2023 03:13:43 GMT
11e5b2560965f837bcc07ed711dcea5f
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/11e5b2560965f837bcc07ed711dcea5f?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ba924e837f079b6d8c728f19d89127dd52be8f4095971626a85ca54f58450153

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:00 GMT
x-check-cacheable
YES
edge-cache-tag
11e5b2560965f837bcc07ed711dcea5f
content-length
4274
last-modified
Sat, 19 Nov 2022 03:09:07 GMT
server
Akamai Image Manager
x-serial
186
etag
32f15d8aa0093cffb9aa526c3f400942-11e5b2560965f837bcc07ed711dcea5f-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5183308
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 18 Jan 2023 03:08:28 GMT
66e719baaad7148809ddc346fbe1140f
content.api.news/v3/images/bin/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/66e719baaad7148809ddc346fbe1140f?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6d7a5232206bffbd6ed85328c2fbf0b1e8542e54a026a2c9c4c89cf9184ea810

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:19:58 GMT
last-modified
Mon, 14 Nov 2022 23:52:51 GMT
server
Akamai Image Manager
etag
7b76070352d1d887e8605bbdacbf04d1-66e719baaad7148809ddc346fbe1140f-650
edge-cache-tag
66e719baaad7148809ddc346fbe1140f
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4826003
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
53592
expires
Fri, 13 Jan 2023 23:53:21 GMT
3a06536b734902c54a0756403e697cf5
content.api.news/v3/images/bin/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3a06536b734902c54a0756403e697cf5?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
95b455aa0f452d2e4ee5e6f7f8d23f6063b1b4c4d1e6cd2c607692ca99f1e4b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:19:58 GMT
x-check-cacheable
YES
edge-cache-tag
3a06536b734902c54a0756403e697cf5
content-length
62638
last-modified
Sat, 19 Nov 2022 02:26:35 GMT
server
Akamai Image Manager
x-serial
1339
etag
863547b90c55ccf80ae6c2e3b9b3faa3-3a06536b734902c54a0756403e697cf5-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5180715
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 18 Jan 2023 02:25:13 GMT
39660e13b48185db14d88a97f4e17a0d
content.api.news/v3/images/bin/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/39660e13b48185db14d88a97f4e17a0d?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
889879b43a954c6bc9b21d243f89132e7e625e53f86dcec92b6c70bfb6e4b119

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:19:58 GMT
last-modified
Fri, 18 Nov 2022 20:34:24 GMT
server
Akamai Image Manager
etag
412ccf43813f41167dfbd5478357562e-39660e13b48185db14d88a97f4e17a0d-650
edge-cache-tag
39660e13b48185db14d88a97f4e17a0d
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5159605
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
36789
expires
Tue, 17 Jan 2023 20:33:23 GMT
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:01 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
SWNT12DB6ZNXK5WK
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=591827
accept-ranges
bytes
content-length
540
x-amz-id-2
h7K/ZSK7Z3mo4BebhbA5fX0FzPTGOvWcNDQwzgPqUV6v8oOOWlLyl+A5leCJX/IwWbSz6G2os0o=
expires
Fri, 25 Nov 2022 23:43:48 GMT
3039110453_-BOB_Generic_CVP-1.png
origin.go.heraldsun.com.au/wp-content/uploads/2022/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin.go.heraldsun.com.au/wp-content/uploads/2022/09/3039110453_-BOB_Generic_CVP-1.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.122 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9e47ed2c15b82499c44e99168ffcaa05c7a2e15ce8d035a52b2ea9bcef036f7d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:00 GMT
x-rq
syd3 113 149 443
last-modified
Wed, 28 Sep 2022 02:44:57 GMT
server
nginx
etag
"660f834e8f7b259f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10168
expires
Thu, 28 Sep 2023 02:44:57 GMT
rea-logo.png
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/rea-logo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.82 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 03:20:01 GMT
x-amz-version-id
fJFk.rSD7m0my1Uc67iV0dc4uKOxz4yR
Last-Modified
Thu, 09 Sep 2021 21:17:00 GMT
Server
AmazonS3
x-amz-request-id
6KMQYR1KR729F7XN
ETag
"731035d55715734eff2f2a0f9afb31e7"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
28648
x-amz-id-2
KZ0Y6211ZJuDA7IMcpVrPB+5E7kZnfDnlb2wNd5qLmuQty1f1zdIlwDfsD39ISgs+2ZvqogAqJU=
games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.82 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 03:20:01 GMT
x-amz-version-id
mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
6KMS3VDADB2GRRWX
ETag
"2fa79b1c302fa407df95b287a47e01bc"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
4533
x-amz-id-2
wu53vLJoq6f3E0kpGRbiasgUE1CVT3zwOjtzhgzywymhh2bciht2uz/l2BNEVTmEpsKyUwdk7o8=
horoscopes.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/horoscopes.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.82 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 03:20:01 GMT
x-amz-version-id
NaxMYGcYiBqyljIpDSJQNqEzm8yfC62_
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
6KMJ67ED7KY3QXV2
ETag
"e9dc4230a2305a0cb7743e2ade763349"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
9223
x-amz-id-2
HZf2JbGEKqsmgg+QmJmYIxV86cJq6b/4NJe2iYvytGp5vgi80jB6VkXfnJON88u3Pt8y0EXDh4I=
braingains.svg
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/braingains.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.82 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
63919867af3995b5bdf26e6d016d1c020d0a79b7d28ba4f397065826b734f432

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 03:20:01 GMT
x-amz-version-id
BSPbSueNKMvcQ7CCwOmuub6mQNodfiBJ
Last-Modified
Wed, 15 Dec 2021 03:04:45 GMT
Server
AmazonS3
x-amz-request-id
6KMY288YC40A1QEE
ETag
"a5e3e51d1e5816755ebf71f5ea933857"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
17305
x-amz-id-2
fguxXb26iS7kjMXE7e3jVxrkDQdhJ1y4FwFRgrssFobIR6c36LoQjR9sK4ScOwobRBkyD9SxwB0=
get_image.aspx
edition.pagesuite.com/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edition.pagesuite.com/get_image.aspx?pbid=38d72c05-d55e-479e-a6ea-985d57be1901&h=400
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-30.sin2.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3aeab02ed27a6e05e8f77e04ce118c817d88615966aa5c3662dcb0ec13d33c0c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:01 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Fri, 18 Nov 2022 17:13:02 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-amz-cf-pop
SIN2-P1
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
private
x-amz-cf-id
hxEE7Tt-hofKooMi39sqSLArATdNgkRxfSszEP5_nlu5vJprwaoVhg==
heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Mon, 05 Dec 2022 11:28:19 GMT
date
Sat, 19 Nov 2022 03:20:00 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2891
x-rq
sin1 0 2 9980
last-modified
Mon, 26 Sep 2022 08:35:09 GMT
server
nginx
etag
W/"6331643d-1e5e"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1411699
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css?ver=v0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 19 Nov 2022 03:19:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
etag
"3dc8bed9056771d3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Nov 2022 03:19:59 GMT
/
www.heraldsun.com.au/_static/ 		99 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZmYWpiaGJuWkWAK+lIic=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4dac27962abc535e8e0c5707e167d2fe63d16dbfda95ce820c6c8218796d24c1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Sat, 19 Nov 2022 03:19:59 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
100912
x-rq
nrt1 0 2 9980
last-modified
Tue, 15 Nov 2022 19:44:35 GMT
server
nginx
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Sat, 19 Nov 2022 03:20:00 GMT
adblock.js
tags.news.com.au/prod/adblock/ 		102 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
application/x-javascript
date
Sat, 19 Nov 2022 03:20:01 GMT
cache-control
max-age=23473
server
AkamaiNetStorage
etag
"bebf5f8dc74222b04669a0854d13b696:1634099175.124073"
content-length
102
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:01 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
QTKD2FK8G6JBAXZE
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=125523
accept-ranges
bytes
content-length
535
x-amz-id-2
N5hQXRsxV46lWiw3iggR/R0Hq6kbWa8gWdkI70DU7DsNg/sA/WNIiTcqUqAzABhQ7PmMumtC15o=
expires
Sun, 20 Nov 2022 14:12:04 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:01 GMT
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
HBSM65NXW692RVP6
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=487575
accept-ranges
bytes
content-length
586
x-amz-id-2
u7f7Gi68iGJY0DiRegO0fNtiPTUOatAsJ44BUTin/3jhqu4YfC+TUH48SPBNhy8NBinMhmKQtr4=
expires
Thu, 24 Nov 2022 18:46:16 GMT
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
916d8cdfdf06a891561e96a5f6d21ece28f1482ab0b71f905c35c838af24b589
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Sat, 19 Nov 2022 03:20:01 GMT
x-datacenter
gce-asia-east1
etag
"0c19dafda61de7d97388ba568ca9c2c96cef466d83e8ce8e939b5eb70300aa3c"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-p3jq
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
694373797
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
load.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sat, 19 Nov 2022 03:20:01 GMT
x-amz-request-id
DDBTQSS55130GCVV
age
284
x-cache
HIT, HIT
content-length
1123
x-amz-id-2
f3zKj/AEbi27MuaGaGBKPPytq/VFHw4gWsTCW/x0zcGtGuV8iCcRczY16FjVjzIdVQjY5yVfVvw=
x-served-by
cache-lax10664-LGB, cache-syd10171-SYD
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1668828002.613548,VS0,VE0
etag
"1a868d280f9424f5d82876d6cf0c46b9"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
2, 4
impl.20221117-23-RELEASE.js
cdn.taboola.com/libtrc/ 		692 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
aa23ab86a61744f51cc8f2b620d9f5215cd85f76e10f533222f602d0ab31b0e0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
tkSRILgrOqz123pcvhyl_8uLk3IiN6M4
content-encoding
br
via
1.1 varnish
date
Sat, 19 Nov 2022 03:20:01 GMT
x-amz-request-id
GJK1JT1RVH49TV4C
age
11503
x-cache
HIT
content-length
146589
x-amz-id-2
62LFIrF0ZquPMBSSOAKka7RHyTNvpfOVNLy/04vcemUpASWYX2DrYt997LS1o0VTwg9FWya1I48=
x-served-by
cache-syd10127-SYD
last-modified
Thu, 17 Nov 2022 16:06:54 GMT
server
AmazonS3-br
x-timer
S1668828001.258638,VS0,VE0
etag
"2b0faf11038a210925ed7fb54f76478c"
vary
Accept-Encoding
content-type
application/javascript
abp
66
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
8450
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-104.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 11:26:33 GMT
content-encoding
gzip
via
1.1 e25f1b4aa5076f3a6a2551c87259c664.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57211
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
alk689BzLKeHHlh1I7XLd0kzFoPFxkl_-Dpmjl5QDZIjztVWJKxYwQ==
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 03:20:01 GMT
date
Sat, 19 Nov 2022 03:20:00 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
74
x-rq
sin1 0 2 9980
last-modified
Mon, 24 Oct 2022 01:40:30 GMT
server
nginx
etag
"6355ed0e-37"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		277 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Sat, 19 Nov 2022 03:20:01 GMT
server
AkamaiNetStorage
etag
"b4a3b9b58bfcfee5da16aa61754376ea:1658294497.988769"
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=117
is-https
true
x-opw
4
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Sat, 19 Nov 2022 03:21:58 GMT
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4cc955b9c215c5bf97224d3ebd3ce26f85eeb24cd7f337175bef7aebbbaa98b6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 03:20:02 GMT
date
Sat, 19 Nov 2022 03:20:01 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
29738
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 03:15:59 GMT
server
nginx
etag
W/"6369c9ef-180c7"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 03:20:02 GMT
date
Sat, 19 Nov 2022 03:20:01 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2149
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 01:29:16 GMT
server
nginx
etag
W/"6369b0ec-1973"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 19 Nov 2022 03:20:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
etag
"3dc8bed9056771d3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Nov 2022 03:20:00 GMT
amp-story-player-v0.js
cdn.ampproject.org/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
260ae4aaf9a98760302699a24a09df152bc83a5ee937e42ea6320d09037edd80
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 19 Nov 2022 03:20:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16106
x-xss-protection
0
server
sffe
etag
"c1a0ead545e935a8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Nov 2022 03:20:01 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.133.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
AASGY1WFGCJ25Q8S
age
25779580
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Qv9H+kI0p8Rtfg9WjSszEcSb/VSCaTXFWJG6rEB3mRY+y/AazX223ogeLNddQd1T30RcZwNsWPg=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTe0xCH4gUDTVkmO0hnB7yxxBstxB1pxqNRHRyFuGyAoWTgnmg1mVLVzep4rO24X9kzMd9GonhjL8NMn668IFxnN385MThps5aUTe%2FlXiWEN5NxoVrFdNEkU9YVboOxOwCCZtQUp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
76c5cec4a84a8995-SIN
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=03%3A20%3A01.585&lti=deflated&data=%7B%22id%22%3A587%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1668702531097%2C%22vi%22%3A1668828001534%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11929%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A1289.0625%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6791d1bf5e635c220f789d582fef4008fe5feb5ad7c4423419996411e8be01a3

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
121
date
Sat, 19 Nov 2022 03:20:01 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-syd10127-SYD
server
nginx
x-timer
S1668828002.640422,VS0,VE121
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
skeleton.js
static.adsafeprotected.com/ 		17 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-105.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 68e9cf75e80989314f45f964ce8fa084.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
12187143
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
OZTuTyAWgIybohEDzXB8v3TksYvPYaiC_U5V-GxuhwjIZ9sYcxElsA==
pmk-202003261.4.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sat, 19 Nov 2022 03:20:02 GMT
x-amz-request-id
CBJAXHHVTDDK1AH7
age
19156836
x-cache
HIT, HIT
content-length
30954
x-amz-id-2
T+SO3zzAu/vI3ID3zGGjDx2/OWdNCwfDObUAO4AV3bMqhIR2V9jGe9Y4TcERARxY+Vu0wOuMQqY=
x-served-by
cache-sna10723-LGB, cache-syd10171-SYD
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1668828002.359962,VS0,VE0
etag
"b7fcedf037c57085d364b689ca46f32e"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 2378
authorize
login.newscorpaustralia.com/ Frame 9691 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=VeQiimjGDac9x5pmvMM6hfOQQDYxFQGP&nonce=ISkslFHLTfo~ujkJHZ~4C4TmmA3J1_91&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.108.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-108-119.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
6bdf564f11423f37660031ae7e7d1e5a219430c9a1bff7625af77f352c096a9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
76c5ceca9c74a02d-SIN
content-encoding
gzip
content-length
807
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Sat, 19 Nov 2022 03:20:03 GMT
expires
Sat, 19 Nov 2022 03:20:03 GMT
ot-baggage-auth0-request-id
76c5ceca9c74a02d
ot-tracer-sampled
true
ot-tracer-spanid
678d8d8e166edb36
ot-tracer-traceid
4b5fcff51558cfc0
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-00000000000000004b5fcff51558cfc0-678d8d8e166edb36-01
tracestate
auth0-request-id=76c5ceca9c74a02d,auth0=true
vary
Accept-Encoding
x-akamai-transformed
9 540 0 pmb=mTOE,3
x-auth0-requestid
5f3957093692cd7b23e2
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1668828004
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.234 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d79ba1a4549502813b3415628e3df0be408f5d5487651af686d52350fe17367c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:03 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 04:19:23 GMT
server
AkamaiNetStorage
etag
"218670f25e2fc2430d3d2da36738cb1d:1668485963.468113"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1553
expires
Sat, 19 Nov 2022 03:25:03 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		82 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.234 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a411a20ade78048bc2363a9613edadcd9de84994a123f97beae3559e9afa8c79

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:03 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 04:19:23 GMT
server
AkamaiNetStorage
etag
"0be063497424170e30612904f8aba0b0:1668485963.605826"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
21305
expires
Sat, 19 Nov 2022 03:25:03 GMT
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		191 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2f9fe749a15b11e399b3bae73ac9f279898d8f76eee2d9b5a8b93d8515ac9baf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 03:20:04 GMT
date
Sat, 19 Nov 2022 03:20:03 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
45687
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 03:15:59 GMT
server
nginx
etag
W/"6369c9ef-2fc54"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2b09ae712243cfc754c40dd240d9dd011865099fc641225f3f98a6336555f091
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 03:20:04 GMT
date
Sat, 19 Nov 2022 03:20:03 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3398
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 03:15:59 GMT
server
nginx
etag
W/"6369c9ef-215f"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
userx.20221117-23-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20221117-23-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b409c9d8e227cfc9f2dbeb9116f1d49220ad0fcc9d7cddb4a5a7bd9e1c47a891

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
EISiIp21IXxU.6XGZ6DAAU_Wtki08jLO
content-encoding
gzip
via
1.1 varnish
date
Sat, 19 Nov 2022 03:20:03 GMT
x-amz-request-id
3RHSSBDR4Q3CR1Z6
age
62
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
uMxTj/SOOsZojtAsicBFaAek+pZkM64mfBEsM4BpgB8jE9NYFdiaCGJnGIrU1UFJMyx5UJM5Blk=
x-served-by
cache-syd10127-SYD
last-modified
Thu, 17 Nov 2022 16:22:58 GMT
server
AmazonS3
x-timer
S1668828003.347209,VS0,VE0
etag
"829afb793f5113c47df799d1e44b1ee8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
24
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
8
output-onlinepngtools.png
cdn.taboola.com/static/impl/png/ 		433 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/impl/png/output-onlinepngtools.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
AAyhRafOuktzn.f74Q8OqW.nPL5_HaO.
date
Sat, 19 Nov 2022 03:20:03 GMT
via
1.1 varnish
x-amz-request-id
7DASVJ1H3X18PHY6
age
9791
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
433
x-amz-id-2
EdDgsCi1ANPBZkcG+Gks2WKSvDtIMGejcE9k6aQEmf20VndqdcFZ0pEWOHBbO4f65FaaQtA7vcM=
x-served-by
cache-syd10127-SYD
last-modified
Mon, 15 Feb 2021 03:14:25 GMT
server
AmazonS3
x-timer
S1668828003.448670,VS0,VE0
etag
"85ce6ba53f1b4531a8d6ea8389d13cf7"
content-type
image/png
abp
24
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
75
pixel_6f350e2e
www.heraldsun.com.au/akam/13/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_6f350e2e
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/6f350e2e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-bpath
OLD
date
Sat, 19 Nov 2022 03:20:02 GMT
blaizehappened
true
vary
User-Agent
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
is-https
true
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_6f350e2e&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=pixel_6f350e2e&session=8723608110cc15873df457753e57bc88
x-arrrg4
https://www.heraldsun.com.au/
x-opw
4
content-length
0
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
A2-Milk-Thumbnial-3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2022/10/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2022/10/A2-Milk-Thumbnial-3.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1342a285d604d7551ba1b5f3d0f0fbfe73d5e321f541677bf3f20337e9ef8a0c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 19 Nov 2022 03:20:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2022/10/A2-Milk-Thumbnial-3.jpg
age
2670651
edge-cache-tag
433426956979936690204700701730891774576,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
cache-tag
433426956979936690204700701730891774576,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
444
req-referer
https://www.dailytelegraph.com.au/
content-length
7786
x-request-id
bf67cc031f09a570893960e691aab39b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200163-IAD, cache-iad-kcgs7200126-IAD, cache-lga21948-LGA, cache-iad-kjyo7100041-IAD, cache-syd10127-SYD
last-modified
Wed, 19 Oct 2022 01:11:26 GMT
server
nginx
x-timer
S1668828004.568159,VS0,VE0
etag
"27b524bdc8370f15ee87c68ec9af985e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 40, 5
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1668828001860&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20a...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1668828001860&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20...
0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1668828001860&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.33.88.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-104.sin2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:04 GMT
via
1.1 e25f1b4aa5076f3a6a2551c87259c664.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
IW5JD2d63cS6a5jWIAW8KV3S3fEHoV7IxHpP6xibco4QhWMK0MS9bA==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1668828001860&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
date
Sat, 19 Nov 2022 03:20:03 GMT
via
1.1 e25f1b4aa5076f3a6a2551c87259c664.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
content-length
0
x-amz-cf-id
_4lloCCF5TSHHQEckad5emi5hNMdAX9HItnZ2O0wIeb-bXK6n1prpw==
x-cache
Miss from cloudfront
comments-count
mhr.talk.news.com.au/api/v1/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=efe64f4998965400fb8b3f47f89dd2ce,781538ee0235c524bb6f68db29e79f01,6915a17fb3643c6f421233cb98e7b862,976632ff34912a08268367908805b9ce,554020e25db7e4761fbba04d200bb36d,11b4ed11706daf5673f486a3c82e330a,a1ca40b4b4232c10b9f03f46cfbfd1f1,2504187f4bf3417ff08b5f009837f7af,b1d6a0874d3486667bb346794de1215e,86a58292b3810d3f9626145fc880230b,a094c77d5ca00b3dda6985f12384e2ba,11e2431dee0bbf8b492debdba64657c8,83318877f070e6f72a8faae38b5f2288,5874928a035e2f53b02a760f529c6154,889e3eee1ab6c3f9620f73861e7838b6,bce4405752942ae3adf3ca2def6dd65c,c166b96bdd029b274b1ffc203683c91c,645c8981a467da4f809cc04d0df480c5,44f64b9091f621da5a44d3bf58af50ca,48db8ff9b8d78dbcde26c41123ee0ef3,71bf7bdf24b92ac8ca39dfa378e3f725,6865ec652749b2e9b5d966011690b2f4,5ae975b8dd201632c292c66b112af3fa,c45f27993dfe0c275e55733ab8ee853a,0688647d18bb2e5d17f0393eb3359529,8e5cb575fabc4773caf7341aa9d14533,7dbe9eae429024af1d32ff02830af269,47d194a51eb171513e5d7f0b663d0f6c,a642cdf9e14f94a2732753c24567a111,1ab3ee439014961cca8be5ef0f831e33,5edd87fbac14f8babdacdb079007e9b2,5c729186bf99f36e4d814a1519a2839b,d6c13ce32f8c09385b53a2f9c049f7c3,d97ea5c647ba45c0494cdd1b82994daf,4d1ad73ebd9d1fc13e96cf242c06b3e0,585ec78534acd8ce89acf5007f53a242,a018ac2b580c483ecc9a11d1c72267bf,0b589792a91d1bddc2430cc1c7ef375c,171b47e5b33643c0d6aa7d0fc3ae2152,1fc84d3f02c1fb8eb9b9e9664ebc904a
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
9d80eb68d400d9ac11a5d782b5ffd430dcbf9d31e63180f9dee34b9906ccd6f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 19 Nov 2022 03:20:03 GMT
server
nginx/1.20.1
etag
W/"5dd-5HA4Vo3aCWnQzJ0YLrGK76FLXsM"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
8b2f7520-67b8-11ed-9e34-21e6d38acd6e
content-length
859
x-xss-protection
1; mode=block
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
713781b7f655579d6badf43510123e0843cb718c85bb5530c6f1d051da72a133
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Sat, 19 Nov 2022 03:20:02 GMT
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1715
x-rq
nrt1 0 2 9980
server
nginx
vary
User-Agent
allow
GET
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=20
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Sat, 19 Nov 2022 03:20:22 GMT
e03f4d370cb520598be71be83df45242
content.api.news/v3/images/bin/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e03f4d370cb520598be71be83df45242?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2767cb7c637007e5e81a85776f1b44b2eefd7797204a16cb130b46d939806e2b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:02 GMT
last-modified
Thu, 17 Nov 2022 04:36:47 GMT
server
Akamai Image Manager
etag
0a2a522968f38f7ae9e064ac79ff0ea0-e03f4d370cb520598be71be83df45242-150
edge-cache-tag
e03f4d370cb520598be71be83df45242
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5015776
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
11828
expires
Mon, 16 Jan 2023 04:36:18 GMT
e897a4c410a7d782c0a21e76c3cc87be
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e897a4c410a7d782c0a21e76c3cc87be?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
dc540b177e0fcc77484aef49904e1b5696681e49c791ac8bb65f26ad6a6ad4b8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:02 GMT
last-modified
Sat, 12 Nov 2022 09:22:30 GMT
server
Akamai Image Manager
etag
9857d189b8f86ad5df87aa4f01e67209-e897a4c410a7d782c0a21e76c3cc87be-150
edge-cache-tag
e897a4c410a7d782c0a21e76c3cc87be
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4600973
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
6084
expires
Wed, 11 Jan 2023 09:22:55 GMT
ecc8bcbf8ed9218eb76df01199f9c61a
content.api.news/v3/images/bin/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ecc8bcbf8ed9218eb76df01199f9c61a?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
fa4ba7c88c6d4cfd3cc328b83237b60b28965e41471899527a773442c9a6c7fe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:02 GMT
x-check-cacheable
YES
edge-cache-tag
ecc8bcbf8ed9218eb76df01199f9c61a
content-length
2755
last-modified
Mon, 14 Nov 2022 04:44:17 GMT
server
Akamai Image Manager
x-serial
1362
etag
eee2d7f58c7e74ca9302b2043d80afff-ecc8bcbf8ed9218eb76df01199f9c61a-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4574580
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 11 Jan 2023 02:03:02 GMT
a182acac5f0d4f29d2d8ebb57cd7b815
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/a182acac5f0d4f29d2d8ebb57cd7b815?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7a548f3e052a0db47833a7c5e9fdc8bed6df5954abb3642fa5728b77c9dae5eb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:03 GMT
last-modified
Sat, 19 Nov 2022 02:52:33 GMT
server
Akamai Image Manager
etag
ff07d395b30a4cbacfebf9d80343aad4-a182acac5f0d4f29d2d8ebb57cd7b815-150
edge-cache-tag
a182acac5f0d4f29d2d8ebb57cd7b815
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5182474
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4117
expires
Wed, 18 Jan 2023 02:54:37 GMT
f65d5cc1fd7ecde34f82aad5afcd8087
content.api.news/v3/images/bin/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f65d5cc1fd7ecde34f82aad5afcd8087?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
31e373cb7d88e052f79a7b469851adf061f7d88e2f595115e9f01beae1293a05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:03 GMT
x-check-cacheable
YES
edge-cache-tag
f65d5cc1fd7ecde34f82aad5afcd8087
content-length
2523
last-modified
Sat, 19 Nov 2022 02:07:50 GMT
server
Akamai Image Manager
x-serial
510
etag
ae45fee186c94fca6fb2ea195cbadb7e-f65d5cc1fd7ecde34f82aad5afcd8087-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5179720
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 18 Jan 2023 02:08:43 GMT
e429c7e0a916de09861a67e4fbd83a5c
content.api.news/v3/images/bin/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e429c7e0a916de09861a67e4fbd83a5c?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7438942bad8e111238e2c203afb9db7173273bb8c5d50baf74084611369d0e6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:03 GMT
x-check-cacheable
YES
edge-cache-tag
e429c7e0a916de09861a67e4fbd83a5c
content-length
5290
last-modified
Sat, 19 Nov 2022 03:02:51 GMT
server
Akamai Image Manager
x-serial
998
etag
34d7feb3d9c9b4ca9b35d7b325f7c30e-e429c7e0a916de09861a67e4fbd83a5c-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5182960
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 18 Jan 2023 03:02:43 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-104.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:33:18 GMT
content-encoding
gzip
via
1.1 e25f1b4aa5076f3a6a2551c87259c664.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
57213
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
vyFgYDb-eJHdgWI9Yl3LgesRKRm9GIpTa66OL3wZQ8LaaaJvZT6sxA==
social
sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=HK:SG:V&lti=deflated&ri=28475c4820589d83a0f6c076d951c769&sd=v2_2cd26063d6b38474c07b03a98bf1b0cf_10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1_1668828001_1668828001_CIi3jgYQgPNHGP7pme_IMCABKAEwEDiu_QZA8IUQSOaS1wNQlZoCWABgAGiy-ebp3bfByjVwAQ&ui=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&pi=/&wi=873729681997272865&pt=home&vi=1668828001534&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=03%3A20%3A02.493&id=9431&llvl=2&cv=20221117-23-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
bulk
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=HK%3ASG%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
96
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:02 GMT
via
1.1 varnish
x-served-by
cache-syd10127-SYD
server
nginx
x-timer
S1668828003.882146,VS0,VE96
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
v2iyyACQ5ODztVtlF4GLBnyFuCDllWHtXe1n6k_7OrweyOeJ659_7L5y0avpn0obzbFKrYI2j
bedsberry.com/ 		187 B
214 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2iyyACQ5ODztVtlF4GLBnyFuCDllWHtXe1n6k_7OrweyOeJ659_7L5y0avpn0obzbFKrYI2j
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
fd1ce4eff7408ec7bf2cd292912e72029b9a3e293bc641d1275eac09e383876f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 19 Nov 2022 03:20:03 GMT
via
1.1 google
x-buildnumber
694373797
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-spot-p3jq
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 19 Nov 2022 03:20:02 GMT
csp-reports
login.newscorpaustralia.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/csp-reports
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.108.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-108-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/csp-report

Response headers
2721370f
login.newscorpaustralia.com/akam/13/ Frame 9691 		0
0
2Ik5SXnMB
login.newscorpaustralia.com/L2hE9Iup/VHLDoHn/XSyFiIz/zo/aVY1NmXSLOX5/OwoJHgE/D1U/ Frame 9691 		0
0
indies-loader.js
ts2020-indies-client.web.app/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36a1d1c43e402933e481767a31986cd28968a959cd0fcfb614fa1b2da6a8b7cc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
cache-syd10121-SYD
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Sat, 19 Nov 2022 03:20:04 GMT
last-modified
Mon, 14 Nov 2022 00:03:09 GMT
x-timer
S1668828004.173020,VS0,VE0
etag
"cbb3dfd4f549aa029702fc7ca53f4c8dd52daaf8e9559703aa852d3760850ff6-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1470
x-cache-hits
109218
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		257 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.108.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-108-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:04 GMT
content-encoding
gzip
strict-transport-security
max-age=600
last-modified
Tue, 30 Aug 2022 05:33:14 GMT
x-amz-cf-pop
SIN5-C1
etag
"04df6ed36e659404b1589354c5fb8697"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1
accept-ranges
bytes
x-amz-cf-id
hQ4SSN4u1HuPyrnzxD_PPi7w3wIO6zd15torGpCXqaplLjiLRSBpqg==
content-length
66268
mynews-promo.png
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/ 		366 KB
366 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 21:06:00 GMT
date
Sat, 19 Nov 2022 03:20:04 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
373561
x-rq
nrt1 0 2 9980
last-modified
Mon, 26 Sep 2022 08:35:09 GMT
server
nginx
etag
W/"6331643d-5b713"
vary
User-Agent
content-type
image/png
cache-control
max-age=63956
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-8.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:39:20 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
via
1.1 e1fec368f5b53b4a839d0400d00dede6.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
age
31244
x-amz-cf-id
WeXTQZ9-wrZpD28AdhmRDI9To1MkfToWxfgk_Gh19iGJ546vpaQcug==
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16688280038100.615627633758643
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:04 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
833
expires
Sat, 19 Nov 2022 03:20:04 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
application/x-javascript
date
Sat, 19 Nov 2022 03:20:04 GMT
cache-control
max-age=42668
server
AkamaiNetStorage
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=301601274175.4774
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=301601274175.4774?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f149.1e100.net
Software
cafe /
Resource Hash
2097f65b66aa0ebc20b642a8706f35fbc7367147c7bc8f36f855e7e6d4549c5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12629
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.91.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-91-15.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 02:31:23 GMT
content-encoding
gzip
via
1.1 d349739893df3b59b8ea4953ff21a5e8.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:51:11 GMT
server
nginx
x-amz-cf-pop
SIN2-P2
age
2922
etag
W/"62d7517f-1181e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
AuMlKhBr7w-fSS8N8_llwztsk6QxTb1mHa--T5lBScp1OyvO6hOOQw==
expires
Sat, 19 Nov 2022 04:31:23 GMT
metrics.js
tags.news.com.au/prod/metrics/ 		187 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
757066733cc5808a89fa43b99da0148bc8fad6820af900f0ab67d6109ee1af11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:04 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"789aa25e8122305509df6e8b6103f3c6:1666763008.613847"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=9218
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:04 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=41061
content-length
9840
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 19 Nov 2022 03:20:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
IGRCtO2VLypiQ/QsThdgcS8gmyXy9hxbE1cTJRiogYDtqA/dOePkERBHaphmWv5ZGYLXxCH1hpGJCVusHImWTg==
x-fb-trip-id
548340344
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.227.138.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-138-100.bom50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 02:21:59 GMT
Content-Encoding
gzip
Via
1.1 e221dd682c056cf3c41b7522a02aa0a6.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Mar 2022 03:18:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
BOM50-C1
Age
3488
ETag
W/"cd21e4d44772e851dcd7105fef09c01e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600
Connection
keep-alive
X-Amz-Cf-Id
w65hjLiWkrij1hBgfYlvA9zkWW1Yx0Rwm8fgOYl5XdRwDWgI9EXtLQ==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2022-11-19T03%3A20%3A03.833Z&country=au&newsconnectId=&fpid=8723608110cc15873df457753e57bc88
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.58.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-58-51.compute-1.amazonaws.com
Software
/
Resource Hash
f72e831759b7d920e3848cf5df238e6037b9742e1f5de951aa5edf927ddec3f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:06 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2862
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5e1f5e47fcd4c4a4923cf617a5025ac465087f7c99384f3e45121c2b5d6c5e9
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
UMrEOOoRVoPiBBX.XHkgU0Lo2Jl9BQ7R
content-encoding
gzip
via
1.1 varnish
date
Sat, 19 Nov 2022 03:20:05 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
FXZ740X792WN4M9N
age
321431
x-cache
HIT
content-length
520
x-amz-id-2
dyRXwCFfuyLEyiKBxhe0MP6ZJf1JgnDEyhFPm93wlxrhsLFMv2BuMtgZpBGNpvJD3g9O+wO/tuo=
x-served-by
cache-syd10136-SYD
last-modified
Mon, 07 Nov 2022 04:24:13 GMT
server
AmazonS3
x-timer
S1668828006.724858,VS0,VE0
etag
"1e637b4fd7dec49af4390ec7ed24432b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
332054
id5-api.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df51a5301fcae2ec9503d129a2341e80f6d52e9416ff2460c3048947f4f3852a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 10 Nov 2022 09:46:31 GMT
server
cloudflare
x-amz-request-id
7Q9JNWDA0BT0W9RM
age
455
etag
W/"f56ac574619f997d4b0c211e79bcc3af"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
76c5cedbcd8faad8-SYD
x-amz-id-2
yjrgXdQKJQqXZCbHERTilnPN8KflWzKFH+qkooeZHCM8c42Eqr1/AEbxQociievNYSYFDjHrYOqCshjG7L1uMA==
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.65.228.244 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-244.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Sat, 19 Nov 2022 03:20:06 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Fri, 18 Mar 2022 11:22:12 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
20617
expires
Sat, 19 Nov 2022 04:20:06 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
dbed06d37303d9a2f40a4c7c800d2879e8788cbf872d160593a837fcc9d06603

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:05 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a588a197dac6c25da7e9aaae6669b7f8:1666070376.116114"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=52568
content-length
2296
tad.js
tags.news.com.au/prod/tad/ 		109 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0410667774b2bd722b467b963b089b64713a930b990c7a0a7a7235a8dda77ff7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:05 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"c847a65d29a1adf9e2e448b94c4c12c6:1668398295.936066"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=24028
content-length
33818
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
49ffe1baff54e97f4e54b695383d2f114a40fb1886465028824b97d801affd3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27246
x-xss-protection
0
server
sffe
etag
"1396 / 459 of 1000 / last-modified: 1668812924"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Nov 2022 03:20:06 GMT
apstag.js
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain
  • https://c.amazon-adsystem.com/aax2/apstag.js
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
178 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.33.100.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-143.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:01:06 GMT
content-encoding
br
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 20:51:50 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
1142
etag
W/"fa24fe2b94a2fc864b1ec67f32e8db32"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
ivVMaDLpOISsY8eiU89rGwvyGJWtI0eNpk16rMIPq6VzH7QmttHeeQ==

Redirect headers

date
Fri, 18 Nov 2022 23:30:23 GMT
via
1.1 2e665350ce36612d432303ac51dbf21a.cloudfront.net (CloudFront), 1.1 373c716feb96dba95431972bb1105836.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2, HKG54-C1
age
13783
x-cache
Hit from cloudfront
content-type
text/html
location
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length
167
x-amz-cf-id
vCMZIj30FNDPsv-omM8IOS__a5bZV7F-SKaIeYZlIJBhxakhSVTlzQ==
prebid.js
tags.news.com.au/prod/prebid/ 		366 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:06 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a5e55cf5b1d1242200b67a7ae1da6953:1664416072.664196"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=36953
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-4.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1af93a79baedcd0b0141f5ea252e90b09939df173357ac3dbcba632498e5385d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
ClDIgD0zuwLI7F0xhBbpGkCt4wZOjpVN
content-encoding
gzip
via
1.1 c76b6f80cec204bcd24e411dd51125fc.cloudfront.net (CloudFront)
date
Sat, 19 Nov 2022 02:24:22 GMT
last-modified
Thu, 13 Oct 2022 05:35:01 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
3347
x-amz-server-side-encryption
AES256
etag
W/"964c4cc68e0d531d901baf0d73f36918"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
gDhSD74ZOskwTeyEKc6uSP9unxj6owF2NmgzShtePmt_RN6FNFqw9w==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1ad4794a2327551b3b4c89fc345ca763c117d50a001fc64f050dd4ce1ef7ddfc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:07 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"2b9045a036305d0268317898151e53de:1667439593.577923"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=36959
content-length
5801
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c77d9fedc0a692cdb6cfd3f9f2d9ad7e38f17d11d5d860c86bee2357b1f4bec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:07 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 19 Nov 2022 03:12:42 GMT
server
cloudflare
age
445
cf-polished
origSize=5850
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyPb3q9x2fCdj783rfjjnID9e%2BBz5Ftyzng6%2FqdX8dDCwqpWEKgXLGjsW8nloRz5%2BfY1B6GV8h3CseGRWa%2BJzrgzVuci3wvTXEhwXN4XvHOo8LOQSodBs6bKsfMd0PKXKa1d0G9f"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
76c5cee96df8a7f3-SYD
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.234 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:07 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 02:18:16 GMT
server
AkamaiNetStorage
etag
"479ba55551c0a2369f399625b1c2c4ea:1632190696.475182"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
899
expires
Sun, 04 Dec 2022 03:20:07 GMT
/
sync.taboola.com/sg/stroerrtb-network/1/rtb-h/ Frame 1689
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=24fea13f909440d9af96d...
  • https://sync.taboola.com/sg/stroerrtb-network/1/rtb-h/?taboola_hm=24fea13f909440d9af96d96f62c9831e
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stroerrtb-network/1/rtb-h/?taboola_hm=24fea13f909440d9af96d96f62c9831e
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:09 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
424237

Redirect headers

location
https://sync.taboola.com/sg/stroerrtb-network/1/rtb-h/?taboola_hm=24fea13f909440d9af96d96f62c9831e
date
Sat, 19 Nov 2022 03:20:09 GMT
content-length
0
101956
jadserve.postrelease.com/suid/ Frame 1689 		43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.52.67 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-52-67.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:10 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 1689
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y3hLasCo8YkAACscxfsAAAAA
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y3hLasCo8YkAACscxfsAAAAA
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:10 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
424257

Redirect headers

X-SO-Cluster-ID
42
Date
Sat, 19 Nov 2022 03:20:10 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":42,"gdpr":false,"ipv4":"173.245.209.165","key":"Y3hLasCo8YkAACscxfsAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40058"}
X-SO-Key
Y3hLasCo8YkAACscxfsAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40058
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y3hLasCo8YkAACscxfsAAAAA
Cache-Control
private
X-SO-HostName
a-ad40058.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng37.dc4p.scaleout.jp
X-SO-IP
173.245.209.165
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 1689
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LAND3X3Y-1A-L80Q
0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LAND3X3Y-1A-L80Q
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Sat, 19 Nov 2022 03:20:10 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1668828010.416266,VS0,VE94
x-cache
MISS
accept-ranges
bytes
x-served-by
cache-syd10127-SYD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LAND3X3Y-1A-L80Q
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 1689
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEN8TxzoqqcSMLpMdsgMj7DU&google_cver=1
0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEN8TxzoqqcSMLpMdsgMj7DU&google_cver=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Sat, 19 Nov 2022 03:20:10 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1668828010.121198,VS0,VE94
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10127-SYD

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEN8TxzoqqcSMLpMdsgMj7DU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1689 		42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1:$UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 1689
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1
date
Sat, 19 Nov 2022 03:20:10 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
424257
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 1689
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1fbac794-a072-4166-a080-d44c7a6c596e
0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1fbac794-a072-4166-a080-d44c7a6c596e
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Sat, 19 Nov 2022 03:20:10 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1668828010.416705,VS0,VE94
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10127-SYD

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1fbac794-a072-4166-a080-d44c7a6c596e
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
merge
ce.lijit.com/ Frame 1689
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:11 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:10 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 1689 		49 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d97b86c77-8kxs7
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 1689 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:10 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 1689 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.244.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-244-231.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:11 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1689
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4e7d4dad-2529-4774-8853-f67d798557ac
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4e7d4dad-2529-4774-8853-f67d798557ac
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
430214

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:10 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4e7d4dad-2529-4774-8853-f67d798557ac
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
955668
content-length
0
expires
Sat, 19 Nov 2022 00:00:00 GMT
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 1689
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F6%2F2.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F6%2F2.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/10/6/2.gif?puid=6416496943234349779&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F5%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F5%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/5/3.gif?puid=2D54C4DDDD464A38&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F4%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F4%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
  • https://id5-sync.com/c/464/108/4/4.gif?puid=0e11d93b-d848-45dd-9911-3ebf4e499df8&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=1fbac794-a072-4166-a080-d44c7a6c596e&ttl=%%TTL%%
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOmxsiuN_zjUdPsHjrdn4VtWbgXmozbvpbwY-IOA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F2%2F6.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/2/6.gif?puid=79ff6378-4b71-4500-b7b3-2c6b61442a02&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/1/7.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/1/7.gif?puid=557869551418898506&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F123%2F0%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/123/0/8.gif?puid=1848de69557-cd9000001085983&gdpr=0&gdpr_consent=
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOmxsiuN_zjUdPsHjrdn4VtWbgXmozbvpbwY-IOA
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOmxsiuN_zjUdPsHjrdn4VtWbgXmozbvpbwY-IOA
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:20 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
427292

Redirect headers

location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOmxsiuN_zjUdPsHjrdn4VtWbgXmozbvpbwY-IOA
date
Sat, 19 Nov 2022 03:20:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 1689
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dbidswitch%26bidswitch%5Fssp%5Fid%3Dtaboola%26uid%2Dset%3D1%26auid%3D
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1&auid=71674732-0ed8-4bc5-8d07-165a6e9111d0
  • https://x.bidswitch.net/sync?dsp_id=96&user_id=mDuP-nPazd0-Wg&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=3cab3366-7473-4804-944c-659682ec4039
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=3cab3366-7473-4804-944c-659682ec4039
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:16 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
427728

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=3cab3366-7473-4804-944c-659682ec4039
Date
Sat, 19 Nov 2022 03:20:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 1689
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=40ecc522-b1c4-4ff5-970d-190433732455
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=40ecc522-b1c4-4ff5-970d-190433732455&tbid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&query=taboola_hm%3D40ecc522-b1c4-...
0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=40ecc522-b1c4-4ff5-970d-190433732455&tbid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&query=taboola_hm%3D40ecc522-b1c4-4ff5-970d-190433732455&isDirect=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 19 Nov 2022 03:20:13 GMT
via
1.1 varnish
server
nginx
x-timer
S1668828014.756771,VS0,VE130
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10127-SYD

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=40ecc522-b1c4-4ff5-970d-190433732455&tbid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&query=taboola_hm%3D40ecc522-b1c4-4ff5-970d-190433732455&isDirect=0
date
Sat, 19 Nov 2022 03:20:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
428238
sd
u.openx.net/w/1.0/ Frame 1689 		43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 1689
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 19 Nov 2022 03:20:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Sat, 19 Nov 2022 03:20:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame 1689 		49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.168.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-168-124.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:12 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
20
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 1689
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=O3yAKFybQ8Bgjmk6w6vnJ6310aU
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=O3yAKFybQ8Bgjmk6w6vnJ6310aU
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:12 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
429435

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=O3yAKFybQ8Bgjmk6w6vnJ6310aU
Date
Sat, 19 Nov 2022 03:20:12 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 1689
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=453&user_id=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&gdpr=0&gdpr_consent=&us_privacy=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3cab3366-7473-4804-944c-659682ec4039&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3cab3366-7473-4804-944c-659682ec4039&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 03:20:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3cab3366-7473-4804-944c-659682ec4039&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Sat, 19 Nov 2022 03:20:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
t.adx.opera.com/ Frame 1689 		35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:13 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 1689
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=520d2216-dad5-4818-95f2-c7409ac0fb4a
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=520d2216-dad5-4818-95f2-c7409ac0fb4a
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:12 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
429435

Redirect headers

date
Sat, 19 Nov 2022 03:20:12 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=520d2216-dad5-4818-95f2-c7409ac0fb4a
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Sat, 19 Nov 2022 03:20:12 GMT
x-amz-request-id
X0ZYP01DBVFV8BGR
age
3456
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
4Kz0IYrYemcpVmkh7tqXAdNXHjnvoIBG0gj4fKylvZEutp7Kxoecb4kvf6bm3AoltdeGYgepo18=
x-served-by
cache-syd10127-SYD
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1668828012.212801,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
24
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
7038
eid.es5.js
cdn.taboola.com/scripts/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a4fe2266b924e98a73a8ea5a7357f33336079209df75e32b46bb9b3bd749f4d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
ItOUaDH3mvr.RqV2EVGxjh_uxHtuZobH
content-encoding
gzip
via
1.1 varnish
date
Sat, 19 Nov 2022 03:20:12 GMT
x-amz-request-id
0M9DCPFC5D68SFND
age
24886
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5498
x-amz-id-2
s79IFzd23I8/ofvLUJACdnwJHHPf/WW8Hf1tWWDPXnb9g45P10zAzp2qKtu2WYb/Prh1MvU5Ww4=
x-served-by
cache-syd10127-SYD
last-modified
Wed, 01 Jun 2022 11:14:10 GMT
server
AmazonS3
x-timer
S1668828012.312750,VS0,VE0
etag
"e0a372c62b47828b71ca168ba9d2b098"
vary
Accept-Encoding
content-type
application/javascript
abp
24
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
67674
campaigns
resourcesssl.newscdn.com.au/indies/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
private, max-age=1748
content-type
text/html
date
Sat, 19 Nov 2022 03:20:04 GMT
expires
Sat, 19 Nov 2022 03:49:12 GMT
function-execution-id
u45jplcbvvgu
server
Google Frontend
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-cache-hits
0
x-cloud-trace-context
40ebc904d668e18855f4de467fce8a54
x-country-code
SG
x-i
true
x-powered-by
Express
x-served-by
cache-qpg1264-QPG
x-timer
S1668828004.328297,VS0,VE360
campaigns
resourcesssl.newscdn.com.au/indies/ 		896 B
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
e87455ae95f61cfbc0f7cb6fddf160a4359d212caca78f512ce2fe37dded02e0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

x-cache-hits
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Sat, 19 Nov 2022 03:20:05 GMT
x-powered-by
Express
content-length
503
x-served-by
cache-qpg1222-QPG
server
Google Frontend
x-timer
S1668827297.290733,VS0,VE292
etag
W/"380-buHeOXtmZuLHUq6FLZ+ztTi2ZXY"
x-i
true
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
4a9e18a846e66568fffea94da8b9978a
cache-control
private, max-age=1084
function-execution-id
9zvynnwmmq08
accept-ranges
bytes
x-orig-accept-language
en-GB,en;q=0.9,en-US;q=0.8
x-country-code
SG
expires
Sat, 19 Nov 2022 03:38:09 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sat, 19 Nov 2022 03:20:12 GMT
via
1.1 varnish
x-amz-request-id
R49A95MEAARZDWRY
age
14040
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
OwQO4r3NRn2mobB8qX5KI65TenVKTAqHjn3l8Eljsiqz/LERXHRjxQ8w1JWWw1vGRMYpafcYhZ8=
x-served-by
cache-syd10127-SYD
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1668828013.618270,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
24
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1401
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=301601274175.4774?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
39333
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:24:40 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrbLr-KrWg3XyP6o0SeQSnWfG7Ngi5yUXDomahyiUSO5QEybbTbMM3-pmacWjk2vsa8quQHq1gKx875cK6zqL7FLXcKOWVrypYJ__uEO0Up1AynnY2v2zEeyIBcmXkYqk7b2UeOywL-TaMplXR&sai=AMfl-YSYK9ucUikudc9MwxY_sD9S609Ln8pq2tO-1SrTR0vcz8DISikt-kctuh2qu0q_psebeiKxfAhBy7ToLCMC1Q&sig=Cg0ArKJSzK7bqalSgrhwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20221110.78016&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=301601274175.4774?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 03:20:05 GMT
swg.js
news.google.com/swg/js/v1/ 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
sffe /
Resource Hash
c48f224fd876acd5f21e3a5c335be806b2ee912fbf9f705acf8497eba7c503db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 02:38:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2515
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47685
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 23:02:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 03:28:18 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=BXIkjfC0a0eaBoJN9O&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=12492&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=12669&t=Co9S3eC2ryMaDQgp4hBNCrY_DtubOv&V=136&i=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=0&_acct=anon&sn=1&sv=DqwUx5DqAaRyOZwKBBrx4cQYE01k&sd=1&im=062b0732&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.69.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-69-6.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:14 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1668828005547
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1668828005547
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1668828005547
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.33.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-87-56.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c3d4be8d98314556b0fcadcac08fb50d221f58a572f4725ea8ebf0b2b596a6b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0dbc6c16a.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
kOlUqubbRIs=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1564
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v041-08b52b58d.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Vin78CBNRWI=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1668828005547
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-113.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24713e413b9683a29e14f18d8cfe3a6657f2d693c59aa833bc58706f490150c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
yZe_mBEycbwpUE5fJ1U_p7SbrUCQvTT8
content-encoding
gzip
via
1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
date
Sat, 19 Nov 2022 03:04:27 GMT
last-modified
Fri, 18 Nov 2022 23:19:13 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
976
x-amz-server-side-encryption
AES256
etag
W/"c4a50f37b02f511ddc08ff3c6fe94ba2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
jHbC4M1KzBgRyvIYI3lb4nFdGXdpBdIN8ig2VAeriprAgXNxV2zjog==
384959879014125
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/384959879014125?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
c606f8399c7f111a4f6a69475c266f2be87b09c6580501f0ba4cf1e3d90558ab
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 19 Nov 2022 03:20:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86147
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
pvvOhaSs1QbNf9YIXWD6nOKCySrTmRdb37nf2hDaelgFlYoDlFU0Omm0lktF9IZ1nqLm3+0jbZVw0HFXRgX+Zg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=48650d6199dc00b96a759df44c57a120&timewithTz=2022-11-19T03:20:03.833Z&country=au&newsconnectId=&fpid=8723608110cc15873df457753e57bc88
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.58.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-58-51.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:13 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.61.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-61-52.icn54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 15 Nov 2022 10:34:14 GMT
Content-Encoding
gzip
Via
1.1 a267024203a3993fbec6937460fe5e04.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
ICN54-C3
Age
319561
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
riOeKJIEXxTklAwPb8zOwEPEcHL9AM5ix-X-2Z2gStGLhLYF5MSqEA==
validate
assets.vidora.com/v1/ 		0
300 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-8.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 19 Nov 2022 03:20:17 GMT
via
1.1 e1fec368f5b53b4a839d0400d00dede6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
JJyVY68yV66yEMVvIVa2EAuLNCtf-pSZi0eGTt6cbAgyMwDZBvQUkA==
expires
Sat, 19 Nov 2022 03:20:16 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 17:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Nov 2023 17:01:43 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		144 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
x-xss-protection
0
expires
Sat, 19 Nov 2022 03:20:07 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221119
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d394c8474dfabc643e183cc3421642ad0842d0a0c8144bc4c6077de64e6845
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 03:20:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1141
x-jsd-version
1.0.1528
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4544-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-0Yuu8EilQG0pLc40+fWjoPTTtbM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxAiCOoXAwGZHGfXd3h7dp2iMV92wl65C%2BCgWjgkVICcCbaXQeBjYNhf%2FLDtke4fffZadDkf675imxP%2Bs0oSlPnEGjSLB21xyuS%2BvuhRQSXUxeK3bwMWd%2BjYrYLyAo00Oh0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
76c5cee51df2a831-SYD
dest5.html
newscorpau.demdex.net/ Frame 8C3D 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.113.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-113-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-2-v041-0d6168df7.edge-usw2.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
2z347au9TBs=
content-encoding
gzip
date
Sat, 19 Nov 2022 03:20:08 GMT
last-modified
Fri, 28 Oct 2022 11:22:58 GMT
transfer-encoding
chunked
vary
accept-encoding
id
metrics.heraldsun.com.au/ 		48 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=22372258978627638852818895652904085801&ts=1668828007024
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
6a70a882ceb37291af2e03c9d79dae1804ad189f687a6457214ee4df8deddf5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 19 Nov 2022 03:20:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y3hLagAAARhXzQA7&d_uuid=22351096293973863592816500108686719027
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=22351096293973863592816500108686719027
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3hLagAAARhXzQA7&d_uuid=22351096293973863592816500108686719027
0
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3hLagAAARhXzQA7&d_uuid=22351096293973863592816500108686719027
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.33.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-87-56.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-06cc643d6.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
N6skSqS7Tg8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3hLagAAARhXzQA7&d_uuid=22351096293973863592816500108686719027
Date
Sat, 19 Nov 2022 03:20:14 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:08 GMT
server
AkamaiGHost
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=0, no-cache
content-length
65
mime-version
1.0
expires
Sat, 19 Nov 2022 03:20:08 GMT
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=22372258978627638852818895652904085801&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%018723608110cc15873df457753e57bc88%011&ts=1668828007652
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-87-56.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e8d91604cef65d7e471320a24095f909f0f178adf89c7a9fc4889c79ba7a5e26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-2-v041-0a2f189e4.edge-usw2.demdex.com 7 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
82s3y728T+s=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1564
Expires
Thu, 01 Jan 1970 00:00:00 UTC
config
c.amazon-adsystem.com/cdn/prod/ 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.158.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-158-57.hkg54.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 02:52:33 GMT
via
1.1 373c716feb96dba95431972bb1105836.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
HKG54-C1
age
1654
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
mnPUGyQwfb_tqwL1nKYk9dHC-XwWaAk9XK5nCMQ2Zz3FOeQUehoD2A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.158.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-158-57.hkg54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding
gzip
via
1.1 fa763bd4d7fde260f358b4b4d919622c.cloudfront.net (CloudFront)
date
Sat, 19 Nov 2022 03:20:10 GMT
x-amz-cf-pop
HKG54-C1
x-cache
RefreshHit from cloudfront
last-modified
Fri, 18 Nov 2022 03:05:15 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
kHWtQAezFLXrezdUBty8up7V21scwh1ULmJHo6V3pHYTHKYrCHxOzg==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
0e56a77328a7ac0c307fff20cc40b71b466a5798b95f5020e44344f7ed6db0b5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sat, 19 Nov 2022 03:20:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		34 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
ce198c1d3387ca52ac0766c5c62017c1b311c7a399207cf9b897923d0b6d5e38
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sat, 19 Nov 2022 03:20:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
34
vary
Origin
content-type
application/json
door.js
au-script.dotmetrics.net/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13062
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-97.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
a6701a03543baf2e69a514cf69440bf2b8cd8c782c73a9633155edcf62a5966e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:15 GMT
content-encoding
br
via
1.1 2feec21fa6ad8ca419b922ab129d0a2a.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
etag
"13062...216.2022111903"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
t5fKRGhZfjCH_LjXmb-3wmr9HV5lNBJAM_0bDzy9rAtpF79g29Ru_Q==
s12916329117883
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/s12916329117883?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=19%2F10%2F2022%203%3A20%3A7%206%200&cid.&newsnkidcookie.&id=8723608110cc15873df457753e57bc88&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=8723608110cc15873df457753e57bc88&mid=22372258978627638852818895652904085801&aamlh=9&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPreviousValue=3.0&getPercentPageViewed=5.0.1&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D130&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=2%3A20%20PM%7CSaturday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=130&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cnsw%7Csydney%7C-33.88%7C151.22%7Cgmt%2B10%7Cunknown&v79=au&v80=8723608110cc15873df457753e57bc88-00000000000000000000000000000000-1668828004360-362188&v110=2022-11-19%2003%3A19%3A56&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
d278a5e767eb3d527a49d5d227808348c832f931a532d797c58a7d6b5bb1f658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-aam-tid
HEz6ixGQTVU=
date
Sat, 19 Nov 2022 03:20:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
4969
x-xss-protection
1; mode=block
dcs
dcs-prod-usw2-2-v041-0bab58cc9.edge-usw2.demdex.com 5 ms
pragma
no-cache
last-modified
Sun, 20 Nov 2022 03:20:15 GMT
server
jag
etag
3583780874748395520-4619849018242351387
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Fri, 18 Nov 2022 03:20:15 GMT
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		71 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.168.10 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-59-168-10.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e4ce52ad6294cfec05864828f5df3325fc1f6627b957919fa931e94cb95453f8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:16 GMT
content-encoding
gzip
last-modified
Wed, 26 Oct 2022 09:30:14 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P1
etag
W/"4751c0d91e072d7402bb3f4c2846334e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
sx11YeqDCy1B6g3o7qOwz5QtFHz8EEJuACqP1QlP2PJF5uqu1QfXjg==
content-length
21406
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202211150419&cb=1668828007959
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.234 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:15 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Sat, 19 Nov 2022 03:30:15 GMT
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7141b95c3bb7533101c1074d98d7ec2f404a12f29aca043c1ca899d5272084ad

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:15 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 19 Nov 2022 03:12:43 GMT
server
cloudflare
age
452
cf-polished
origSize=46569
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8B%2BUiPjWbydJyvHPywO8hzf3K%2BZuwr11Gd%2BewEUoFBy0BeIruCYkGIPyibp678dxeHgHWOVYNfsnd5hW7FT3o3x73xUmyk78yrzGzNDQHJxeuKr1Uc43n86XtFmLjNJFvzAXDiJQ"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
76c5cf1b6c9ba7f3-SYD
ibs:dpid=358&dpuuid=557869551418898506
dpm.demdex.net/ Frame 8C3D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=557869551418898506
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=557869551418898506
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.33.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-87-56.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-02dcf106d.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
32HA1aoMSpU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:09 GMT
AN-X-Request-Uuid
76f3f8cb-43d3-4222-b0e1-5ad20dc84d5b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=557869551418898506
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=470&dpuuid=4508445342604819091
dpm.demdex.net/ Frame 8C3D
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=4508445342604819091
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4508445342604819091
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.33.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-87-56.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-05dab4ffe.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/xC4Qi1LTWg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4508445342604819091
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:08 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
token
token.rubiconproject.com/ Frame 8C3D 		0
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=6404&puid=22351096293973863592816500108686719027&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.105.150.206 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-105-150-206.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Sat, 19 Nov 2022 03:20:09 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.105.150.206 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-105-150-206.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Sat, 19 Nov 2022 03:20:09 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame DB72 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.227.138.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-138-6.bom50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
3450
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 19 Nov 2022 02:22:53 GMT
ETag
W/"748ca6666533691c2a9fad2f102bc379"
Last-Modified
Mon, 21 Mar 2022 03:18:39 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 d12176382f0e232693c74c911affef90.cloudfront.net (CloudFront)
X-Amz-Cf-Id
BFStmiyZZUspGJknnjWcXMDl37wVx_--ZWrinpDlFw--ipJaWHY8ng==
X-Amz-Cf-Pop
BOM50-C1
X-Cache
Hit from cloudfront
lookuplist
au.audience.newscgp.com/ 		108 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=8723608110cc15873df457753e57bc88&&bust=16688280085360.0902448039479693&errors-in-body=1
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-56.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
1a34f218c2ac3a13453e863b1e7cb0f1a9aa7f88fb78e5f8e8d88953ae00d041

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:09 GMT
via
1.1 60781892a5625d9f8980c3ca1b8660a2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
108
x-amz-cf-id
-nkoKog5039XGGwKDAPfp_3huO7TA_x9FAH-oJ-up_IHZM9h658fxA==
ibs:dpid=771&dpuuid=CAESEHrpMddrpIozQRSRjig5dkU&google_cver=1
dpm.demdex.net/ Frame 8C3D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjIzNTEwOTYyOTM5NzM4NjM1OTI4MTY1MDAxMDg2ODY3MTkwMjc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHrpMddrpIozQRSRjig5dkU&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHrpMddrpIozQRSRjig5dkU&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.33.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-87-56.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0c345fe98.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
zraPF1eORik=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHrpMddrpIozQRSRjig5dkU&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=903&dpuuid=1fbac794-a072-4166-a080-d44c7a6c596e
dpm.demdex.net/ Frame 8C3D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=1fbac794-a072-4166-a080-d44c7a6c596e
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=1fbac794-a072-4166-a080-d44c7a6c596e
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.33.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-87-56.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0db6c28ad.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
txg4k4m2RWs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=1fbac794-a072-4166-a080-d44c7a6c596e
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
189
ibs:dpid=19566&dpuuid=%s
dpm.demdex.net/ Frame 8C3D
Redirect Chain
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.33.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-87-56.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-04a9d94a4.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
+klaLkQCQwA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:09 GMT
server
nginx
etag
"60b842ba-cde"
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
expires
Sat, 19 Nov 2022 03:20:09 GMT
ibs:dpid=23728&dpuuid=Y3hLaa2fgsAZB0xPZIQo1QAA%264757
dpm.demdex.net/ Frame 8C3D
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3hLaa2fgsAZB0xPZIQo1QAA%264757
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3hLaa2fgsAZB0xPZIQo1QAA%264757
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.33.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-87-56.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0ac0bc90f.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
v6C0rNoqSnc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhJhdTze4EOMyaIBgsXYhBmf6rfMROZBQuttanLHn2tJl0HMF7eCisQxxvctRuMO4W1ssu4Fk1I2ZUCt2LMrdhMHLcKEnmiK%2FO4Ig6yIXXDWWgTfWJaYncXRyZI1WjLdIwY7aiD3"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3hLaa2fgsAZB0xPZIQo1QAA%264757
cache-control
no-cache
cf-ray
76c5cef34ebc5539-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
ibs:dpid=30432&dpuuid=CI-abbf335a118fa5039abd5dc17c4923c2
dpm.demdex.net/ Frame 8C3D
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=22351096293973863592816500108686719027&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-abbf335a118fa5039abd5dc17c4923c2
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-abbf335a118fa5039abd5dc17c4923c2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.33.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-87-56.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0e47d093b.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Za5JykCTQpc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-abbf335a118fa5039abd5dc17c4923c2
Date
Sat, 19 Nov 2022 03:20:09 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
701.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
ed5f6cad6327bb10a9daab99892565c78084fb35c1b107891a912493597f54a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 03:20:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 8C3D
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=22351096293973863592816500108686719027&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=22351096293973863592816500108686719027&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.33.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-87-56.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0763fde98.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hiuaGMzBS5s=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
303,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Sat, 19 Nov 2022 03:20:10 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
usermatch.gif
beacon.krxd.net/ Frame 8C3D
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=22351096293973863592816500108686719027
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=22351096293973863592816500108686719027
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=22351096293973863592816500108686719027
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
54.202.29.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-29-137.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n009-pdx-prod.krxd.net
date
Sat, 19 Nov 2022 03:20:11 GMT
cache-control
private, no-cache, no-store
x-request-time
D=38 t=1668828011
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=22351096293973863592816500108686719027
date
Sat, 19 Nov 2022 03:20:10 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a019-ash-prod.krxd.net
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame 8C3D
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=22351096293973863592816500108686719027&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.33.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-87-56.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-07786c86f.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
eLWVgErISAE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Sat, 19 Nov 2022 03:20:10 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pixel
cm.g.doubleclick.net/ Frame 8C3D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTNoTGFRQUFBSmx2bmdBVw==&_test=Y3hLaQAAAJlvngAW
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTNoTGFRQUFBSmx2bmdBVw==&_test=Y3hLaQAAAJlvngAW
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-syd10136-SYD
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:10 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668828010.020190,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTNoTGFRQUFBSmx2bmdBVw==&_test=Y3hLaQAAAJlvngAW
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
btu4jd3a
sync-tm.everesttech.net/ct/upi/pid/ Frame 8C3D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y3hLaQAAAC5UBQA7
85 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y3hLaQAAAC5UBQA7
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
cache-syd10136-SYD
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:10 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
2095
x-timer
S1668828010.018136,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
6404

Redirect headers

x-served-by
cache-syd10136-SYD
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:09 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1668828010.711291,VS0,VE206
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y3hLaQAAAC5UBQA7
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.105.150.206 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-105-150-206.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Sat, 19 Nov 2022 03:20:09 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.105.150.206 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-105-150-206.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Sat, 19 Nov 2022 03:20:09 GMT
Server
nginx
rum
dsum-sec.casalemedia.com/ Frame 8C3D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y3hLagAAARhXzQA7
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3hLagAAARhXzQA7&_test=Y3hLagAAARhXzQA7
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3hLagAAARhXzQA7&_test=Y3hLagAAARhXzQA7
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-syd10136-SYD
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:10 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668828010.297601,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3hLagAAARhXzQA7&_test=Y3hLagAAARhXzQA7
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
setuid
ib.adnxs.com/ Frame 8C3D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=Y3hLaQAAAJlvngAW
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=Y3hLaQAAAJlvngAW
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:10 GMT
AN-X-Request-Uuid
07335e5a-867b-42cf-bbd0-a30a92f248a8
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-syd10136-SYD
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:10 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668828010.121264,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=Y3hLaQAAAJlvngAW
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 8C3D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y3hLaQAAAJlvngAW
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y3hLaQAAAJlvngAW
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y3hLaQAAAJlvngAW
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y3hLaQAAAJlvngAW
date
Sat, 19 Nov 2022 03:20:10 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame 8C3D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hLagAAARhXzQA7
1 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hLagAAARhXzQA7
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 03:20:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-syd10136-SYD
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:10 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668828010.320561,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hLagAAARhXzQA7
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 8C3D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3hLagAAARhXzQA7&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3hLagAAARhXzQA7&img=1&__user_check__=1&sync_id=137abd6f-67b9-11ed-b4df-1457a7f90107
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3hLagAAARhXzQA7&img=1&__user_check__=1&sync_id=137abd6f-67b9-11ed-b4df-1457a7f90107
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
103.71.26.125 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 03:20:11 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
14
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sat, 19 Nov 2022 03:20:11 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=6409&uid=Y3hLagAAARhXzQA7&img=1&__user_check__=1&sync_id=137abd6f-67b9-11ed-b4df-1457a7f90107
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
34
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame 8C3D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3hLagAAARhXzQA7&t=2592000&o=0
43 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3hLagAAARhXzQA7&t=2592000&o=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
157.240.15.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-sin6.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 19:20:11 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
1OQAphVa+OVE8VL7JTFQ1JgODci/NZCzSZyr1H5iaJ6TYsXDslzBoP2SiISLFozqsVydC/Zi17pyHDvoFSrydA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
cache-control
public, max-age=0
expires
Fri, 18 Nov 2022 19:20:11 PST

Redirect headers

x-served-by
cache-syd10136-SYD
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:10 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668828011.505929,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3hLagAAARhXzQA7&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ibs:dpid=147592
dpm.demdex.net/ Frame 8C3D
Redirect Chain
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.33.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-87-56.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-006969832.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
eMDpiCp6RiM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-vcl-time-ms
94
date
Sat, 19 Nov 2022 03:20:10 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1668828011.522426,VS0,VE94
x-cache
MISS
location
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10127-SYD
0
sync.1rx.io/usersync/adobe/ Frame 8C3D 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.45 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:11 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
8.gif
id5-sync.com/i/701/ 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/701/8.gif?id5id=ID5*EsyvxdOfwDKXd2_NBzSaYT769z8uZLzge-oY0YkLarIsKe1BxojoCOqijwCuZuAT&o=api&gdpr_consent=undefined&gdpr=false
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 19 Nov 2022 03:20:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
interact
edge.adobedc.net/ee/v1/ 		727 B
836 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=f92c6f78-8f16-4bdb-8cdd-5d190b0f89b3
Requested by
Host: cdn1.adoberesources.net
URL: https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
1042ba7acf8407e7a93f760a96b5a304ea06140107dee88a3494acc33502388e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Sat, 19 Nov 2022 03:20:10 GMT
content-encoding
deflate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-rate-limit-remaining
599
x-adobe-edge
SGP3;3
x-xss-protection
1; mode=block
x-request-id
f92c6f78-8f16-4bdb-8cdd-5d190b0f89b3
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-konductor
22.11.2:836cd9b5
/
pips.taboola.com/ 		4 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
cache-syd10145-SYD
date
Sat, 19 Nov 2022 03:20:12 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 03:20:13 GMT
cache-control
no-store
server
nginx
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
sffe /
Resource Hash
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 02:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6458
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 19:15:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 03:41:39 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 02:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 03:42:12 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame 1EED
Redirect Chain
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=463563&publicationId=heraldsun.com.au
  • https://news.google.com/swg/ui/v1/serviceiframe?_=463563&publicationId=heraldsun.com.au
25 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=463563&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
ESF /
Resource Hash
ded34b159092aba33a6f9397157be39ce9e270f20153ad71f3ccc474a7540f08
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-4ON2mJCBGJjB3d74kcf-5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-4ON2mJCBGJjB3d74kcf-5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy
same-site
date
Sat, 19 Nov 2022 03:20:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-oYY--uhl9NlapZftcn4w2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
application/binary
cross-origin-resource-policy
same-site
date
Sat, 19 Nov 2022 03:20:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://news.google.com/swg/ui/v1/serviceiframe?_=463563&publicationId=heraldsun.com.au
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
entitlements
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/ 		2 B
524 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="SubscribewithgoogleClientHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
report-to
{"group":"SubscribewithgoogleClientHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientHttp/external"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-113.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
Tw1ZrV6S6M8HrQmSnEoR4BpykB7j_69v
content-encoding
gzip
via
1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
date
Sat, 19 Nov 2022 02:21:11 GMT
x-amz-cf-pop
SIN2-P2
age
3544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 28 Sep 2022 14:09:01 GMT
server
AmazonS3
etag
W/"81a9e2a298d0019660cb2966f0c24748"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
uqJIQv91Sbf6-zKc5PzzXA5ipnJraGPQsghBpHeNiJJAfv4s1lLVBw==
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1668828014305&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1668828014303.1534043097&it=1668828006043&coo=false&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.15.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 19 Nov 2022 03:20:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
trinity.json
syd-1-apex.go.sonobi.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
872 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:14 GMT
AN-X-Request-Uuid
a6e17853-239a-489d-9153-0f85b540df3e
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		407 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=2&alt_size_ids=57%2C68&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=730ecd5a-2b25-451c-a537-9c236231f64c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&slots=1&rand=0.30382225065308166
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
82c6192650ee6f6e456b49639a4d13522009d138b403c54a592d0cde2a30229d

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:15 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
407
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		406 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=2c1a5f4c-9b28-4ec1-b579-be0f6dc41a13&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&slots=1&rand=0.6228556511988546
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
14d9cf30251a36da8a4fa4740b497f250c08499eda252fdd6ca4db49c9c966f3

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:15 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
406
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		384 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=bc9980c9-b69c-4255-8c74-19018828d8ad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&slots=1&rand=0.5819276898644412
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
11cfb4abc85034d465c3e607a55a8378c6d1a9f9e3c178d484d65759e1c6f80b

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:15 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
384
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		386 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=e8e069d5-97cc-4c5a-bf80-821c3777ef4e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&slots=1&rand=0.4833407924570299
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
76617148e1e3e0071f05d0d21ae3339c48d266cc90f29c333d64cdc43fabea32

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:15 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
386
expires
Wed, 17 Sep 1975 21:32:10 GMT
v2
mfad.inskinad.com/api/ 		162 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mfad.inskinad.com/api/v2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.32.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-32-183.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
80064884a1f4b136327da7b4fd39427ab08d2c50da1e06a9cecde33bbeb13abd

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

expires
0
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:15 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"a2-VDqaMWvDsakDoru97OuYpb8tZhU"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
162
x-served-by
bifrost-production-shard001-us-east-1e-i-02c73a2e81b2f673e
prebid
ads.playground.xyz/host-config/ 		0
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/host-config/prebid?v=2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 03:20:15 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
eef8cd4b-b0a3-43d6-b904-4c0334fe979f
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sat, 19 Nov 2022 03:20:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=37603885633
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 03:20:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
cygnus
htlb.casalemedia.com/ 		37 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=277566&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2230a00540dead31d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%3Fpagetype%3Dhomepage%26sec1%3Dhome%26sec2%3D%26sec3%3D%26env%3D%26adl%3Dfalse%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.13.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22313e17992e9b63b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A1800%2C%22h%22%3A1000%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%221800x1000%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%7D%7D%2C%7B%22id%22%3A%22349ab26b3121ea1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%7D%7D%2C%7B%22id%22%3A%2236ba5d8cb765e59%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22320697%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%7D%7D%2C%7B%22id%22%3A%223734b791eb6e30a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22320695%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc3dcc30048d55cf5b3b4bdc53b7e5081b28bb15d3ce73648fbb4e0fc694e2b6

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9D1j4XQV0LidRYJjZFTUSr0mvXwDpOtaRCyzaJvkAjvmnofrQAgSAyCkdu3OVQgIODgpNFy7yVdSX5mmHzezYgRSAlqSKAXjg8%2Bdzqd3c821wt%2Fh8%2F2ImCbuWwtgNv0Af2KUOY99"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76c5cf14dfdfa823-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		101 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&pid=k1HbffnYtsWig&cb=0&ws=1600x1200&v=22.1107.1609&t=4000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x50%22%2C%221000x100%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%2C%221000x150%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-2%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-2%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.248.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-248-101.sin52.r.cloudfront.net
Software
Server /
Resource Hash
e8e27390a3f66b6511e34535dc56f9210ea24928edbe56ac0a6c007024f0ac85

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:14 GMT
via
1.1 2ba2ffa46f6a4bf7dd5bd07c9a0879ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
101
x-amz-cf-id
27RcW7EAu_gwLBWtQ80puAqE43eqhAO7u_hwV9P2Z33DZb4ggsB9Yg==
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 1EED 		0
25 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3UU0kqaWJObYYhGa4QbJdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=463563&publicationId=heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 19 Nov 2022 03:20:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-3UU0kqaWJObYYhGa4QbJdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ Frame 1EED 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=463563&publicationId=heraldsun.com.au
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
sffe /
Resource Hash
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 02:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6458
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 19:15:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 03:41:39 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=Microdata&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1668828014817&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22meta%3Adescription%22%3A%22News%20and%20Breaking%20News%20-%20Headlines%20Online%20including%20Latest%20News%20from%20Australia%20and%20the%20World.%20Read%20more%20News%20Headlines%20and%20Breaking%20News%20Stories%20at%20Herald%20Sun%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Herald%20Sun%22%2C%22%40id%22%3A%22heraldsun.com.au%22%7D%2C%22isAccessibleForFree%22%3A%22True%22%2C%22isPartOf%22%3A%7B%22%40type%22%3A%5B%22CreativeWork%22%2C%22Product%22%5D%2C%22name%22%3A%22Herald%20Sun%22%2C%22productID%22%3A%22heraldsun.com.au%3Adigital%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.2.1668828014303.1534043097&it=1668828006043&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.15.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 19 Nov 2022 03:20:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABX... Frame 1EED 		177 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=463563&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
b4bd3b89146811d4168bfe525a981f93d27621b3add12e3836507b9b26e64a52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:42:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63543
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 03:52:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:42:58 GMT
pub
pixel.adsafeprotected.com/services/ 		652 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=317eff79-c58e-8242-a9df-e68200469b67&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.49.143 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-49-143.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6f4f784115d19960a7381a4cb6e5e143151b0ca1098aa4bdc87aa5b9cc453e56

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:15 GMT
server
nginx
x-server-name
app01.sg.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1EED 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=463563&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 10:55:16 GMT
x-content-type-options
nosniff
age
145499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 10:55:16 GMT
iu3
s.amazon-adsystem.com/ Frame DD98
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5&dcc=t
271 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
76d3d3afe9155d36343ffcfd2944db155511b33ac954cd529b13bc8e30fa0d2e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
271
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 19 Nov 2022 03:20:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0F1K4BVPEH10J6K8KD9V

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 19 Nov 2022 03:20:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
SQ2A7P4PJW2BN078WWAA
hit.gif
au-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1668828015400&pvs=1&pvid=1fba76a7-d060-4d08-ad84-ce5f47d61c48&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-97.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:16 GMT
dotmetrics-hit-status
01 OK
via
1.1 2feec21fa6ad8ca419b922ab129d0a2a.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
td1E7KEJltNAqH8SpwOBm6x8DTIOI1-e20ZTbKF-YffgTxEfOlQjIQ==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1668828015400&pvs=1&pvid=1fba76a7-d060-4d08-ad84-ce5f47d61c48&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-99.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:52:48 GMT
via
1.1 bf928fe3a859cf8cab4cd81be24e61de.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 10:59:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
23249
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
cGkEitfJrkd5yCYqE58ItXADFvugujTwgjzs4BxGxzD5V082UcKfNA==
script.js
au-script.dotmetrics.net/Scripts/ 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=216
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13062
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-97.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
2f323c23ab941c9e378e9d2152511d980d7a88ead0645133a98ecfe2027bbf61

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:16 GMT
content-encoding
br
via
1.1 2feec21fa6ad8ca419b922ab129d0a2a.cloudfront.net (CloudFront)
last-modified
Wed, 16 Nov 2022 21:34:39 GMT
server
Kestrel
x-amz-cf-pop
SIN2-C1
etag
"1d8fa033b0c7c86"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
cYqH5V0zoGmELoYPcM-E8R5dXRFj0fax02wkNruhsmofesLntKoVMw==
m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ZT_YJdSPgzE.L... Frame 1EED 		135 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ZT_YJdSPgzE.L.B1.O/am=JgMABA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI62EJXJ0_yV0gNE7fl0Gu5fDJ-9OQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
f6119043c5e00b7e1c5316e5aa030fee8c6a98501427ca196cca517d3cb1763e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:42:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46280
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 03:52:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:42:58 GMT
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 1F6F 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-113.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
2206
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sat, 19 Nov 2022 02:43:30 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 28 Sep 2022 14:09:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
x-amz-cf-id
xRAEy8WtBSdny5RpeqScouf_q0udl6QYOzZQQX0hPZoS4n4CTTWHmA==
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
kefD87rpNa3sUBHNjAEOkjjRzic54A4V
x-cache
Hit from cloudfront
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ZT_YJdSPgzE.L... Frame 1EED 		1 KB
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ZT_YJdSPgzE.L.B1.O/am=JgMABA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI62EJXJ0_yV0gNE7fl0Gu5fDJ-9OQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
ba8c3058c6d474be354158989412b2ded878b66af54256ac5bc39a8b76e381d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:42:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
713
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 03:52:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:42:58 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 1EED 		584 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=2725045302583461619&bl=boq_subscribewithgoogleclientserver_20221116.06_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=12017&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
ESF /
Resource Hash
e9d85de9f99c2af1b8da3f69f46093022f9194b38ee8e11db9da75aed0d22ffa
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 19 Nov 2022 03:20:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.168.10 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-59-168-10.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
l9D1IqPRm1y4Lw22.2rGXeIk3RrovmWM
content-encoding
gzip
date
Sat, 19 Nov 2022 03:20:17 GMT
last-modified
Fri, 11 Nov 2022 05:56:39 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
etag
"189bff3ecbc5fc21ff53bd3b46f8ee8b"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=464
accept-ranges
bytes
x-amz-cf-id
xDOFvh5P_944RazjtCnWSAgtfDlBVCQDA2Ix3nCX2FesgqNv6LVGkg==
content-length
1284
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 1F6F 		44 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=8828iayzkvjstuhtt6jcely8u8zcy1668828016&c16=sdkv,bj.6.0.0&uoo=&fp_id=ctyu9nv6krllhs4ykz4ynrhxyu0f71668828016&fp_cr_tm=1668828016287&fp_acc_tm=1668828016287&fp_emm_tm=1668828016287&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.213.124 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-213-124.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:17 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
8828iayzkvjstuhtt6jcely8u8zcy1668828016.nuid.imrworldwide.com/ Frame 1F6F 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8828iayzkvjstuhtt6jcely8u8zcy1668828016.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-117.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 14:37:57 GMT
via
1.1 998b911809b5181544e60111e0bda762.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
45741
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
43k2e-L_hlCUCepW4mAw6gXNzK85ntiV7g5BF9Wc5DYJaTlvYku3yw==
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ZT_YJdSPgzE.L... Frame 1EED 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ZT_YJdSPgzE.L.B1.O/am=JgMABA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI62EJXJ0_yV0gNE7fl0Gu5fDJ-9OQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
c7935fa059e0e8b123b5670156ab7009349ab76c129a4f7a9427c9b37d0d9661
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:42:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7246
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 03:52:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:42:58 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Nov 2022 03:20:17 GMT
log
play.google.com/ Frame 1EED 		131 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f101.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 19 Nov 2022 03:20:17 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 19 Nov 2022 03:20:17 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f101.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 19 Nov 2022 03:20:17 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1EED 		131 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f101.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 19 Nov 2022 03:20:17 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 19 Nov 2022 03:20:17 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f101.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 19 Nov 2022 03:20:17 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1EED 		131 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f101.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 19 Nov 2022 03:20:17 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 19 Nov 2022 03:20:17 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f101.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 19 Nov 2022 03:20:17 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1EED 		131 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f101.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 19 Nov 2022 03:20:17 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 19 Nov 2022 03:20:17 GMT
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMwNjIsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS8iLCJydXJsIjoiIiwicHZpZCI6IjFmYmE3NmE3LWQwNjAtNGQwOC1hZDg0LWNlNWY0N2Q2MWM0OCIsInR6T2Zmc2V0IjowLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1668828016772
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-97.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
c6146baa9b73b9a6ae5926e7992ae2fde51d643f8c499cc43a329735e58312be

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:16 GMT
content-encoding
br
via
1.1 2feec21fa6ad8ca419b922ab129d0a2a.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
xejGgADP4XfA4uNd-7D4Q501mwwUz9p7b-2cgfVubTnZ5QsP7tJ9kA==
pr
s.amazon-adsystem.com/v3/ Frame 045C 		484 B
940 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
df463fc1704f5c3a92715f0a09f98a15be3d8aaa8305960f25652d59e4f2a5b7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
484
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 19 Nov 2022 03:20:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
YEHRCZ25CETB6MA5VSS3
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3B76 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=22629
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 03:20:17 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 19 Nov 2022 09:37:26 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
Serving
bs.serving-sys.com/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=3196844273774520564&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D2542222213928204765$$&ns=0&rnd=9874935436556747&uinadv=%7B%7D
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.41.66 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-41-66.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9f2be0b1b140f38349c1a9f5aa5f6fc61aed42e9360d137bc6bb0fc864cadff4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:18 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
2468
expires
Sun, 05-Jun-2005 22:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3B76 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63082705&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
05505732b9e8d6da41cc85e9247e1771de4a36edc477414f7e9de726a27d1c6b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 19 Nov 2022 03:20:18 GMT
content-length
1652
content-type
text/html; charset=UTF-8
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Nov 2022 03:20:18 GMT
13726
check.analytics.rlcdn.com/check/ 		25 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-73.sin2.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 03:20:18 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
x-amzn-trace-id
Root=1-63784b72-364d44117331289b44dfdcaa
x-amzn-requestid
31a72d5d-9808-4a0b-8cfc-c9561bd0330d
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
b1C56ERbDoEFTAw=
content-length
25
x-amz-cf-id
JfavYhFIWH6jlN1ddHDD1EmpMLyPlZlt84a6WrdyScy95yGasC-cwg==
up_loader.1.1.0.js
js.adsrvr.org/ Frame 7169 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 00:02:04 GMT
Content-Encoding
gzip
Via
1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
11895
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
4bZ2cIiBSlE_arHWNxXZss_0Po1y-L8IPzyXXkCDsB6oeDBf8kqjzA==
uwt.js
static.ads-twitter.com/ Frame 3AB6 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.44.157 Singapore, Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:19 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 15:55:14 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100040-IAD, cache-qpg1257-QPG
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 3EA6 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.167 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-167.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:19 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 18:52:45 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=47324
accept-ranges
bytes
content-length
4581
js
www.googletagmanager.com/gtag/ Frame CA43 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d33fa6d1df85087a74ecb1ab62953dd953c276867824a7d6398d1f5bbfedb4d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53039
x-xss-protection
0
last-modified
Sat, 19 Nov 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 19 Nov 2022 03:20:19 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 1A33 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 00:02:04 GMT
Content-Encoding
gzip
Via
1.1 934dd0fb722aa582f1b4a3cdae35b12c.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
11895
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
6xNge36S8mhrZB9WhudExQyoTFnF7P28eSv7bdrGcL9jx6qRp5GY3w==
pixie.js
acdn.adnxs.com/dmp/up/ Frame 6118 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
Fri, 01 Oct 2021 05:45:37 GMT
Date
Sat, 19 Nov 2022 03:20:19 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
76851
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21930-LGA, cache-syd10127-SYD
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1668828019.492377,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
21, 11357
activityi;dc_pre=CPyO-emkufsCFS7AcwEdtF8OOQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2456246492691.7227
8228261.fls.doubleclick.net/ Frame 656D
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2456246492691.7227?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPyO-emkufsCFS7AcwEdtF8OOQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=245624649269...
403 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPyO-emkufsCFS7AcwEdtF8OOQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2456246492691.7227?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
cafe /
Resource Hash
ba6b2969ea261b2e4766b17fe567522e17fc835c5fab2034b196f8975674cacc
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
225
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 03:20:19 GMT
expires
Sat, 19 Nov 2022 03:20:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 03:20:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPyO-emkufsCFS7AcwEdtF8OOQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2456246492691.7227?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=COqU-emkufsCFWyd2AUdwEoLjA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4049920485645.826
8228261.fls.doubleclick.net/ Frame 4363
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4049920485645.826?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=COqU-emkufsCFWyd2AUdwEoLjA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=404992048564...
402 B
292 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=COqU-emkufsCFWyd2AUdwEoLjA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4049920485645.826?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
cafe /
Resource Hash
52bbf512b60fd2daf3567636b2bc83a87eabe61a3531eb7a12007ab1f7b5c55d
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
223
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 03:20:19 GMT
expires
Sat, 19 Nov 2022 03:20:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 03:20:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=COqU-emkufsCFWyd2AUdwEoLjA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4049920485645.826?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame 230E 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
b9f6a182e0ccc9529f1e1126e07608fd29dc697744ca3064e6d7f1d1c9310229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53040
x-xss-protection
0
last-modified
Sat, 19 Nov 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 19 Nov 2022 03:20:21 GMT
conversion.js
www.googleadservices.com/pagead/ Frame 414C 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
103a71dbc1e335cc7bcb983086a8fc6ff522fc13bb72ce004c117368639be1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16828
x-xss-protection
0
server
cafe
etag
17844902292435702305
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 19 Nov 2022 03:20:18 GMT
rum
dsum-sec.casalemedia.com/ Frame F919
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=1fbac794-a072-4166-a080-d44c7a6c596e&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1fbac794-a072-4166-a080-d44c7a6c596e&expiration=1671420021&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1fbac794-a072-4166-a080-d44c7a6c596e&expiration=1671420021&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1fbac794-a072-4166-a080-d44c7a6c596e&expiration=1671420021&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
activity
au-gmtdmp.mookie1.com/t/v2/ Frame B633 		43 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.202.227.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
px
secure.adnxs.com/ Frame CCBD 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:21 GMT
AN-X-Request-Uuid
bc35a312-7229-444b-a89b-d27521b49671
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:21 GMT
AN-X-Request-Uuid
9c36dff3-94d9-476a-a7bf-b64d176fa33f
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:21 GMT
AN-X-Request-Uuid
ddfb29c5-453a-4ff4-a418-e5b07460fa57
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame C214 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 19 Nov 2022 03:20:18 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame CC80
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:79ff6378-4b71-4500-b7b3-2c6b61442a02&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:79ff6378-4b71-4500-b7b3-2c6b61442a02&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 19 Nov 2022 03:20:18 GMT
Expires
Sat, 19 Nov 2022 03:20:17 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 169 32252b7 master nrt-pixel-x10 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:79ff6378-4b71-4500-b7b3-2c6b61442a02&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 43A1 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDB4720C8F-DDC6-447E-B3B7-C00B6CD12D23
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 19 Nov 2022 03:20:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
Q1WMEBNCM363YHVVBB8M
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3B76
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tHIMj93GRH6zt8ALbNEtIw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:18 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=22628
accept-ranges
bytes
content-length
5549
expires
Sat, 19 Nov 2022 09:37:26 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 3B76
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEI0NzIwQzhGLUREQzYtNDQ3RS1CM0I3LUMwMEI2Q0QxMkQyMxAAGg0I8pbhmwYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=486595613efefed2af4eb6926271045c7edc936806d424acc7787196578db6a6791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA0ODY1OTU2MTNlZmVmZWQyYWY0ZWI2OTI2MjcxMDQ1YzdlZGM5MzY4MDZkNDI0YWNjNzc4NzE5NjU3OGRiNmE2NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA0ODY1OTU2MTNlZmVmZWQyYWY0ZWI2OTI2MjcxMDQ1YzdlZGM5MzY4MDZkNDI0YWNjNzc4NzE5NjU3OGRiNmE2NzkxNDI2YjU0MTdkY2UyMRAAGgwI85bhmwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=e833fca7-a76c-4eb3-a698-31823a7bd91a
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=e833fca7-a76c-4eb3-a698-31823a7bd91a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:21 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=e833fca7-a76c-4eb3-a698-31823a7bd91a
date
Sat, 19 Nov 2022 03:20:20 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 3B76
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=79ff6378-4b71-4500-b7b3-2c6b61442a02
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=79ff6378-4b71-4500-b7b3-2c6b61442a02
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 19 Nov 2022 03:20:18 GMT
Server
MT3 169 32252b7 master nrt-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=79ff6378-4b71-4500-b7b3-2c6b61442a02
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 19 Nov 2022 03:20:17 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3B76
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjQ3MjBDOEYtRERDNi00NDdFLUIzQjctQzAwQjZDRDEyRDIz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3B76
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBFwG9Kjby0UGyulW60Of_8&google_cver=1
42 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBFwG9Kjby0UGyulW60Of_8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBFwG9Kjby0UGyulW60Of_8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 3B76 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.126.167.117 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.167.126.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:18 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 18 Nov 2022 03:20:18 GMT
B4720C8F-DDC6-447E-B3B7-C00B6CD12D23
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3B76 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B4720C8F-DDC6-447E-B3B7-C00B6CD12D23?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.1.26 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-1-26.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 3B76
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1fbac794-a072-4166-a080-d44c7a6c596e&gdpr=0&gdpr_consent=
42 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1fbac794-a072-4166-a080-d44c7a6c596e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1fbac794-a072-4166-a080-d44c7a6c596e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=ctyu9nv6krllhs4ykz4ynrhxyu0f71668828016&fp_cr_tm=1668828016287&fp_acc_tm=1668828016287&fp_emm_tm=1668828016287&ve_id=&sessionId=8828iayzkvjstuhtt6jcely8u8zcy1668828016&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,alxyqootlbggojzcrz4jb96n5jztd1668828016&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16688280162839385&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1668828005594&c3=st,c&c64=starttm,1668828017&adid=1668828005594&c58=isLive,false&c59=sesid,&c61=createtm,1668828017&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&sdd=&c62=sendTime,1668828017&rnd=601943
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.213.124 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-213-124.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		169 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1359662414888872&correlator=1113629834343322&hxva=1&scor=2473002324016815&eid=31070881&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ifi=1&adks=1616217045%2C2956706420%2C1415436295%2C1982096792%2C3785065344%2C3544675803&sfv=1-0-40&ists=1&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D16442a12-67b9-11ed-a75b-0679fa08ad36%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D16442a13-67b9-11ed-a75b-0679fa08ad36%26vw%3D40%2C50%2C60%26vw05%3D40%26grm%3D40%2C50%26vw10%3D40%26pub%3D40%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D16442a14-67b9-11ed-a75b-0679fa08ad36%7Cpos%3D1%26refreshed%3Dfalse%26id%3D16442a15-67b9-11ed-a75b-0679fa08ad36%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D16442a16-67b9-11ed-a75b-0679fa08ad36%7Cpos%3D1%26id%3D16442a17-67b9-11ed-a75b-0679fa08ad36&eri=1&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3D8723608110cc15873df457753e57bc88%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26pid%3Dnone%26adl%3Dfalse%26abtest%3Da%26pvid%3D8723608110cc15873df457753e57bc88-00000000000000000000000000000000-1668828004360-362188%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&sc=1&cookie_enabled=1&abxe=1&dt=1668828018694&lmt=1668828018&dlt=1668827998131&idt=16412&adxs=436%2C1123%2C1124%2C0%2C176%2C0&adys=48%2C462%2C10539%2C11772%2C4333%2C12492&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=20&vis=1&psz=1600x134%7C300x276%7C300x250%7C1600x720%7C1248x0%7C1600x12510&msz=728x93%7C300x276%7C300x250%7C1600x0%7C1248x0%7C1600x0&fws=512%2C512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1035650974.1668828019&ga_sid=1668828019&ga_hid=764643516&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
126b837a8f488caa05ec18268ed4ccea9ca6850c50baf1303dae094165cfda56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,162660,-2,162660,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40165
x-xss-protection
0
google-lineitem-id
6088428382,6088428382,-1,6088428382,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138413026295,138413026298,-1,138412773756,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5128 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 03:20:19 GMT
expires
Sun, 19 Nov 2023 03:20:19 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 414C 		2 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1668828018837&cv=9&fst=1668828018837&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
f8d75bc73f8755b06245eb1a5b0df2247bfef548286c4c2dd9eb1427509f306f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
913
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
bid.g.doubleclick.net/xbbe/ Frame CAFD 		0
55 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 03:20:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
701.json
id5-sync.com/g/v2/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e79e2d89687eff1cde896384ca9c0f2fc72b7bc595caa94dbe801984c8df5cd1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 03:20:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 03:20:19 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.114.188.47 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-114-188-47.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 03:20:19 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.114.188.47 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-114-188-47.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sat, 19 Nov 2022 03:20:19 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EAB0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=22628
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 03:20:18 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 19 Nov 2022 09:37:26 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 89AA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebcc04211a89c8fe6b15e39e511a820e6d2908eecd25e58a620d633e35e6933e

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76c5cf2f8f955599-SYD
content-encoding
br
content-type
text/html
date
Sat, 19 Nov 2022 03:20:19 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54pn7hDa6rJD%2BQcMeg99KcAgOJIvPTagCyPlCqc7hyExE3XC47s%2F7oZZO8%2FASC46j7J3qROo919BvycqVDgsxxfyOj8H%2FYtwb4hF0rv93%2FAPqIPo6H5U2BJUance8brNLD7RIn7wljNwzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 891E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
81470
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 19 Nov 2022 03:20:19 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
33, 79088
X-Served-By
cache-lga13626-LGA, cache-syd10127-SYD
X-Timer
S1668828019.121288,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 4CFA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Nov 2022 03:20:19 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 4BFC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
31
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
76c5cf2f8f89a876-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 03:20:19 GMT
expires
Sat, 19 Nov 2022 07:20:19 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=557869551418898506
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=557869551418898506
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:21 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
2a937f30-71db-4596-a100-06bb235d57ef

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:21 GMT
AN-X-Request-Uuid
06e96cb4-48fe-466d-8327-c79dcf58f251
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.playground.xyz/usersync?partner=appnexus&uid=557869551418898506
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
up
insight.adsrvr.org/track/ Frame 1ED8 		927 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f894bed66dc0a914589adc087f92a5f8a28dcb631c964d669e87e97d5457c1f3

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 03:20:19 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
up
insight.adsrvr.org/track/ Frame 6117 		927 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
331a41e041ef7bb9034f2d4fc8ccf814cc608cfc0a3f895cb3d79a1fd7a1aaf5

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 03:20:19 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usermatch
ssum-sec.casalemedia.com/ Frame CDD8 		2 KB
956 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8954da94be8689f004b2b8cb62071394238053e3bca6fe6027f33e27f59aeb6f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76c5cf3058385599-SYD
content-encoding
br
content-type
text/html
date
Sat, 19 Nov 2022 03:20:19 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1B%2FICd6uALpDuT9TYOiB3tigXFYihIyDlIBcXs2Lc%2BRRQk2P07FKkTuA%2BSffPFzu03ej0vIJX9wZt4nThSnJWxg7eHIGUgJDboq3J1MDh%2Fgr8N9lw6krTf4jHUj4lyPj7ikBBirmJVLCEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 891E 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:19 GMT
AN-X-Request-Uuid
5d04ce4a-2181-45dc-8118-ed5794fbe63c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 1ED8 		487 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 15:40:31 GMT
Via
1.1 934dd0fb722aa582f1b4a3cdae35b12c.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
41989
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
1gK48QU-jhn3pStOCYGSKW0-1FUwT1nZqouFX4lt2v4I-Fajkh-pyw==
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 6117 		487 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 15:40:31 GMT
Via
1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
41989
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
EOcg0q-z-x3MU1UdRK8jRbS-o78Z-5Lk21kSI21uid9wxcSMJyxqQQ==
dc_pre=CPyO-emkufsCFS7AcwEdtF8OOQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2456246492691.7227
adservice.google.com/ddm/fls/z/ Frame 656D 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPyO-emkufsCFS7AcwEdtF8OOQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2456246492691.7227
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPyO-emkufsCFS7AcwEdtF8OOQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2456246492691.7227?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=COqU-emkufsCFWyd2AUdwEoLjA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4049920485645.826
adservice.google.com/ddm/fls/z/ Frame 4363 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COqU-emkufsCFWyd2AUdwEoLjA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4049920485645.826
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=COqU-emkufsCFWyd2AUdwEoLjA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4049920485645.826?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 89AA 		70 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 89AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3hLaa2fgsAZB0xPZIQo1QAAEpUAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGaEWVTaFEQxYCYq0bb4ZEA&google_cver=1
43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGaEWVTaFEQxYCYq0bb4ZEA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqKTFtaeZGHwwQomhvjO5mWqenSoFTiY2noHhYz62sVsCRCLNhlHqClNjtSiMqJSB9gL%2F%2BUtTTvAT2VerwyM684xf07mn2AJGiUlKuPeJ0ElWoumFBbguzyJZf%2BuetNvvQeGviX%2B%2FJJngQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76c5cf338c7ea949-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGaEWVTaFEQxYCYq0bb4ZEA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 89AA 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3hLaa2fgsAZB0xPZIQo1QAAEpUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VPGMQK1RHMYZ80T07Q4K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 89AA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3hLaa2fgsAZB0xPZIQo1QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=23728&dpuuid=Y3hLaa2fgsAZB0xPZIQo1QAA%264757
dpm.demdex.net/ Frame 89AA 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3hLaa2fgsAZB0xPZIQo1QAA%264757?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-87-56.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0a07f3b05.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
nETXhSZRQIc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 89AA
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAI9BE7G8JcAACBhVbgCwQ&expiration=1670037620
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAI9BE7G8JcAACBhVbgCwQ&expiration=1670037620
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAI9BE7G8JcAACBhVbgCwQ&expiration=1670037620
Date
Sat, 19 Nov 2022 03:20:20 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 89AA
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_63784b7448744&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63784b7448744
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63784b7448744
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Sat, 19 Nov 2022 03:20:20 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63784b7448744
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame 89AA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=vpiWxSqG-JMAKk57XIgU&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD25TQNFLXQ...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=vpiWxSqG-JMAKk57XIgU
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=vpiWxSqG-JMAKk57XIgU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:21 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=vpiWxSqG-JMAKk57XIgU
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
i.gif
mfad.inskinad.com/udb/9874/sync/ Frame 89AA 		43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=Y3hLaa2fgsAZB0xPZIQo1QAA%264757
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.32.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-32-183.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:19 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
undefined
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
43
x-served-by
bifrost-production-shard001-us-east-1e-i-02c73a2e81b2f673e
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
848360150c7285fb18cb4639a4bb09a3664499b3076d27648f1fd1ff8a7f538f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 10 Nov 2022 09:46:31 GMT
server
cloudflare
x-amz-request-id
6BEARFGRENW3B8VM
age
687
etag
W/"903cd4a80ebccf0d9e448e2b133b585d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
76c5cf3b6b74aad8-SYD
x-amz-id-2
XYjoTevR2F+iNS8fUzTnkYrk91aPgxeNla7sWso74QdK942z5ZLJrUPoajPjtF7hF89BZCuQwtI=
view
securepubads.g.doubleclick.net/pcs/ Frame B669 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7uVsGwdx2peiufrZnBB_j3wCZi6SvLVC_AS5wghm6CfNr8j-i8iBAxZFHwN_aE6xZR_9j4YswdNAdTApqftMttxERBFudGvXe8MshfiVLAZGLZJ7o4HCip5AJO_1_o7gPZ9v0lhvPm2lebvnnWBrjRbvZG_174wyh8mqD7LSlZe3PZ_x5uPzHAJuQNIFs8C-8IuDvw3IeUt5o0np0TYmUY_da--Zl8QK9vVPyyx1R1jw2YSuSKgBr4vnoLiqmr76lxrsGIoyFqcjzg9egsyk3zcn1c66GEHmah1f40_sw2bQf5CfRjwURyiElG3GNlt9rj2FicyVNeaUwCHRyq0Jy&sai=AMfl-YRLv66aSSmyJ7N5aOiSilW6vU7zY7UK3Xc1DR7SCen38UwLTg14bTTpc5TUctPTRdrHLsGWo1fjoMA_WPqsYtFST1ZO5AvY1MR4v0iWSgNxHJ5kkxdxYbU9-1Hn2exn&sig=Cg0ArKJSzLmMnAxZbc6aEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
invoke.do
invoke.bonzai.co/mizu/ Frame B669 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=2667891553612180355&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=266920143196706123&rnd=1128617417
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.70.29 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-70-29.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
81fea29c3a15d5f24793161b87d973a6604c7be18801f5b26116f13a4149aa22

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Sat, 19 Nov 2022 03:20:21 GMT
server
Jetty(8.1.7.v20120910)
content-length
9616
content-type
text/html;charset=ISO-8859-1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B669 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 03:20:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1A3A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuKA8kV7aLREWdWqxrVCxhWed1vaiaf7zNpglp4tD26_pvuAZt8XucUOvjfKh52Ply_UlL5LjXT-rz5ym-keOkspYcKuwN8ATyIT_ujH_mgUa0L1a6ii8SQRRgDaWL3SBef22r2Q7rm5oU_HI6mhQW2tiwiwO4CFHW4ZaKFFMZur4PDVJa2YBMRivF6sBHZgwIQQMLqn1-sCMJaHRXcGJ7xl2wY68cgc4ZRus16w_p0hPNF7qlc3P4xyTaDMztGMqNANb0Afq4In5INudN5S15AW3XvJUBd7PotRBuXfro4ccibkQqS4GZAeDvL0h5gJTWp9H_BgaFxbNgq9tnMu1F&sai=AMfl-YRDgpE9Lk7J9c-X8UpKy_ttIj02LCUyIbontlEpfeIgoEucxPFuJ9llxlxPeA18kEpO7uT5DLHbCQRl6bmLD6mIQpYy_m7KhSHbJ32m_sd7k7qVQo5OjtomJUg4PKSI&sig=Cg0ArKJSzOH-EoZoPHlGEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
dcmads.js
www.googletagservices.com/dcm/ Frame 1A3A 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 02:59:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 19 Nov 2022 03:59:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A3A 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 03:20:20 GMT
container.html
bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4F52 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 03:20:19 GMT
expires
Sun, 19 Nov 2023 03:20:19 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4755 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRJ2YAtRmzfJghBKVp2qHbZy4cQQW8WCp3iOT127xBYMSUvd7dYBwTRE7P6z6FwKjdGKQp1RMCw5Bhfxi45wZUiAqy4qLm-L2k08T9AhOIFoY8v9D3OZFxiqokIDqyBSd4Oz4OlHPvzUxRcagNGZF8Ogv1sBXRIBQidKEBHxL2BBTFfMTlrFBp4sV5Qemmcsg_W8fKpa8cBEVwPesDyNIBOUk_px8BxsYZQbOHDPB_aFZ3LIZcNk6T4qDYZJnIE7o9RSlnVtDG-ap6JfAUK7coSmK8z3zAC3brPC72SoQMF0Zy4ZH22yxJQChLBirICP54qEEqbImBXkLzobKiczxw&sai=AMfl-YSUKBJuDszRlMQUSbAk7SBAHtyXHDZnpZhTxi8NuTTHPdEBHmLPtSG51G5OKVXKHwqq5V1E8AD88Kl_iH9EPWdIBL3ZmWPe_yuUH_64mIDEZKoIt_gPKGHziJ4KlKMI&sig=Cg0ArKJSzJXsnlPgOhtEEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 4755 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:20:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
39616
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:20:03 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4755 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:11:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
40132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:11:29 GMT
l
www.google.com/ads/measurement/ Frame 4755 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTU_X_vNKfEhvKAumD9A9EbOa0ZOj5rnlrlt2HZG14jSmTqsjmuL1eUEsIQZ7QtH2PhcL--pU6IPvjm2t3qwV6FpuuNIg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4755 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 03:20:20 GMT
9682221703987969050
tpc.googlesyndication.com/simgad/ Frame 4755 		95 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9682221703987969050
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 19:34:17 GMT
x-content-type-options
nosniff
age
27964
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 01:21:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Nov 2023 19:34:17 GMT
container.html
bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6235 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 03:20:19 GMT
expires
Sun, 19 Nov 2023 03:20:19 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Y3hLaa2fgsAZB0xPZIQo1QAAEpUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CDD8 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y3hLaa2fgsAZB0xPZIQo1QAAEpUAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.1.26 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-1-26.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame CDD8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=557869551418898506
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=557869551418898506
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:20 GMT
AN-X-Request-Uuid
c628db77-20d7-4dcf-a87c-78de90e50899
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=557869551418898506
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CDD8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=79ff6378-4b71-4500-b7b3-2c6b61442a02
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=79ff6378-4b71-4500-b7b3-2c6b61442a02
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 19 Nov 2022 03:20:19 GMT
Server
MT3 169 32252b7 master nrt-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=79ff6378-4b71-4500-b7b3-2c6b61442a02
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 19 Nov 2022 03:20:18 GMT
rum
dsum-sec.casalemedia.com/ Frame CDD8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4508445342604819091
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4508445342604819091
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4508445342604819091
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ibs:dpid=23728&dpuuid=Y3hLaa2fgsAZB0xPZIQo1QAA%264757
dpm.demdex.net/ Frame CDD8 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3hLaa2fgsAZB0xPZIQo1QAA%264757?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-87-56.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-04144b8bf.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
lXTsduL1Q0M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum-sec.casalemedia.com/ Frame CDD8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=O3yAKFybQ8Bgjmk6w6vnJ6310aU
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=O3yAKFybQ8Bgjmk6w6vnJ6310aU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=O3yAKFybQ8Bgjmk6w6vnJ6310aU
Date
Sat, 19 Nov 2022 03:20:20 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame CDD8
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_63784b745e964&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63784b745e964
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63784b745e964
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Sat, 19 Nov 2022 03:20:20 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63784b745e964
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame CDD8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3hLaa2fgsAZB0xPZIQo1QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame CDD8 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y3hLaa2fgsAZB0xPZIQo1QAA%264757
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:19 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
17393
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c5cf34d8aca953-SYD
content-length
43
expires
Sun, 20 Nov 2022 03:20:19 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame D0FA
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1fbac794-a072-4166-a080-d44c7a6c596e&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 19 Nov 2022 03:20:19 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
c80248407eff6cf595ce43a76c04e23f
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 5902
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=1fbac794-a072-4166-a080-d44c7a6c596e&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-KJ5AcbZE2uL7Ug0uOnH0f_gfefKuo3Q-~A&gdpr=0&gdpr_consent=
70 B
634 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-KJ5AcbZE2uL7Ug0uOnH0f_gfefKuo3Q-~A&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 19 Nov 2022 03:20:20 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

age
0
content-length
0
date
Sat, 19 Nov 2022 03:20:20 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-KJ5AcbZE2uL7Ug0uOnH0f_gfefKuo3Q-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
google
match.adsrvr.org/track/cmf/ Frame 62F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MWZiYWM3OTQtYTA3Mi00MTY2LWEwODAtZDQ0YzdhNmM1OTZl&gdpr=0&gdpr_consent=&ttd_tdid=1fbac794-a072-4166-a080-d44c7...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=1fbac794-a072-4166-a080-d44c7a6c596e&google_gid=CAESED9CGU-Kc4k8LiBNbOeDFTE&google_cver=1
70 B
635 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=1fbac794-a072-4166-a080-d44c7a6c596e&google_gid=CAESED9CGU-Kc4k8LiBNbOeDFTE&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 19 Nov 2022 03:20:19 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 03:20:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=1fbac794-a072-4166-a080-d44c7a6c596e&google_gid=CAESED9CGU-Kc4k8LiBNbOeDFTE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
rubicon
match.adsrvr.org/track/cmf/ Frame C602
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1fbac794-a072-4166-a080-d44c7a6c596e&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
634 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 19 Nov 2022 03:20:20 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
content-length
0
google
match.adsrvr.org/track/cmf/ Frame E052
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MWZiYWM3OTQtYTA3Mi00MTY2LWEwODAtZDQ0YzdhNmM1OTZl&gdpr=0&gdpr_consent=&ttd_tdid=1fbac794-a072-4166-a080-d44c7...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=1fbac794-a072-4166-a080-d44c7a6c596e&google_gid=CAESED9CGU-Kc4k8LiBNbOeDFTE&google_cver=1
70 B
635 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=1fbac794-a072-4166-a080-d44c7a6c596e&google_gid=CAESED9CGU-Kc4k8LiBNbOeDFTE&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 19 Nov 2022 03:20:19 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 03:20:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=1fbac794-a072-4166-a080-d44c7a6c596e&google_gid=CAESED9CGU-Kc4k8LiBNbOeDFTE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame D801
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=1fbac794-a072-4166-a080-d44c7a6c596e&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-KJ5AcbZE2uL7Ug0uOnH0f_gfefKuo3Q-~A&gdpr=0&gdpr_consent=
70 B
634 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-KJ5AcbZE2uL7Ug0uOnH0f_gfefKuo3Q-~A&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 19 Nov 2022 03:20:20 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

age
0
content-length
0
date
Sat, 19 Nov 2022 03:20:20 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-KJ5AcbZE2uL7Ug0uOnH0f_gfefKuo3Q-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
pixie
ib.adnxs.com/ Frame 6118 		42 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1668828019575&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1668828019575&et=1668828019575&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 03:20:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 4CFA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
51289411df7a3f45dbe270d8d01cb50bd9b5f2c446fead20ef7a01ae7959262c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 03:20:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Nov 2022 06:53:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12813
Connection
keep-alive
Content-Length
10071
Expires
Sat, 19 Nov 2022 06:53:53 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4F52 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CKclHckt4Y9bjNtWivwTy0q7oB7iZ86Jc6bXuu_oCwI23ARABIABgpYCAgJABggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQngAgCoAwGqBPABT9BeGwTJJt3aBfek7kUnC9NjRmWedK9hPS1tRKQjljVgKncidNRgskOY43FO4M9WlYdKSJH3poX0zXN5U0U_gyCJ_GYQoD6D0hNGhRYIrDVIDmX7B5_baRzxIFjmBzd5-ijDwg5KSRJHldC48fEQvBSCZgsO1CnBzR3jFdRGOvwkjC5JUIFyQEUf1WKjfzGEreY21JLwpIh5Y9GyiAttAUQhlBxkTDVdVzfceSBcoYVMs8tOEnja-rpKMQGmGLZMkoB3i_aTqy5qTOOVfNZGuRELDCvUCYXwcdzXeWelzwfgH_6T0S_gW7A9Qt8eP69P4AQBgAb2p6ulr-3FmZ8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTE3MjcwMDU4NzE3NTMzMhjXzxI&sigh=KOuKvz-VH38&uach_m=[UACH]&cid=CAQSOwDq26N9Lvw833CoZWLS8REpKj90uQO27uvcN-OAn-V7jar8zJz1gf6QbI8fGWFpuhPdd7fLBliMWTI_GAEgEw&tpd=AGWhJms0nVK36ycM2tGlKsmQHyJ-06lWUx6SMgKQmPrL19_YKksyPl6rOiYi226FzFTrXCkDjRHyODwSSLPvXtHA_p8rlzooYbEP4wk29VAft6YLS7PjStf_HePZhdCWFRn5g4SjNbZbo-3p9ZO_6anONuv7UwheKMt3bAgh5pGVE-gxpvtGmC_fkwDXJ80QoC8RIwNB5RUiYuzktQMhyLzVxhF-fSSokqbOl9RQO6hFqrvuzcyXGDPvdLyxo4reqouxUx-qLXLxAcyxuKzeH3Tc7RBcJh50tCCNEr3sUlVcOR-XdkDq1ND4z8uutwnlH8mkdaTA8ArIyQhQtlEy9jmjOje6tW2FSpXYuGXpklrMAGhiz_ZKKZeWnCgONz2R-7TyNm4HedhmKWanTLinsyvYZ1kwIGJv_JO3yhatT72hnQcUNvlpVMYSIwqv4BaQz7-tDc8Ns5UHoUAbUIYGZRZDuGaklcYRCYMYpvt8MB14yQB9j3wEXOG7hM0Dhy67LMqNe3SMllGeVikAJKrwTGIEVCT4yH380URUzSefxxKa5L2VghpQpX-aL1l3XgqoSwEUc-apnEjohBp6BX3pIfIJusH_Rgbn92jY908lDCkXHqGkjdILYCxuqRdurzpEOIqpNe07FAiz9VAElBq4ynqDDEWdRzfJ0iEi0KHrMTkw6qTbmhO2UZmVacnKHTYJS_fGDhJcwCNdtcqEyXVA3OLi9c6-NUVoM9BOdoOuKeIhzSWmEShdKnlCpfAQS8Rn94tHZWjMCI3XphisD-ecLpkQAYmBYjLJR78ipLqP5rc4FEKxpPEyOVSRxSQIbFYmu9kfJ92oye2EXP1th93HNoniLlsuJgwb0-VU6vV1TeYgYRgSmRPEdZnYu1drQS_H8vb6VNMxU0V53qIrIN_9aYKTPLKwD1GUfH1Ic66egnToJG6iUNubLyCCvFBNaPT5MHaEX1Rjf-XtN_-zlMF1QruRwdKX0pKYet6_ZJb40ygNoNoQ_d2qwSBQaMrQ6j-EOFbUVaUYa9wknb15m0upOoOgssJ49VVRaiXVYISxGy5u4bE8tSpbGjgfWeFr98J7__FLbzwBFU0vTlgANX6LVlUhgTpbSxd5qfCG-qEe3S1gSm_E7sDNZkHKzE58riHQmorU20BINKvyvjO32bdLGfNPk3bP0c7IYqX8CJ8zMuc7f1MxVhIoRDdsaxJzChj9FlUDttKIV4848iZJtd2NgXoiblgQISi9Rt_BJbXuHJQz6xZLYru1rrjMgJZQlO3N7JQlhFWnkiKnBKvKXUuKR11qii2N-a8NKNRbi9DNhrc0rNLNIyOZlg53w2KgOsNQtROVE0c7TGaZxnlEY4hBWHcieP08ga0vY2mrj5BDSoCk_wtJcV1IcxXRPZoxCTtXyYvHRemRAI9wJfoIp510b3Zo29HSuU4gISkWGEdOSaD0SchCVZI6gkj8nrchYhdyvpPXd805nw9_6Fv6CRArnybhQdT80lyZ5KxV94VmBOKiFdkVCVO7nNNuZLm2YsyaSoELs5pS3_5W1x5HGaRxKfLNB6jyvjyKMiY
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4CB0 		663 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7C2ZoCEIfmwZ0CGML0ktQBMAE&v=APEucNW45ZdHSnn3eTZsJP5NCmQjKgEH9t1WiFVaX0I9ZWJWSGlZk1jrOlPNN1Fytb7KTLiGyCDYYKGdhJ6aw6toByyZJyrFMQ
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 03:20:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 4F52 		82 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Df9kAaeg4V039qEq4tfTDm-N2Z5fbm1TxkRT8JwS0KyledZiAtxIcS9briXjaCCAtyz784z3aPGtv75NuZPcP8nOGSOOLFEU_p-sYOAjOspK-fYvDl_r9AVcq0BzksuSeeSt8XN2aTQbIqJ4y27p7emvUxSBSp5XRLdAyKRRaXwxSH6Qw&dbm_d=AKAmf-AcXz_whIno5jCkTkUUM0_zY7JtY24rSFqpDsJvzCFlNOim09wu5TkRtUn2_UNm1o_XsKjXf6_WSuJ_0SYgpMZOsemEEJXvFmghJYvvTYxsxJwRyKWOT1A5wgEcoQZ22QozlbrHDlo5nfrsIDMEfQ6VdSjo6PgI17AnWqMNCb6xQiMGAReFZs3WgrzlqMEjooI2VxwcJkkaRcQTZmemFh9rH0BV8O-Z2Bp0TeDCm2-t752uuGXryRl3_UHu2HXdnKSXjw8q8rxYXm9CCTIZPZ3sF53XyCf_Isl44jOd0i4LvA6Vs4AaLH9P5yrox-_yrHS8_9kdfpTRTZvRyeDON4GvXD4HwlQIvtsCEi0-F-VG3CsNznnI3mJlxLoTunyKI9FRmKz_z7kyMqRW5VEyjYvU9Kqs2Qhf5pEQxwnWOxTn-Xpu9dyUDC0VzdgJIWgBMoaA7r2xRnbzfNLlcma3qKcGGl7acsehQv8td1l9DkPeJBjFlM29yVGF5V8LjTxOQTeQ47rD61O7h1hqep5N0A8c0Fq4uS6wCKCt_S68S67vaMeH1lRGsR46Dkos3Ztwu7F45eaPawVmnswDjB9IIkBLm4TlKAaHOgTHNkDuB3KOJiUPgIuoqMyi7f8ZIqQexu6F3sJQj39rGT48SUR9YRoKZ7RPT8AprE0M7G5TBeociojX63zKILoiI3Q00J8-n-ag9ME8XSZ7YaApn8nrZFB5qtvEXckycGxOUIS_FAfZh0jtguG4OQytCZL3uBDKnJrF14qxEU1xTTY6QL-J2m9Nx3JLX-qjrisJkf3HMcDa6B6Eay5-hkS0N9QyeIWks13BJHlHEDHA2UEkXBix89qcJkiKeZYXnBWHk1Gtoj4uMmYqlRegxCyHhTaB9Y_dupBpRoJnnAViPDq7U_XkE7F_8fV4SrjDthG-TknL6jXIX50Uz8rZ7n4M3ehk2iJh1S6W2qI9SmcePzFIXSZFmyG9lw10KDX5BVgMHKyURhaEnMSnBIQjm_z9MN6vaXbPnm97U9wRjFiMHD8HNoei6md3oSLZg_XzMrhma1Dq_yszGNaFkJO4esdnk5129UON_x0ZVtYdqhOgYooknAgKh3TN9zc2nL65bDMKiz3JwwWXCoHr3CxF6xxQo17xgNlGarpkYs5vhcZ6XhJ5emmeSNxCZRIBhZtKr1kCckvxtJgmggHGeZ4kXKC56xcKlfJO95BjO2DFXcEYY4GrflYAGSCR14i7KlcsQcVd6rViROpnhxdgXhv4LJQGcHqLmYTPxLFdHhvzsDBtox34g5r_tIS-C56BkTfLQuwZwsobhwEqCoBiKYXwUx9ZxC6xIBLWAbOdRWjmB5NhFmD_5lECCNdako3y2BkDlTukbTyNtTieWpeFpLRxBdAvav2wxy7PTY6LhbPKoqeNyT84lZh32OFdTbXj2o7Mox389sdlebcvCuOnt2i2lktICW9hGzmsKzaR6omQnlekMYtOtbiOT1OT9Z5tWlLLfm-dKV4ZsdGMKSGNT_vIcDJz7b2aBWks8QFaH7GOzatvmveqYogAbWQ-8Wgnu0iG0XjCQd_iAGtxQHkDfk_rOcKPzveoO819QUTFtMuIcyCJEGasFxAPNqIjTYwexyZ6d-AXwPuZ_PRsYJc11b-Iqh__ewH95jgQ69m5xpCNSCOqkKSY6o9jriZ-GyOfwLjEzA8o9SKtO7NTS4q1P2J2CySu4eY6yda1YYN3cqJq5t4f8jN7ejvbFHFY3sQ_dhf98reCr4dKQF9Z1u3c2uqrPR2HGpscx-27yp4eRMGStL2Z_E6UhyyYDN_HW_kSuN3n8exTpXq9w7rkePGl6MQhQr-vZ-OVDVR2QuBVAWLZaf9KcdafvUeVP099HtIJ_gFpvVw_QWWn2VIWUfR1yb881M8qxFfXrDDZD-hfSdsnHGikecCEQnczUMAjOi4Q3Wy8GMmVIOaPcT69hKRVWW0_r9VhRairiOZIbg1vd8PGQsjFPbK7KGU4RW0ZZIZ0vwYHyVsaTYTV0R1lHXrRNCkExEEHXNR4QHbWq42pRKPUYGZMykwojuE6zXWC5FOnRkPefVkrXoYH3ccUtiXYGuYjoeCkB6VI8awG0G40vP2vr215dGFwJa3g1rTC6PG7-AcH2iwtY8SLiESCusRS6K3NvfnuVRBbMmowNt5FFcJrUJXnCADUL8-Ia2wpi5PLynhwiXs_9tYXFEsARp9GSH0EWf_O___LWtS5cx3mPrMWVTJjtitHKq9XaTzmahRlrEzDlLZafkLSlPN-64jdL6BJZZ0lR_HwjB-RPMYt8ecucFjFkewpR9S8Z4UdceOH0mmO7awdC_r8Wg5pEx5OThLsKp4dTK56Ci0agTK_e_V36_njTREm50LIIoABdRNVWf0dxRi4jMCxa4b8uZBwGodLftoGK-9mv0zh0E_593nj-d9Bbcpn4OV0Dzk0tdFc9xFgQKvdv0JqIDxLeOnx3O7SBEV1EuMEMscQxWdmVcGo2EMUGxDr3aaWdlFnQCNpViNvZM9xapfLn_cyR8NQ8hgDiHtxVkcLGS5Z5Sfwoibqa3Jsp2G8B78d5yGEOd2QtX_TzXRDHEXoDcNDyIds8ssHpCFLcufr4CofJsEDZbx_c-0k4iPp36SM5QWbjQWecfG-T3jgLm2yOFjUmWjkzmgg6sDYcHjixLFRi2y2O2-4dq_hWWxx766DHK6USVyB3XdyPqIVffqnllNfaFCVRXIA1FHvjh7PmHGNuZ8ixCyMSd63O5yp_cdrVQKV4MT_J8Dd6bx2CTSYgtNwkOFT5jWPYnT86Dm4_ojECYXarJucLeSqN88y7sY2SaDeTaysH2zOuSjjWX5lQPYJQHhyFulYj_QLOYQ2tzXRHQrxihWUdH4K6XunWRzBHI9Z3cRCLwpKKjwkjizONbnoSw9xSZMp73v-eFtrQI0aoaVZoyOB5Lzb1Wp7CCRD7f05nO4DT5Ot5dImpbk65Agb2rEzjoQNGDGL20BrLSVUZlrAl80suOgugebo_1Gs8Mj1xYCTXM5zHTVvobex5NLgtgU7rnZtIm0WgS7ZNxrxvxySZgRuhBN98jw6cZPdjCmh46OGJkORR4RmjIadk06AKMawDFfQnzMRVai6tnw2DocP3_OmNoxEVq3RPkMKrjZLH0VVky2HDjj4N7zMylr3fDULqHPgM6fSMtAGWGKcGnhggMeekINEkmT1yER9s3D-wL-LRA&pr=6:0.386703&cid=CAASEuRoxII6Ec4G0LZkf_vbdFY4jw&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NzE4MiZzaXRlSWQ9MzI2Mzk5JmFkSWQ9MTgyMTUyNSZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTc3MzA0NjkzNDU3NTM2MTA1MzgmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9RThENTQ2ODEtNkYzNC00OEM0LUI1ODItN0YwQzM3NEVBOUM3JnBhc3NiYWNrPTA%3D_url%3D&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
218379c2ce1b5f1d83de77e2cf00ab47f736efeaf060c1c91652f110056e9183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35203
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F52 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DCfmAYduPNEYPVxiLNYsq2kO1NVQ_vz1qZwS9mCwSL75e54apAeFiibB5tTDZ0S18m2CWZ-nsxM2a8eBiyJI1dzSPfP8NriFeD7x_NYH1ZGKYKlbg
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4F52 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:11:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
40131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:11:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4F52 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:12:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
43694
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 15:12:06 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4F52 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:07:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
274357
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Nov 2023 23:07:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4F52 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 03:20:20 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6235 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQutjckt4Y9fjNtWivwTy0q7oB7iZ86Jc6bXuu_oCwI23ARABIABgpYCAgJABggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQngAgCoAwGqBOwBT9CyE7ZGDzuP6ywuGpEh9V1lacaTBdw2429ckJurV_xaaLU3ww1VVfXfvuDd-j3mO39wMTSa8kPTZ3cjykKqIncryLHtn9vVDjDDMMPlM9M_-CCt8ZqD7zyFXLb4mEDpCM1P-B8EyTrOIbpL8MhR7vy6mjcZLmUCGJw750DJa5Sq3W5j47DD2TRzzIxAIQ473doneXN_z7lRsBkKCZSmd-EGduf6cIRL5AWNfwm2cnFnoVyOYnBQmG1MRo5i1eR8tX30OYyM13vKKVYQBecFMaOE_J4Yp1EbPPRNEmUJ6ghtIyXFREK5ptNS7TngBAGABoPxldyw4LWUL6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTkxNzI3MDA1ODcxNzUzMzIY188S&sigh=GzKC30gOCyk&uach_m=[UACH]&cid=CAQSOwDq26N9Lvw833CoZWLS8REpKj90uQO27uvcN-OAn-V7jar8zJz1gf6QbI8fGWFpuhPdd7fLBliMWTI_GAEgEw&tpd=AGWhJmtCctn_Fx42o-tvKyLaKRgqk1C5wwL5_jYSduIda3fOCQ7G9L3CH_JIwQMtfmgMAqL3aAOlaD5kjHld0KKpcEWv1aDQsExZp6yIduVO4zoZN8qPmKAQb-yjyxcccGtIF7NIk7TULnqOvM0_oynSeS_ne8jztZm-nvLSpwYFu4aEZQDdnqt-WlCaUKjCrFeAcjKA6ZHyjBWYvnw0szzhyIRXk8C4MPTADOI8nL-FjOB0i54-F7AXlhVXBPy1SUiPE2ZIWWAQQka1CHQt4mf_gGxlo9i49boUtHt1iy5qLGBUzYRL-5-Iq8t3Bdwp9zSlHg9PVzdEKwDMB3xVjaopKKb0uch1SF92jrgldQKZJ5KQDIgcVj6n_aINNgzC6sdmo-ism_bSPJNDL7VBXUCgRxn1-Jz2dHrADCgIX1RHBhfjkjStWOxeBvCYusd9wUvv4iVJBhb-8pIyveb-sj-3_Z6EJhjurwIgCO4A4YpofCAbf9BenvYQFW1zOExlisNIM8XoY2hzdYD_FRIOlCVXhonoHsc0fiuZCuorm7Dk6t2EY4ff1hGZqy6Hm_fHbHJk_a3tzJhGESg2aC14_qq_ACPY1RG6gCLgJDdxFq2i2TIUAW2lYHc28qlV3L-629vEnwAB5ebJbpPl6jjvUmTUgssqNuN_yiGL7BrTYQb4OLXlKIU514rIdyKfD1cLTByGMltlchGhNw4LWYDbqTLEOS4uNExlJ37iv9EdhFF1a7odfCrnQ9S2NIMb_RQaVgkLErtw24fR7PyqBozoRjTWr9s8o_WNvxzlrSO6AzOdiBOinwknElF9fw7zUM80KS0fhZ5pGnKeEvwl8bPQac1EAWsF4jEwpBpExGAHeSHudBhuhp2jg94nOXumJobCwDMWXOVV6bzui3YP9IvZKe0ir349GWxvqISBKmqGssmVJ9aX_-hY_wkpgDo4Ckfe4JheDXUgw8RRGtMEJ4RfalfHGaeTgLQXUqVAu3zpnNkIUUwke0q3lLVWZVulv_2Ia39HeftOlyq3inVp8N6OvsVozszAZWYFEHu0q-JPRicad7C7ouGGQ1yw5IO91EBQC8H2YvN0SPN_vIpW9MTV-V5KS_Fw8km_zb5QeMEAW2E_DWrP0f-4EgWIJSUbwCMd89fYDaf-u-5wrLH_dhJa3zkFNKO6Ymra6xMmTxaAe8RFH3g10F0wRH17mUhpYPMyoLPNv_eKChk9ZpVyD4OP22YbCigzMVKs_UhGZMS0HEL8aVTq2On59UMcNHBEwJHBNMAAJ-mIBn1o7n7WSOoBBm-ImZRQhGHdNKKvyRcY5CkLH4g5sbxN4yBVZlmP1DFWxz9OERh0zsDCFjMFfPoiaMoCKZ_Rln3eTIdiMr8s9Xiy-peBbGua8k8DpGl9tN7CLq0yHZ5J0SmRq0NSw00Sn6RV5ImRFv-VEuWI3XL0RN9D6Ck2pTfbkzSdEEhrCJmu_GKu87XeRj0BEwcU99mJboV4JsDb5hdbm2ORnFHnE3eEnAbLy2ppQzunsI0AZoOBbskP3jnRYGrcT66qgzcLnCeKKehNTVnmHQ
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 282F 		663 B
683 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7C2ZoCEIfmwZ0CGK_xktQBMAE&v=APEucNXD-DIuyTvB0kGuTQEpa1kFX0z2zVjMbvrDhs5ZPECEzKHJnSrmNuJbM869gxc2fZpiX4tZonkkuTTOStBcsqG-bXW5Xw
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 03:20:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 6235 		82 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTos0KSZFG43AoYoSOALZx1qhEnjg9_DzRQfpCXsyuTKkNsI0a93DU5nJTCsxzV5UewHL8_531VvxhUfnnZGkkaVKgegLfnjJLHO022lxSS-Hia2oP2b1oTafoY5XrSO5Ii_SRIgFkQyF06ZxFUj0bJsLZjPn0K21hp75yGIKn9wERnWQ&dbm_d=AKAmf-Aj6mHCV6caovxI9csxspiOo1pQB8wug_mt8YF26onKfE-dsG0wA2t5f1wy-ad1jmTsBg-ZJvRAZhtgHdBSll8c-9s4ZZCNoXjllQ5ARggUlRUQMGxjhP2XWOctVCTmq2gmWOcTD5H3iQynfkn7kTH9QRqqjkh_HbAyADIVpwO08ZiHF_wkiUQ3uKsc09tQmyCorzstp18akfJh3W9fSqUQuJLTt10zJEblfNB3RiO97JZU6vWuO-jFh2tRUT-g39NlPjW4aq4m0894dV1940D8cFRKhuR8F6bnj8TLZBqy-USsRUwTI1iVDN04HdBcr2n73MfNLihRugrozmso4JN5HWxCg1KXnQdLTNimXRYoKwc0CZY9EihKJ_5lrNEWesapzEQkLjMgmF8zrc4miBySoQfrhqBoycOGZ_oAC5Tv6bkfb1kFmwdC2-SEfGH7bnSi4m__cwReqJUxOjulAKXNF78D5vcP1QHy5bj-Iq33knHUcKGWzodusW3qAQ0DuP8OGROEtJx6M7A2rBIoBYTpU9pNk0vrWxObAuSu4QFKjyKIWRx5DDCE-eZ8B5Ht5QJpZyqJDrxhx1PB0u3qnoCc-V9zIYeuiupRqY8vLACyZ3mdFNqZBiQWmdbKAsiPJl2Q5H0VUSIudQB5TVqsgtYq7yMXa4-cyNVsvwV49mFqOsfcWJnassjQw2heSRWFfd14ds6Z6_8pnPYCO0QsUnJOC28WI8zOzSJ_PPhsAi6tHKgw4g9uyET6rb69ERrrLxTtXjT4_tbG5LMwkYK4KLNMecExKWlfocEae8Mezaix32xoRo8K0GAJ_kGfTEXXXjVBGx8sLT_RpMm63ZSSq9C1ltdpbi1pVQlB-3OU6PzcjK7enKsC84vqwJ0ixsEMMnLXJuz8pTEufstMvHrKhASyEFjOwl7X7hpEMqhs0RgfZ4yJPvMOHSzR4GLx1kJdsEoXwO5JgCRgYeIN50C3kXgSLQgg3kNaDumKDzLe7N91DksNGzt92VsuFKMq40p1vIalX1sA7tft99OsdrqTfQklH1WfAyCYVHnkhUv_pIsFOt9VhbwoMopCSwPaCqCJTMIFDDxC9ZoT0gWUXiR8JhsWdeKNYxHw-3f3_BgS1kB64ZhnLOPGfPGPpUgzjr8wISr5jv2yRY84po11jjHFXH6BvSszDC1ZMs-iR6wvk9gvm6Xffza13ywgotMYm8TnB69VvaI2PF1ANgWOdccyvG8K2M-28M6NKnETDBYtFrSr-vkZzDben7MuCOatKkoPUg7Cn54VjAfLwj9YkHuu5cTzwFLLOnTEqtzZ1Lr2JIwCu-V9zEIw8mtWWFL0800HDZ5x28FI3mMgRLaM7EwFrjCUH59UQtLCUyV4MYx-E0_8-ITVZoF3qg7XAj_KYMd4fZySQGRs04vwB8bkXO-uxgxydhhjFvk5Bnwx5hlDmE7XRo7jUb0N2HScSuHgItiCo45aUWDTLtbrg2Tfkk8oUysSgfRWHeSuxmuoJGyEaGiQpSIIJnQRPSC8a1bAl1bbzbcclHCMO2ET01zAcUl8iAdgw2Fa-7iKueNWoxH4sO3aw9joi8FjFmk7tAZvJYWqpxk0OP6FcFqM3dERpWNxycI0T4bZ9Pgi1c39Stavb8FxyxGzgNhTr7ttgr_UQlm6Tbo8erYd8iVdQzYDzbXEYf6PwglhgJLTbw1F6WmzGFQfErPiAtsJsGyGNkNVrLUqPXONzCPDowhuaNytjvw2irVcBGA3-PCeZzDKgAF_jE3ftsNW5nWcSvPzU5SXuKNFnjB6S8UApJpipHo0Ql5vMpCktmDiKlMXviCMfnT_4QCSH2t0K8XPoAuhXvMHT0qe-NnbYJQZEW6fWzY9IEAhTo3MdcRRSJ3bfWAY3JjH5X0FNqKEHNuDZ0PJ-BzuYH6gnhuCCtABVgR2m4_BuvPELt1s4JuqM16sd-INr3J7mlMd9poudmVoZqX71wfkUpZt1oTFq5MYrUi06Irhw9DI5GuY783QbtWdmyQdQimvZ6QLmP-uHHZ-TFV7gRpM83lD49TqERfmI6TR0UC3xphIpD_dPVA3uKkdrAU9TbeTwJ9Rv4LpXb4nZPhbYNsyacfd-7fWTMjSvZNoclO_dqRA0zciu7C-lmMqzPrX8QahH6UCQ8qLFirsmf1B6BvTHuwtg8Ffx0MIuYV9Y-Sht2_0l1vmIHO72NXSXcp1Skn_0O-46Rernt8gaXEdZ3syPHIwsFMiKuqhCtZInjIsVBoRcJUzYMTdw-s78Uf3dLvvVHOXx8elk0XwTKJbTofAH-BlMgu_UnWxvU95-q7sNIlRqkW6SQ1oNQfYLq3zJlFemnswtgoAb5aUXs_gpu_7_arpUg4tPuy7dSb_aI4F9EgxaJQlVKklKaMp_MwwYfserauyBrgrweUh98PRDJQGGKkY8vtPufexIVcJn8QltyRlAkl7xWyTzZdXtSjA2Z5N3rKScGd1SWaUftaMH_eA09lkrVn0SJTxIGrnyAwwEz-q7pfgwzW8a-8P6xZdGuOV85eWQBMYQoLfHh0SqlTNK_5EH-qKp-CmfgcA3tPIP7pA7AnUh8yOdtYnCz9UbH5m_eiXLFGHdl3UsfiqyFQyJNp3Re9o979gQwbU8xeHVPJ_YxfIGB_kILImp8BwfgQeC_acPz6JTxtLUxcjuHpWGrrp-qW6ldWDnODHmyr_g-io75hkyHGUNRNjtwg5rsnAxhRSX6ecX4PQALAxwMlRwfrP70oGU_n08fhJYh6yAIQF5n1dRGfIb2NZejOzJQCd2nBznEfHgGYQxdyzVe7yRS5aOtNRgYvruWPQTwXHS4AQM9CdkPdB7oRzLcbsjrtl5y32bwVz_Dmj6YECqlBsPsA_wBM4mQA2trBsbirLFKFa4_LzQ6Z_8C2YgmucMgbBd0VvVmOjYzktW4FsghKVeioEgGBOMGhn364QRTMg2Gr0oIhhseejnK6snuuyg5qTvp6_NVQkGii1j8Aja3G4UdM6ahcOFkXM4oz6SBRTlmlmO5dqjM6TrrUOaUGyWfhcbRHx62AWLAc3X77QkmjmnKiJHhUckKuL_718-4kpKzNyJIV0_sPQUgCDxjR49i6GOs1ylU5aVnQjJJj_-zzjYPeoce5NEvFKtDMbimKMPgqTNHqqHlLqc9fMkyPZiG5x3CXKR4ZwgNxE6maXB20S1bu1fY5QupBh&pr=6:0.551447&cid=CAASEuRokud6zT5N-j5ZFcgZZWn_UQ&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NzE4MiZzaXRlSWQ9MzI2Mzk5JmFkSWQ9MTgyMTU1MiZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTU5MTc3NDc4NzYwNTI5ODUxMTUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9Q0Q1MUU3MDYtMDAyOC00QUYyLUFDRjgtM0MzMEM4QjU4NjA4JnBhc3NiYWNrPTA%3D_url%3D&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
fc619da6340d6c154a59c4858ce1e111bfbfe87c13c38976a80b3c0c7f0b6db1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6235 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C7WZWxgI_qkhtFVy4JzP29BITCJLrdM0mCdJILCxJQ2rhku234_Uz3dQ-lpYXuzRGUR2onWdPReMfJxXH-8qSAJrl8qhfM3BvPM8mc0miaE_qV1-M
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6235 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:11:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
40131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:11:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6235 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:12:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
43694
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 15:12:06 GMT
l
www.google.com/ads/measurement/ Frame 6235 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-2Ea5g9-rva6RsVIdPHA5bfVHvsge9IzAASuNIpv_sKu6W5_sWnu4MZdN84QrdxL33XRJdoU0l84L_snAaLaKqUZ0Dw
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6235 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:07:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
274357
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Nov 2023 23:07:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6235 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 03:20:20 GMT
adsct
t.co/i/ Frame 3AB6 		43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=3f331062-bd7e-47ca-a929-be429c547519&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=08c03d2c-2456-4833-842e-b9104bc820f3&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time
145
date
Sat, 19 Nov 2022 03:20:20 GMT
strict-transport-security
max-age=0
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
a842190396a6481a
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
50e06b14d78fdf72259448ef6af2a5f29e4ac504dbbd53a4d0f336a88dd17634
content-length
43
adsct
analytics.twitter.com/i/ Frame 3AB6 		43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=3f331062-bd7e-47ca-a929-be429c547519&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=08c03d2c-2456-4833-842e-b9104bc820f3&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time
166
date
Sat, 19 Nov 2022 03:20:21 GMT
strict-transport-security
max-age=631138519
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
fd76337e92d4bc75
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
5c881d3e3df5df169829bfc8d55c4473035cd39630a563a39297f92b8d4a2a59
content-length
43
token
cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-26.sin5.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
age
25663
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 18 Nov 2022 20:12:37 GMT
via
1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
x-amz-cf-id
rw3gCBaQ2C0HYtk7_e6JqNuAgpTxsL65favrsVv9chgfRvRb8i8lyw==
x-amz-cf-pop
SIN5-C1
x-cache
Hit from cloudfront
token
cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/ Frame 3EA6 		36 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-26.sin5.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 19 Nov 2022 00:00:38 GMT
content-encoding
gzip
via
1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
age
11982
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=20764
x-amz-cf-id
-cJZiqMAXWZone46Q2KL4R4MBUr36X9s_mlBwUqckoE_nR_YauXKeQ==
/
p.adsymptotic.com/d/px/ Frame 3EA6
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1668828020059&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1668828020059&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1668828020059%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1668828020059&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true&liSync=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f6c3de59-d85c-4cb4-8569-c5a7574356d7
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f6c3de59-d85c-4cb4-8569-c5a7574356d7&_expected_cookie=97d96716428dd83a9162f30f...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f6c3de59-d85c-4cb4-8569-c5a7574356d7&_expected_cookie=97d96716428dd83a9162f30fa11d6a46
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
104.18.101.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Sat, 19 Nov 2022 03:20:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76c5cf452a3ba814-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f6c3de59-d85c-4cb4-8569-c5a7574356d7&_expected_cookie=97d96716428dd83a9162f30fa11d6a46
date
Sat, 19 Nov 2022 03:20:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76c5cf43982da814-SYD
content-length
0
impl_v92.js
www.googletagservices.com/dcm/ Frame 1A3A 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:38:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:38:21 GMT
truncated
/ Frame 4755 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78f20195a61708feaa410072efa4021c141b9fd27f5875daf6e2c31e58b60327

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
async_usersync
ib.adnxs.com/ Frame 891E 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:20 GMT
AN-X-Request-Uuid
8f0ecdd5-d27f-4028-89bb-f9a995633ca3
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 3B76 		0
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=BXIkjfC0a0eaBoJN9O&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=12779&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=12669&t=Co9S3eC2ryMaDQgp4hBNCrY_DtubOv&V=136&tz=0&_acct=anon&sn=2&sv=DqwUx5DqAaRyOZwKBBrx4cQYE01k&sd=1&im=062b0732&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.69.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-69-6.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
setuid
px.ads.linkedin.com/ Frame 4CFA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAND3X3Y-1A-L80Q
0
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAND3X3Y-1A-L80Q
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:20 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 3512FC83366448EF9764447FC650801B Ref B: SYD03EDGE1315 Ref C: 2022-11-19T03:20:20Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtyk1gGx5U30BnlvFbQg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAND3X3Y-1A-L80Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4CFA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOeCZdANp2xdpowmkWUH_M8&google_cver=1
42 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOeCZdANp2xdpowmkWUH_M8&google_cver=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOeCZdANp2xdpowmkWUH_M8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4CFA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjM0NWJhNzVkYzI3NGRmZjVhNGE5NWJmOGY4YzcxNWIxM2RkZmM1Ng
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjM0NWJhNzVkYzI3NGRmZjVhNGE5NWJmOGY4YzcxNWIxM2RkZmM1Ng
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjM0NWJhNzVkYzI3NGRmZjVhNGE5NWJmOGY4YzcxNWIxM2RkZmM1Ng
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 4CFA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ltIIdqByQGGba5q8CyrnLg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ltIIdqByQGGba5q8CyrnLg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ltIIdqByQGGba5q8CyrnLg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QVCMAA3GBJ9PDWJE6NJ1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ltIIdqByQGGba5q8CyrnLg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4CFA 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JQVFKYBRW2MYEYV92ZA8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 4CFA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Tg00tO8u-_a83oJk7ieKv8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6483728979704233368
42 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6483728979704233368
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 19 Nov 2022 03:20:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6483728979704233368
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 4CFA 		70 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 4CFA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFORDNYM1ktMUEtTDgwUQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFORDNYM1ktMUEtTDgwUQ==
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFORDNYM1ktMUEtTDgwUQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame CA43 		2 KB
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1668828020332&cv=11&fst=1668828020332&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&auid=1953817170.1668828020&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a78b32d679bed5e0c64fb39b7afe4680234d3406fd40a2ef15695d54619fd30e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
860
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame 282F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEPXTi9bnwRXqm5L1FiYFVZE&google_cver=1
43 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEPXTi9bnwRXqm5L1FiYFVZE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7C2ZoCEIfmwZ0CGK_xktQBMAE&v=APEucNXD-DIuyTvB0kGuTQEpa1kFX0z2zVjMbvrDhs5ZPECEzKHJnSrmNuJbM869gxc2fZpiX4tZonkkuTTOStBcsqG-bXW5Xw
Protocol
H2
Server
146.20.132.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:21 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEPXTi9bnwRXqm5L1FiYFVZE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 282F
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=b1E2cVQwcWxyN2M
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=b1E2cVQwcWxyN2M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7C2ZoCEIfmwZ0CGK_xktQBMAE&v=APEucNXD-DIuyTvB0kGuTQEpa1kFX0z2zVjMbvrDhs5ZPECEzKHJnSrmNuJbM869gxc2fZpiX4tZonkkuTTOStBcsqG-bXW5Xw
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 19 Nov 2022 03:20:21 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=b1E2cVQwcWxyN2M
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 282F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7C2ZoCEIfmwZ0CGK_xktQBMAE&v=APEucNXD-DIuyTvB0kGuTQEpa1kFX0z2zVjMbvrDhs5ZPECEzKHJnSrmNuJbM869gxc2fZpiX4tZonkkuTTOStBcsqG-bXW5Xw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 282F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3hLaa2fgsAZB0xPZIQo1QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7C2ZoCEIfmwZ0CGK_xktQBMAE&v=APEucNXD-DIuyTvB0kGuTQEpa1kFX0z2zVjMbvrDhs5ZPECEzKHJnSrmNuJbM869gxc2fZpiX4tZonkkuTTOStBcsqG-bXW5Xw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame 4CB0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEPXTi9bnwRXqm5L1FiYFVZE&google_cver=1
43 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEPXTi9bnwRXqm5L1FiYFVZE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7C2ZoCEIfmwZ0CGML0ktQBMAE&v=APEucNW45ZdHSnn3eTZsJP5NCmQjKgEH9t1WiFVaX0I9ZWJWSGlZk1jrOlPNN1Fytb7KTLiGyCDYYKGdhJ6aw6toByyZJyrFMQ
Protocol
H2
Server
146.20.132.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:21 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEPXTi9bnwRXqm5L1FiYFVZE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4CB0
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=Y01HZVA3QjdUMVE
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=Y01HZVA3QjdUMVE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7C2ZoCEIfmwZ0CGML0ktQBMAE&v=APEucNW45ZdHSnn3eTZsJP5NCmQjKgEH9t1WiFVaX0I9ZWJWSGlZk1jrOlPNN1Fytb7KTLiGyCDYYKGdhJ6aw6toByyZJyrFMQ
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 19 Nov 2022 03:20:21 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=Y01HZVA3QjdUMVE
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 4CB0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7C2ZoCEIfmwZ0CGML0ktQBMAE&v=APEucNW45ZdHSnn3eTZsJP5NCmQjKgEH9t1WiFVaX0I9ZWJWSGlZk1jrOlPNN1Fytb7KTLiGyCDYYKGdhJ6aw6toByyZJyrFMQ
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4CB0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3hLaa2fgsAZB0xPZIQo1QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7C2ZoCEIfmwZ0CGML0ktQBMAE&v=APEucNW45ZdHSnn3eTZsJP5NCmQjKgEH9t1WiFVaX0I9ZWJWSGlZk1jrOlPNN1Fytb7KTLiGyCDYYKGdhJ6aw6toByyZJyrFMQ
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKJJNi-6zru4g123-ki7jhA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B28611619.347749104;dc_ver=92.271;sz=300x250;u_sd=1;dc_adk=1593749571;ord=ce1u4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstObS7eQYcWStL-N9EgcRNfm6iTsl-uqJhsSjcQPSjY...
ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/ Frame 1A3A 		59 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28611619.347749104;dc_ver=92.271;sz=300x250;u_sd=1;dc_adk=1593749571;ord=ce1u4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstObS7eQYcWStL-N9EgcRNfm6iTsl-uqJhsSjcQPSjYKvV75DStFLIcMuYE7i-b-IPMYc2kGdkMbFWSsRSfzbJjg32SaCV1z9RCnOV84M8DZ-2Rl_1s8rB9IWzVJbgpIKoibjsWMoM_vslzUUo-p0rDglTjn9l8lKO-pLSzXdwCt72gN0f6t3kRDwV0CwWGfxAf8Q08z2z4gos2ZI315__pqk14pk10iFfm-vVarmQYsLLTq1cTrjYBz_ZpAvEPbXZ3Tjn6It5gOf6HvGYd_iRodHVz95K86FMFB-mlkkWISWcHOOkrkoE9z5ViGxHw3g%26sai%3DAMfl-YROkW5d9jCnrnpowtu_oZIPZkCah_HR5ltUzdoYV3heOVXC52ySuC0xsVdzLvSGcb7mXvqlUdI5aGYrnaJSMPqfjM5t_PmkLKB8gulof037Bf4afQN_m95KbopvMrF5%26sig%3DCg0ArKJSzKP9pLp_A26YEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0LtftJC-oE;stc=1;chaa=1;sttr=589;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f149.1e100.net
Software
cafe /
Resource Hash
4e0ed2ca39b17d551be05900cb086017f230a0d524577ccadaff6a5bf83f0be7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28010
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 4F52 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
Origin
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:39:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Nov 2022 12:39:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 4F52 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Df9kAaeg4V039qEq4tfTDm-N2Z5fbm1TxkRT8JwS0KyledZiAtxIcS9briXjaCCAtyz784z3aPGtv75NuZPcP8nOGSOOLFEU_p-sYOAjOspK-fYvDl_r9AVcq0BzksuSeeSt8XN2aTQbIqJ4y27p7emvUxSBSp5XRLdAyKRRaXwxSH6Qw&dbm_d=AKAmf-AcXz_whIno5jCkTkUUM0_zY7JtY24rSFqpDsJvzCFlNOim09wu5TkRtUn2_UNm1o_XsKjXf6_WSuJ_0SYgpMZOsemEEJXvFmghJYvvTYxsxJwRyKWOT1A5wgEcoQZ22QozlbrHDlo5nfrsIDMEfQ6VdSjo6PgI17AnWqMNCb6xQiMGAReFZs3WgrzlqMEjooI2VxwcJkkaRcQTZmemFh9rH0BV8O-Z2Bp0TeDCm2-t752uuGXryRl3_UHu2HXdnKSXjw8q8rxYXm9CCTIZPZ3sF53XyCf_Isl44jOd0i4LvA6Vs4AaLH9P5yrox-_yrHS8_9kdfpTRTZvRyeDON4GvXD4HwlQIvtsCEi0-F-VG3CsNznnI3mJlxLoTunyKI9FRmKz_z7kyMqRW5VEyjYvU9Kqs2Qhf5pEQxwnWOxTn-Xpu9dyUDC0VzdgJIWgBMoaA7r2xRnbzfNLlcma3qKcGGl7acsehQv8td1l9DkPeJBjFlM29yVGF5V8LjTxOQTeQ47rD61O7h1hqep5N0A8c0Fq4uS6wCKCt_S68S67vaMeH1lRGsR46Dkos3Ztwu7F45eaPawVmnswDjB9IIkBLm4TlKAaHOgTHNkDuB3KOJiUPgIuoqMyi7f8ZIqQexu6F3sJQj39rGT48SUR9YRoKZ7RPT8AprE0M7G5TBeociojX63zKILoiI3Q00J8-n-ag9ME8XSZ7YaApn8nrZFB5qtvEXckycGxOUIS_FAfZh0jtguG4OQytCZL3uBDKnJrF14qxEU1xTTY6QL-J2m9Nx3JLX-qjrisJkf3HMcDa6B6Eay5-hkS0N9QyeIWks13BJHlHEDHA2UEkXBix89qcJkiKeZYXnBWHk1Gtoj4uMmYqlRegxCyHhTaB9Y_dupBpRoJnnAViPDq7U_XkE7F_8fV4SrjDthG-TknL6jXIX50Uz8rZ7n4M3ehk2iJh1S6W2qI9SmcePzFIXSZFmyG9lw10KDX5BVgMHKyURhaEnMSnBIQjm_z9MN6vaXbPnm97U9wRjFiMHD8HNoei6md3oSLZg_XzMrhma1Dq_yszGNaFkJO4esdnk5129UON_x0ZVtYdqhOgYooknAgKh3TN9zc2nL65bDMKiz3JwwWXCoHr3CxF6xxQo17xgNlGarpkYs5vhcZ6XhJ5emmeSNxCZRIBhZtKr1kCckvxtJgmggHGeZ4kXKC56xcKlfJO95BjO2DFXcEYY4GrflYAGSCR14i7KlcsQcVd6rViROpnhxdgXhv4LJQGcHqLmYTPxLFdHhvzsDBtox34g5r_tIS-C56BkTfLQuwZwsobhwEqCoBiKYXwUx9ZxC6xIBLWAbOdRWjmB5NhFmD_5lECCNdako3y2BkDlTukbTyNtTieWpeFpLRxBdAvav2wxy7PTY6LhbPKoqeNyT84lZh32OFdTbXj2o7Mox389sdlebcvCuOnt2i2lktICW9hGzmsKzaR6omQnlekMYtOtbiOT1OT9Z5tWlLLfm-dKV4ZsdGMKSGNT_vIcDJz7b2aBWks8QFaH7GOzatvmveqYogAbWQ-8Wgnu0iG0XjCQd_iAGtxQHkDfk_rOcKPzveoO819QUTFtMuIcyCJEGasFxAPNqIjTYwexyZ6d-AXwPuZ_PRsYJc11b-Iqh__ewH95jgQ69m5xpCNSCOqkKSY6o9jriZ-GyOfwLjEzA8o9SKtO7NTS4q1P2J2CySu4eY6yda1YYN3cqJq5t4f8jN7ejvbFHFY3sQ_dhf98reCr4dKQF9Z1u3c2uqrPR2HGpscx-27yp4eRMGStL2Z_E6UhyyYDN_HW_kSuN3n8exTpXq9w7rkePGl6MQhQr-vZ-OVDVR2QuBVAWLZaf9KcdafvUeVP099HtIJ_gFpvVw_QWWn2VIWUfR1yb881M8qxFfXrDDZD-hfSdsnHGikecCEQnczUMAjOi4Q3Wy8GMmVIOaPcT69hKRVWW0_r9VhRairiOZIbg1vd8PGQsjFPbK7KGU4RW0ZZIZ0vwYHyVsaTYTV0R1lHXrRNCkExEEHXNR4QHbWq42pRKPUYGZMykwojuE6zXWC5FOnRkPefVkrXoYH3ccUtiXYGuYjoeCkB6VI8awG0G40vP2vr215dGFwJa3g1rTC6PG7-AcH2iwtY8SLiESCusRS6K3NvfnuVRBbMmowNt5FFcJrUJXnCADUL8-Ia2wpi5PLynhwiXs_9tYXFEsARp9GSH0EWf_O___LWtS5cx3mPrMWVTJjtitHKq9XaTzmahRlrEzDlLZafkLSlPN-64jdL6BJZZ0lR_HwjB-RPMYt8ecucFjFkewpR9S8Z4UdceOH0mmO7awdC_r8Wg5pEx5OThLsKp4dTK56Ci0agTK_e_V36_njTREm50LIIoABdRNVWf0dxRi4jMCxa4b8uZBwGodLftoGK-9mv0zh0E_593nj-d9Bbcpn4OV0Dzk0tdFc9xFgQKvdv0JqIDxLeOnx3O7SBEV1EuMEMscQxWdmVcGo2EMUGxDr3aaWdlFnQCNpViNvZM9xapfLn_cyR8NQ8hgDiHtxVkcLGS5Z5Sfwoibqa3Jsp2G8B78d5yGEOd2QtX_TzXRDHEXoDcNDyIds8ssHpCFLcufr4CofJsEDZbx_c-0k4iPp36SM5QWbjQWecfG-T3jgLm2yOFjUmWjkzmgg6sDYcHjixLFRi2y2O2-4dq_hWWxx766DHK6USVyB3XdyPqIVffqnllNfaFCVRXIA1FHvjh7PmHGNuZ8ixCyMSd63O5yp_cdrVQKV4MT_J8Dd6bx2CTSYgtNwkOFT5jWPYnT86Dm4_ojECYXarJucLeSqN88y7sY2SaDeTaysH2zOuSjjWX5lQPYJQHhyFulYj_QLOYQ2tzXRHQrxihWUdH4K6XunWRzBHI9Z3cRCLwpKKjwkjizONbnoSw9xSZMp73v-eFtrQI0aoaVZoyOB5Lzb1Wp7CCRD7f05nO4DT5Ot5dImpbk65Agb2rEzjoQNGDGL20BrLSVUZlrAl80suOgugebo_1Gs8Mj1xYCTXM5zHTVvobex5NLgtgU7rnZtIm0WgS7ZNxrxvxySZgRuhBN98jw6cZPdjCmh46OGJkORR4RmjIadk06AKMawDFfQnzMRVai6tnw2DocP3_OmNoxEVq3RPkMKrjZLH0VVky2HDjj4N7zMylr3fDULqHPgM6fSMtAGWGKcGnhggMeekINEkmT1yER9s3D-wL-LRA&pr=6:0.386703&cid=CAASEuRoxII6Ec4G0LZkf_vbdFY4jw&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NzE4MiZzaXRlSWQ9MzI2Mzk5JmFkSWQ9MTgyMTUyNSZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTc3MzA0NjkzNDU3NTM2MTA1MzgmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9RThENTQ2ODEtNkYzNC00OEM0LUI1ODItN0YwQzM3NEVBOUM3JnBhc3NiYWNrPTA%3D_url%3D&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
39340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:24:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 4F52 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Df9kAaeg4V039qEq4tfTDm-N2Z5fbm1TxkRT8JwS0KyledZiAtxIcS9briXjaCCAtyz784z3aPGtv75NuZPcP8nOGSOOLFEU_p-sYOAjOspK-fYvDl_r9AVcq0BzksuSeeSt8XN2aTQbIqJ4y27p7emvUxSBSp5XRLdAyKRRaXwxSH6Qw&dbm_d=AKAmf-AcXz_whIno5jCkTkUUM0_zY7JtY24rSFqpDsJvzCFlNOim09wu5TkRtUn2_UNm1o_XsKjXf6_WSuJ_0SYgpMZOsemEEJXvFmghJYvvTYxsxJwRyKWOT1A5wgEcoQZ22QozlbrHDlo5nfrsIDMEfQ6VdSjo6PgI17AnWqMNCb6xQiMGAReFZs3WgrzlqMEjooI2VxwcJkkaRcQTZmemFh9rH0BV8O-Z2Bp0TeDCm2-t752uuGXryRl3_UHu2HXdnKSXjw8q8rxYXm9CCTIZPZ3sF53XyCf_Isl44jOd0i4LvA6Vs4AaLH9P5yrox-_yrHS8_9kdfpTRTZvRyeDON4GvXD4HwlQIvtsCEi0-F-VG3CsNznnI3mJlxLoTunyKI9FRmKz_z7kyMqRW5VEyjYvU9Kqs2Qhf5pEQxwnWOxTn-Xpu9dyUDC0VzdgJIWgBMoaA7r2xRnbzfNLlcma3qKcGGl7acsehQv8td1l9DkPeJBjFlM29yVGF5V8LjTxOQTeQ47rD61O7h1hqep5N0A8c0Fq4uS6wCKCt_S68S67vaMeH1lRGsR46Dkos3Ztwu7F45eaPawVmnswDjB9IIkBLm4TlKAaHOgTHNkDuB3KOJiUPgIuoqMyi7f8ZIqQexu6F3sJQj39rGT48SUR9YRoKZ7RPT8AprE0M7G5TBeociojX63zKILoiI3Q00J8-n-ag9ME8XSZ7YaApn8nrZFB5qtvEXckycGxOUIS_FAfZh0jtguG4OQytCZL3uBDKnJrF14qxEU1xTTY6QL-J2m9Nx3JLX-qjrisJkf3HMcDa6B6Eay5-hkS0N9QyeIWks13BJHlHEDHA2UEkXBix89qcJkiKeZYXnBWHk1Gtoj4uMmYqlRegxCyHhTaB9Y_dupBpRoJnnAViPDq7U_XkE7F_8fV4SrjDthG-TknL6jXIX50Uz8rZ7n4M3ehk2iJh1S6W2qI9SmcePzFIXSZFmyG9lw10KDX5BVgMHKyURhaEnMSnBIQjm_z9MN6vaXbPnm97U9wRjFiMHD8HNoei6md3oSLZg_XzMrhma1Dq_yszGNaFkJO4esdnk5129UON_x0ZVtYdqhOgYooknAgKh3TN9zc2nL65bDMKiz3JwwWXCoHr3CxF6xxQo17xgNlGarpkYs5vhcZ6XhJ5emmeSNxCZRIBhZtKr1kCckvxtJgmggHGeZ4kXKC56xcKlfJO95BjO2DFXcEYY4GrflYAGSCR14i7KlcsQcVd6rViROpnhxdgXhv4LJQGcHqLmYTPxLFdHhvzsDBtox34g5r_tIS-C56BkTfLQuwZwsobhwEqCoBiKYXwUx9ZxC6xIBLWAbOdRWjmB5NhFmD_5lECCNdako3y2BkDlTukbTyNtTieWpeFpLRxBdAvav2wxy7PTY6LhbPKoqeNyT84lZh32OFdTbXj2o7Mox389sdlebcvCuOnt2i2lktICW9hGzmsKzaR6omQnlekMYtOtbiOT1OT9Z5tWlLLfm-dKV4ZsdGMKSGNT_vIcDJz7b2aBWks8QFaH7GOzatvmveqYogAbWQ-8Wgnu0iG0XjCQd_iAGtxQHkDfk_rOcKPzveoO819QUTFtMuIcyCJEGasFxAPNqIjTYwexyZ6d-AXwPuZ_PRsYJc11b-Iqh__ewH95jgQ69m5xpCNSCOqkKSY6o9jriZ-GyOfwLjEzA8o9SKtO7NTS4q1P2J2CySu4eY6yda1YYN3cqJq5t4f8jN7ejvbFHFY3sQ_dhf98reCr4dKQF9Z1u3c2uqrPR2HGpscx-27yp4eRMGStL2Z_E6UhyyYDN_HW_kSuN3n8exTpXq9w7rkePGl6MQhQr-vZ-OVDVR2QuBVAWLZaf9KcdafvUeVP099HtIJ_gFpvVw_QWWn2VIWUfR1yb881M8qxFfXrDDZD-hfSdsnHGikecCEQnczUMAjOi4Q3Wy8GMmVIOaPcT69hKRVWW0_r9VhRairiOZIbg1vd8PGQsjFPbK7KGU4RW0ZZIZ0vwYHyVsaTYTV0R1lHXrRNCkExEEHXNR4QHbWq42pRKPUYGZMykwojuE6zXWC5FOnRkPefVkrXoYH3ccUtiXYGuYjoeCkB6VI8awG0G40vP2vr215dGFwJa3g1rTC6PG7-AcH2iwtY8SLiESCusRS6K3NvfnuVRBbMmowNt5FFcJrUJXnCADUL8-Ia2wpi5PLynhwiXs_9tYXFEsARp9GSH0EWf_O___LWtS5cx3mPrMWVTJjtitHKq9XaTzmahRlrEzDlLZafkLSlPN-64jdL6BJZZ0lR_HwjB-RPMYt8ecucFjFkewpR9S8Z4UdceOH0mmO7awdC_r8Wg5pEx5OThLsKp4dTK56Ci0agTK_e_V36_njTREm50LIIoABdRNVWf0dxRi4jMCxa4b8uZBwGodLftoGK-9mv0zh0E_593nj-d9Bbcpn4OV0Dzk0tdFc9xFgQKvdv0JqIDxLeOnx3O7SBEV1EuMEMscQxWdmVcGo2EMUGxDr3aaWdlFnQCNpViNvZM9xapfLn_cyR8NQ8hgDiHtxVkcLGS5Z5Sfwoibqa3Jsp2G8B78d5yGEOd2QtX_TzXRDHEXoDcNDyIds8ssHpCFLcufr4CofJsEDZbx_c-0k4iPp36SM5QWbjQWecfG-T3jgLm2yOFjUmWjkzmgg6sDYcHjixLFRi2y2O2-4dq_hWWxx766DHK6USVyB3XdyPqIVffqnllNfaFCVRXIA1FHvjh7PmHGNuZ8ixCyMSd63O5yp_cdrVQKV4MT_J8Dd6bx2CTSYgtNwkOFT5jWPYnT86Dm4_ojECYXarJucLeSqN88y7sY2SaDeTaysH2zOuSjjWX5lQPYJQHhyFulYj_QLOYQ2tzXRHQrxihWUdH4K6XunWRzBHI9Z3cRCLwpKKjwkjizONbnoSw9xSZMp73v-eFtrQI0aoaVZoyOB5Lzb1Wp7CCRD7f05nO4DT5Ot5dImpbk65Agb2rEzjoQNGDGL20BrLSVUZlrAl80suOgugebo_1Gs8Mj1xYCTXM5zHTVvobex5NLgtgU7rnZtIm0WgS7ZNxrxvxySZgRuhBN98jw6cZPdjCmh46OGJkORR4RmjIadk06AKMawDFfQnzMRVai6tnw2DocP3_OmNoxEVq3RPkMKrjZLH0VVky2HDjj4N7zMylr3fDULqHPgM6fSMtAGWGKcGnhggMeekINEkmT1yER9s3D-wL-LRA&pr=6:0.386703&cid=CAASEuRoxII6Ec4G0LZkf_vbdFY4jw&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NzE4MiZzaXRlSWQ9MzI2Mzk5JmFkSWQ9MTgyMTUyNSZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTc3MzA0NjkzNDU3NTM2MTA1MzgmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9RThENTQ2ODEtNkYzNC00OEM0LUI1ODItN0YwQzM3NEVBOUM3JnBhc3NiYWNrPTA%3D_url%3D&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
39340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:24:40 GMT
truncated
/ Frame B669 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20875502438955cdb54618cef95302e816fd117baedfda67d839c2eea97d51d6

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame D377 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138413026295&pubOrder=3068195175&cb=1525276461&custom=homepage&custom3=168400391&adsafe_par&impId=16442a12-67b9-11ed-a75b-0679fa08ad36
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.49.143 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-49-143.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
c55691f16e9f7f68d23d0b8b0b5a91ed4ae77541c47cc8c5d1a6b7ec65b84dfe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 6235 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
Origin
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:39:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Nov 2022 12:39:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 6235 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTos0KSZFG43AoYoSOALZx1qhEnjg9_DzRQfpCXsyuTKkNsI0a93DU5nJTCsxzV5UewHL8_531VvxhUfnnZGkkaVKgegLfnjJLHO022lxSS-Hia2oP2b1oTafoY5XrSO5Ii_SRIgFkQyF06ZxFUj0bJsLZjPn0K21hp75yGIKn9wERnWQ&dbm_d=AKAmf-Aj6mHCV6caovxI9csxspiOo1pQB8wug_mt8YF26onKfE-dsG0wA2t5f1wy-ad1jmTsBg-ZJvRAZhtgHdBSll8c-9s4ZZCNoXjllQ5ARggUlRUQMGxjhP2XWOctVCTmq2gmWOcTD5H3iQynfkn7kTH9QRqqjkh_HbAyADIVpwO08ZiHF_wkiUQ3uKsc09tQmyCorzstp18akfJh3W9fSqUQuJLTt10zJEblfNB3RiO97JZU6vWuO-jFh2tRUT-g39NlPjW4aq4m0894dV1940D8cFRKhuR8F6bnj8TLZBqy-USsRUwTI1iVDN04HdBcr2n73MfNLihRugrozmso4JN5HWxCg1KXnQdLTNimXRYoKwc0CZY9EihKJ_5lrNEWesapzEQkLjMgmF8zrc4miBySoQfrhqBoycOGZ_oAC5Tv6bkfb1kFmwdC2-SEfGH7bnSi4m__cwReqJUxOjulAKXNF78D5vcP1QHy5bj-Iq33knHUcKGWzodusW3qAQ0DuP8OGROEtJx6M7A2rBIoBYTpU9pNk0vrWxObAuSu4QFKjyKIWRx5DDCE-eZ8B5Ht5QJpZyqJDrxhx1PB0u3qnoCc-V9zIYeuiupRqY8vLACyZ3mdFNqZBiQWmdbKAsiPJl2Q5H0VUSIudQB5TVqsgtYq7yMXa4-cyNVsvwV49mFqOsfcWJnassjQw2heSRWFfd14ds6Z6_8pnPYCO0QsUnJOC28WI8zOzSJ_PPhsAi6tHKgw4g9uyET6rb69ERrrLxTtXjT4_tbG5LMwkYK4KLNMecExKWlfocEae8Mezaix32xoRo8K0GAJ_kGfTEXXXjVBGx8sLT_RpMm63ZSSq9C1ltdpbi1pVQlB-3OU6PzcjK7enKsC84vqwJ0ixsEMMnLXJuz8pTEufstMvHrKhASyEFjOwl7X7hpEMqhs0RgfZ4yJPvMOHSzR4GLx1kJdsEoXwO5JgCRgYeIN50C3kXgSLQgg3kNaDumKDzLe7N91DksNGzt92VsuFKMq40p1vIalX1sA7tft99OsdrqTfQklH1WfAyCYVHnkhUv_pIsFOt9VhbwoMopCSwPaCqCJTMIFDDxC9ZoT0gWUXiR8JhsWdeKNYxHw-3f3_BgS1kB64ZhnLOPGfPGPpUgzjr8wISr5jv2yRY84po11jjHFXH6BvSszDC1ZMs-iR6wvk9gvm6Xffza13ywgotMYm8TnB69VvaI2PF1ANgWOdccyvG8K2M-28M6NKnETDBYtFrSr-vkZzDben7MuCOatKkoPUg7Cn54VjAfLwj9YkHuu5cTzwFLLOnTEqtzZ1Lr2JIwCu-V9zEIw8mtWWFL0800HDZ5x28FI3mMgRLaM7EwFrjCUH59UQtLCUyV4MYx-E0_8-ITVZoF3qg7XAj_KYMd4fZySQGRs04vwB8bkXO-uxgxydhhjFvk5Bnwx5hlDmE7XRo7jUb0N2HScSuHgItiCo45aUWDTLtbrg2Tfkk8oUysSgfRWHeSuxmuoJGyEaGiQpSIIJnQRPSC8a1bAl1bbzbcclHCMO2ET01zAcUl8iAdgw2Fa-7iKueNWoxH4sO3aw9joi8FjFmk7tAZvJYWqpxk0OP6FcFqM3dERpWNxycI0T4bZ9Pgi1c39Stavb8FxyxGzgNhTr7ttgr_UQlm6Tbo8erYd8iVdQzYDzbXEYf6PwglhgJLTbw1F6WmzGFQfErPiAtsJsGyGNkNVrLUqPXONzCPDowhuaNytjvw2irVcBGA3-PCeZzDKgAF_jE3ftsNW5nWcSvPzU5SXuKNFnjB6S8UApJpipHo0Ql5vMpCktmDiKlMXviCMfnT_4QCSH2t0K8XPoAuhXvMHT0qe-NnbYJQZEW6fWzY9IEAhTo3MdcRRSJ3bfWAY3JjH5X0FNqKEHNuDZ0PJ-BzuYH6gnhuCCtABVgR2m4_BuvPELt1s4JuqM16sd-INr3J7mlMd9poudmVoZqX71wfkUpZt1oTFq5MYrUi06Irhw9DI5GuY783QbtWdmyQdQimvZ6QLmP-uHHZ-TFV7gRpM83lD49TqERfmI6TR0UC3xphIpD_dPVA3uKkdrAU9TbeTwJ9Rv4LpXb4nZPhbYNsyacfd-7fWTMjSvZNoclO_dqRA0zciu7C-lmMqzPrX8QahH6UCQ8qLFirsmf1B6BvTHuwtg8Ffx0MIuYV9Y-Sht2_0l1vmIHO72NXSXcp1Skn_0O-46Rernt8gaXEdZ3syPHIwsFMiKuqhCtZInjIsVBoRcJUzYMTdw-s78Uf3dLvvVHOXx8elk0XwTKJbTofAH-BlMgu_UnWxvU95-q7sNIlRqkW6SQ1oNQfYLq3zJlFemnswtgoAb5aUXs_gpu_7_arpUg4tPuy7dSb_aI4F9EgxaJQlVKklKaMp_MwwYfserauyBrgrweUh98PRDJQGGKkY8vtPufexIVcJn8QltyRlAkl7xWyTzZdXtSjA2Z5N3rKScGd1SWaUftaMH_eA09lkrVn0SJTxIGrnyAwwEz-q7pfgwzW8a-8P6xZdGuOV85eWQBMYQoLfHh0SqlTNK_5EH-qKp-CmfgcA3tPIP7pA7AnUh8yOdtYnCz9UbH5m_eiXLFGHdl3UsfiqyFQyJNp3Re9o979gQwbU8xeHVPJ_YxfIGB_kILImp8BwfgQeC_acPz6JTxtLUxcjuHpWGrrp-qW6ldWDnODHmyr_g-io75hkyHGUNRNjtwg5rsnAxhRSX6ecX4PQALAxwMlRwfrP70oGU_n08fhJYh6yAIQF5n1dRGfIb2NZejOzJQCd2nBznEfHgGYQxdyzVe7yRS5aOtNRgYvruWPQTwXHS4AQM9CdkPdB7oRzLcbsjrtl5y32bwVz_Dmj6YECqlBsPsA_wBM4mQA2trBsbirLFKFa4_LzQ6Z_8C2YgmucMgbBd0VvVmOjYzktW4FsghKVeioEgGBOMGhn364QRTMg2Gr0oIhhseejnK6snuuyg5qTvp6_NVQkGii1j8Aja3G4UdM6ahcOFkXM4oz6SBRTlmlmO5dqjM6TrrUOaUGyWfhcbRHx62AWLAc3X77QkmjmnKiJHhUckKuL_718-4kpKzNyJIV0_sPQUgCDxjR49i6GOs1ylU5aVnQjJJj_-zzjYPeoce5NEvFKtDMbimKMPgqTNHqqHlLqc9fMkyPZiG5x3CXKR4ZwgNxE6maXB20S1bu1fY5QupBh&pr=6:0.551447&cid=CAASEuRokud6zT5N-j5ZFcgZZWn_UQ&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NzE4MiZzaXRlSWQ9MzI2Mzk5JmFkSWQ9MTgyMTU1MiZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTU5MTc3NDc4NzYwNTI5ODUxMTUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9Q0Q1MUU3MDYtMDAyOC00QUYyLUFDRjgtM0MzMEM4QjU4NjA4JnBhc3NiYWNrPTA%3D_url%3D&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
39341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:24:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 6235 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTos0KSZFG43AoYoSOALZx1qhEnjg9_DzRQfpCXsyuTKkNsI0a93DU5nJTCsxzV5UewHL8_531VvxhUfnnZGkkaVKgegLfnjJLHO022lxSS-Hia2oP2b1oTafoY5XrSO5Ii_SRIgFkQyF06ZxFUj0bJsLZjPn0K21hp75yGIKn9wERnWQ&dbm_d=AKAmf-Aj6mHCV6caovxI9csxspiOo1pQB8wug_mt8YF26onKfE-dsG0wA2t5f1wy-ad1jmTsBg-ZJvRAZhtgHdBSll8c-9s4ZZCNoXjllQ5ARggUlRUQMGxjhP2XWOctVCTmq2gmWOcTD5H3iQynfkn7kTH9QRqqjkh_HbAyADIVpwO08ZiHF_wkiUQ3uKsc09tQmyCorzstp18akfJh3W9fSqUQuJLTt10zJEblfNB3RiO97JZU6vWuO-jFh2tRUT-g39NlPjW4aq4m0894dV1940D8cFRKhuR8F6bnj8TLZBqy-USsRUwTI1iVDN04HdBcr2n73MfNLihRugrozmso4JN5HWxCg1KXnQdLTNimXRYoKwc0CZY9EihKJ_5lrNEWesapzEQkLjMgmF8zrc4miBySoQfrhqBoycOGZ_oAC5Tv6bkfb1kFmwdC2-SEfGH7bnSi4m__cwReqJUxOjulAKXNF78D5vcP1QHy5bj-Iq33knHUcKGWzodusW3qAQ0DuP8OGROEtJx6M7A2rBIoBYTpU9pNk0vrWxObAuSu4QFKjyKIWRx5DDCE-eZ8B5Ht5QJpZyqJDrxhx1PB0u3qnoCc-V9zIYeuiupRqY8vLACyZ3mdFNqZBiQWmdbKAsiPJl2Q5H0VUSIudQB5TVqsgtYq7yMXa4-cyNVsvwV49mFqOsfcWJnassjQw2heSRWFfd14ds6Z6_8pnPYCO0QsUnJOC28WI8zOzSJ_PPhsAi6tHKgw4g9uyET6rb69ERrrLxTtXjT4_tbG5LMwkYK4KLNMecExKWlfocEae8Mezaix32xoRo8K0GAJ_kGfTEXXXjVBGx8sLT_RpMm63ZSSq9C1ltdpbi1pVQlB-3OU6PzcjK7enKsC84vqwJ0ixsEMMnLXJuz8pTEufstMvHrKhASyEFjOwl7X7hpEMqhs0RgfZ4yJPvMOHSzR4GLx1kJdsEoXwO5JgCRgYeIN50C3kXgSLQgg3kNaDumKDzLe7N91DksNGzt92VsuFKMq40p1vIalX1sA7tft99OsdrqTfQklH1WfAyCYVHnkhUv_pIsFOt9VhbwoMopCSwPaCqCJTMIFDDxC9ZoT0gWUXiR8JhsWdeKNYxHw-3f3_BgS1kB64ZhnLOPGfPGPpUgzjr8wISr5jv2yRY84po11jjHFXH6BvSszDC1ZMs-iR6wvk9gvm6Xffza13ywgotMYm8TnB69VvaI2PF1ANgWOdccyvG8K2M-28M6NKnETDBYtFrSr-vkZzDben7MuCOatKkoPUg7Cn54VjAfLwj9YkHuu5cTzwFLLOnTEqtzZ1Lr2JIwCu-V9zEIw8mtWWFL0800HDZ5x28FI3mMgRLaM7EwFrjCUH59UQtLCUyV4MYx-E0_8-ITVZoF3qg7XAj_KYMd4fZySQGRs04vwB8bkXO-uxgxydhhjFvk5Bnwx5hlDmE7XRo7jUb0N2HScSuHgItiCo45aUWDTLtbrg2Tfkk8oUysSgfRWHeSuxmuoJGyEaGiQpSIIJnQRPSC8a1bAl1bbzbcclHCMO2ET01zAcUl8iAdgw2Fa-7iKueNWoxH4sO3aw9joi8FjFmk7tAZvJYWqpxk0OP6FcFqM3dERpWNxycI0T4bZ9Pgi1c39Stavb8FxyxGzgNhTr7ttgr_UQlm6Tbo8erYd8iVdQzYDzbXEYf6PwglhgJLTbw1F6WmzGFQfErPiAtsJsGyGNkNVrLUqPXONzCPDowhuaNytjvw2irVcBGA3-PCeZzDKgAF_jE3ftsNW5nWcSvPzU5SXuKNFnjB6S8UApJpipHo0Ql5vMpCktmDiKlMXviCMfnT_4QCSH2t0K8XPoAuhXvMHT0qe-NnbYJQZEW6fWzY9IEAhTo3MdcRRSJ3bfWAY3JjH5X0FNqKEHNuDZ0PJ-BzuYH6gnhuCCtABVgR2m4_BuvPELt1s4JuqM16sd-INr3J7mlMd9poudmVoZqX71wfkUpZt1oTFq5MYrUi06Irhw9DI5GuY783QbtWdmyQdQimvZ6QLmP-uHHZ-TFV7gRpM83lD49TqERfmI6TR0UC3xphIpD_dPVA3uKkdrAU9TbeTwJ9Rv4LpXb4nZPhbYNsyacfd-7fWTMjSvZNoclO_dqRA0zciu7C-lmMqzPrX8QahH6UCQ8qLFirsmf1B6BvTHuwtg8Ffx0MIuYV9Y-Sht2_0l1vmIHO72NXSXcp1Skn_0O-46Rernt8gaXEdZ3syPHIwsFMiKuqhCtZInjIsVBoRcJUzYMTdw-s78Uf3dLvvVHOXx8elk0XwTKJbTofAH-BlMgu_UnWxvU95-q7sNIlRqkW6SQ1oNQfYLq3zJlFemnswtgoAb5aUXs_gpu_7_arpUg4tPuy7dSb_aI4F9EgxaJQlVKklKaMp_MwwYfserauyBrgrweUh98PRDJQGGKkY8vtPufexIVcJn8QltyRlAkl7xWyTzZdXtSjA2Z5N3rKScGd1SWaUftaMH_eA09lkrVn0SJTxIGrnyAwwEz-q7pfgwzW8a-8P6xZdGuOV85eWQBMYQoLfHh0SqlTNK_5EH-qKp-CmfgcA3tPIP7pA7AnUh8yOdtYnCz9UbH5m_eiXLFGHdl3UsfiqyFQyJNp3Re9o979gQwbU8xeHVPJ_YxfIGB_kILImp8BwfgQeC_acPz6JTxtLUxcjuHpWGrrp-qW6ldWDnODHmyr_g-io75hkyHGUNRNjtwg5rsnAxhRSX6ecX4PQALAxwMlRwfrP70oGU_n08fhJYh6yAIQF5n1dRGfIb2NZejOzJQCd2nBznEfHgGYQxdyzVe7yRS5aOtNRgYvruWPQTwXHS4AQM9CdkPdB7oRzLcbsjrtl5y32bwVz_Dmj6YECqlBsPsA_wBM4mQA2trBsbirLFKFa4_LzQ6Z_8C2YgmucMgbBd0VvVmOjYzktW4FsghKVeioEgGBOMGhn364QRTMg2Gr0oIhhseejnK6snuuyg5qTvp6_NVQkGii1j8Aja3G4UdM6ahcOFkXM4oz6SBRTlmlmO5dqjM6TrrUOaUGyWfhcbRHx62AWLAc3X77QkmjmnKiJHhUckKuL_718-4kpKzNyJIV0_sPQUgCDxjR49i6GOs1ylU5aVnQjJJj_-zzjYPeoce5NEvFKtDMbimKMPgqTNHqqHlLqc9fMkyPZiG5x3CXKR4ZwgNxE6maXB20S1bu1fY5QupBh&pr=6:0.551447&cid=CAASEuRokud6zT5N-j5ZFcgZZWn_UQ&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NzE4MiZzaXRlSWQ9MzI2Mzk5JmFkSWQ9MTgyMTU1MiZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTU5MTc3NDc4NzYwNTI5ODUxMTUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9Q0Q1MUU3MDYtMDAyOC00QUYyLUFDRjgtM0MzMEM4QjU4NjA4JnBhc3NiYWNrPTA%3D_url%3D&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
39341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:24:40 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4F52 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 22:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
275710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 22:45:11 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6AE9 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=79183
content-encoding
gzip
content-length
13946
content-type
text/html
date
Sat, 19 Nov 2022 03:20:21 GMT
expires
Sun, 20 Nov 2022 01:20:04 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EC72 		1 KB
647 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
48302
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 13:55:19 GMT
etag
48472445140208031
expires
Sat, 19 Nov 2022 13:55:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4F52 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22e9cd1c63d981e40c0f75002a17d8d06ffc7159f741de319f4dd7df2d34dffa

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
increment
id5-sync.com/api/esp/ 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sat, 19 Nov 2022 03:20:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6235 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 22:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
275710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 22:45:11 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame C3E3 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=79183
content-encoding
gzip
content-length
13946
content-type
text/html
date
Sat, 19 Nov 2022 03:20:21 GMT
expires
Sun, 20 Nov 2022 01:20:04 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E833 		1 KB
647 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
48302
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 13:55:19 GMT
etag
48472445140208031
expires
Sat, 19 Nov 2022 13:55:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6235 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c9561742c95eb23efa08a9aaafe9c760a3580f9fc35ae4e70eaa8ed2eb0f55a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 126B 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138412773756&pubOrder=3068195175&cb=1108170245&custom=homepage&custom3=168400391&adsafe_par&impId=16442a15-67b9-11ed-a75b-0679fa08ad36
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.49.143 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-49-143.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
5ed63f92253823bb9bf301b85a3f7e1652bd282950fae6a9d41514ac5e88ed0b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
dpixel
cms.quantserve.com/ Frame EC72 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIfYBFla-2G7lmyUzFXu8f8&google_cver=1&google_push=ASkJ3FbV9paOHJgHmKkzeSCocjmazVra4WPKJux1bmLBU3B1qGy0296xblNqWs2X6AE0HZ3WSmZAKQwAN5xtPX9dmsnmBTzWUeY
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EC72
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=ASkJ3FapoSMHDdY3HN2pncQ5lmYMDAqQOuSd1_yZ3D0g_5kiILwwh6-iPgR6NMzUBYoMQUfXO02E07EKzTIjQhmuUna8c_enEmX-&google_gid=CAESEGXVnuXvyTm_eJgCTy0nwRg&google...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=ASkJ3FapoSMHDdY3HN2pncQ5lmYMDAqQOuSd1_yZ3D0g_5kiILwwh6-iPgR6NMzUBYoMQUfXO02E07EKzTIjQhmuUna8c_enEmX-&google_gid=CAESEGXVnuXvyTm_eJgCTy0nwR...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3FapoSMHDdY3HN2pncQ5lmYMDAqQOuSd1_yZ3D0g_5kiILwwh6-iPgR6NMzUBYoMQUfXO02E07EKzTIjQhmuUna8c_enEmX-&google_hm=AQ6k4SspdTkxks8ADv_jGr...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3FapoSMHDdY3HN2pncQ5lmYMDAqQOuSd1_yZ3D0g_5kiILwwh6-iPgR6NMzUBYoMQUfXO02E07EKzTIjQhmuUna8c_enEmX-&google_hm=AQ6k4SspdTkxks8ADv_jGrk4-cA
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:22 GMT
via
1.1 f6a003d0ac39dd4960506f9ca113dde8.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3FapoSMHDdY3HN2pncQ5lmYMDAqQOuSd1_yZ3D0g_5kiILwwh6-iPgR6NMzUBYoMQUfXO02E07EKzTIjQhmuUna8c_enEmX-&google_hm=AQ6k4SspdTkxks8ADv_jGrk4-cA
cache-control
no-cache
content-length
0
x-amz-cf-id
hAkPOXmdbO63r-EVLKdz6-U2fRSBiO2nO1SltqwOY7mRJwAKxuBOqA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame EC72
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEOJimvr8rKEDHbcUbxe07cU&google_cver=1&google_push=ASkJ3FYPPbTuIrotP9cALeeuJC4Q7TYdVBo1PiZ2hnvh2ZzdBBy2Ri9VYjcvnZR9XUD-We2XGHJtNkYpCMLmS44Mr8Y4ygzo-Zk
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZGxnX3VFT3BDNkMxQi1vdGRVdDRZdw%3D%3D&google_push=ASkJ3FYPPbTuIrotP9cALeeuJC4Q7TYdVBo1PiZ2hnvh2ZzdBBy2Ri9VYjcvnZR9XUD-We2XGHJtNkYpCMLmS...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZGxnX3VFT3BDNkMxQi1vdGRVdDRZdw%3D%3D&google_push=ASkJ3FYPPbTuIrotP9cALeeuJC4Q7TYdVBo1PiZ2hnvh2ZzdBBy2Ri9VYjcvnZR9XUD-We2XGHJtNkYpCMLmS44Mr8Y4ygzo-Zk
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZGxnX3VFT3BDNkMxQi1vdGRVdDRZdw%3D%3D&google_push=ASkJ3FYPPbTuIrotP9cALeeuJC4Q7TYdVBo1PiZ2hnvh2ZzdBBy2Ri9VYjcvnZR9XUD-We2XGHJtNkYpCMLmS44Mr8Y4ygzo-Zk
date
Sat, 19 Nov 2022 03:20:21 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
242
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame EC72
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIG_KgE2sfKD-eVuhN916sc&google_cver=1&google_push=ASkJ3FYFz6du6KAsPfr4yVAwoFbxydPW81497DXpPb0ZAuO7P3KDn6x_yzuYRiUC_67CDjjRvtdu4DeQn_QlinOxN4GXMb-...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYFz6du6KAsPfr4yVAwoFbxydPW81497DXpPb0ZAuO7P3KDn6x_yzuYRiUC_67CDjjRvtdu4DeQn_QlinOxN4GXMb-OQdo&google_hm=NjQ4MzcyODk3OTcwNDIzMzM...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYFz6du6KAsPfr4yVAwoFbxydPW81497DXpPb0ZAuO7P3KDn6x_yzuYRiUC_67CDjjRvtdu4DeQn_QlinOxN4GXMb-OQdo&google_hm=NjQ4MzcyODk3OTcwNDIzMzM2OA%3D%3D
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 19 Nov 2022 03:20:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYFz6du6KAsPfr4yVAwoFbxydPW81497DXpPb0ZAuO7P3KDn6x_yzuYRiUC_67CDjjRvtdu4DeQn_QlinOxN4GXMb-OQdo&google_hm=NjQ4MzcyODk3OTcwNDIzMzM2OA%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame EC72
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKpxL3hPfw2n58CEF3LX7ds&google_cver=1&google_push=ASkJ3FZtfPO-MpKG5J8ofcJCPg713QSufu9xhaM8zjzQRu5kuSIpGUPyVpM74OAGOUWg2KVxUfRhrasMcINYi...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FZtfPO-MpKG5J8ofcJCPg713QSufu9xhaM8zjzQRu5kuSIpGUPyVpM74OAGOUWg2KVxUfRhrasMcINYi9JvMNgs50zK8rKP&google_hm=dnBpV3hTcUctSk1BS2s1...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FZtfPO-MpKG5J8ofcJCPg713QSufu9xhaM8zjzQRu5kuSIpGUPyVpM74OAGOUWg2KVxUfRhrasMcINYi9JvMNgs50zK8rKP&google_hm=dnBpV3hTcUctSk1BS2s1N1hJZ1U=
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:21 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FZtfPO-MpKG5J8ofcJCPg713QSufu9xhaM8zjzQRu5kuSIpGUPyVpM74OAGOUWg2KVxUfRhrasMcINYi9JvMNgs50zK8rKP&google_hm=dnBpV3hTcUctSk1BS2s1N1hJZ1U=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EC72
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEMHP5h0mlic_KDIJ63ikocU&google_cver=1&google_push=ASkJ3FYuQYHrT51pj7TnHc6jxDrGsFy3yrjmnikzZNPxk5Gp66GDbtCG2-lBdkO-F9KOft79t_cvrr-0BMzVzEqmIpee1niS6bAM
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzExODI5NjIyNjgzNTc0NTAwMFYxMA%3d%3d&mn_hm=MzExODI5NjIyNjgzNTc0NTAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FYuQYHrT51pj7TnHc6jxDrGsFy...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzExODI5NjIyNjgzNTc0NTAwMFYxMA%3d%3d&mn_hm=MzExODI5NjIyNjgzNTc0NTAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FYuQYHrT51pj7TnHc6jxDrGsFy3yrjmnikzZNPxk5Gp66GDbtCG2-lBdkO-F9KOft79t_cvrr-0BMzVzEqmIpee1niS6bAM&gdpr=&gdpr_consent=
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:22 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzExODI5NjIyNjgzNTc0NTAwMFYxMA%3d%3d&mn_hm=MzExODI5NjIyNjgzNTc0NTAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FYuQYHrT51pj7TnHc6jxDrGsFy3yrjmnikzZNPxk5Gp66GDbtCG2-lBdkO-F9KOft79t_cvrr-0BMzVzEqmIpee1niS6bAM&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Sat, 19 Nov 2022 03:20:22 GMT
pixel
cm.g.doubleclick.net/ Frame EC72
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFMJwFrBEhG6wpHU3u_kMnw&google_cver=1&google_push=ASkJ3FbKD8HzSR-JVQoVKtEce5UnaOkl3WUEfkH1qtykxCAy1bbxhkl3NUp5u9kev5LNKeegV4h3fZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ASkJ3FbKD8HzSR-JVQoVKtEce5UnaOkl3WUEfkH1qtykxCAy1bbxhkl3NUp5u9kev5LNKeegV4h3fZeDfww8-x-2T4bEgXVeBT0&google_hm=Mzk4NzA0MTI...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ASkJ3FbKD8HzSR-JVQoVKtEce5UnaOkl3WUEfkH1qtykxCAy1bbxhkl3NUp5u9kev5LNKeegV4h3fZeDfww8-x-2T4bEgXVeBT0&google_hm=Mzk4NzA0MTI0ODE4OTA4MTYwNw%3D%3D
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ASkJ3FbKD8HzSR-JVQoVKtEce5UnaOkl3WUEfkH1qtykxCAy1bbxhkl3NUp5u9kev5LNKeegV4h3fZeDfww8-x-2T4bEgXVeBT0&google_hm=Mzk4NzA0MTI0ODE4OTA4MTYwNw%3D%3D
date
Sat, 19 Nov 2022 03:20:21 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame EC72 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IdaFEo5VeYPIoLpzurgR4jhQJ-mFbuqfB0FKjLlOpTDTaI3WohLXa320_DcXmmZO0wGyts
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 1A3A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28611619.347749104;dc_ver=92.271;sz=300x250;u_sd=1;dc_adk=1593749571;ord=ce1u4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstObS7eQYcWStL-N9EgcRNfm6iTsl-uqJhsSjcQPSjYKvV75DStFLIcMuYE7i-b-IPMYc2kGdkMbFWSsRSfzbJjg32SaCV1z9RCnOV84M8DZ-2Rl_1s8rB9IWzVJbgpIKoibjsWMoM_vslzUUo-p0rDglTjn9l8lKO-pLSzXdwCt72gN0f6t3kRDwV0CwWGfxAf8Q08z2z4gos2ZI315__pqk14pk10iFfm-vVarmQYsLLTq1cTrjYBz_ZpAvEPbXZ3Tjn6It5gOf6HvGYd_iRodHVz95K86FMFB-mlkkWISWcHOOkrkoE9z5ViGxHw3g%26sai%3DAMfl-YROkW5d9jCnrnpowtu_oZIPZkCah_HR5ltUzdoYV3heOVXC52ySuC0xsVdzLvSGcb7mXvqlUdI5aGYrnaJSMPqfjM5t_PmkLKB8gulof037Bf4afQN_m95KbopvMrF5%26sig%3DCg0ArKJSzKP9pLp_A26YEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0LtftJC-oE;stc=1;chaa=1;sttr=589;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
39341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:24:40 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1A3A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvD8_SUBoJW3y4vWaJGyk7vUF8frW2gWkVPvidCVbQR5Clc-rkDhJuIB-hE--3jQTgldmG0bxyRUXNuquDcrv5z4rDmDZNfA43Rjd7StVLvQKhVxGL731kSHXs2XqZYcc1L3jqSw3fkA9oEzVRMrRYBIiOUqOpqIwluj-ab7A&sai=AMfl-YR0x9YTKwigVGw0jL7MqIIw9XQ4Z5e5uQoUbDYrzCx47uMV-ZQGQwKhPhzprShkV7xQFN0yH6yg9dCCsmiHtJYlxZ4i7yp4NhmY1gr9&sig=Cg0ArKJSzPUgAafpx-eDEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.03541&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28611619.347749104;dc_ver=92.271;sz=300x250;u_sd=1;dc_adk=1593749571;ord=ce1u4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstObS7eQYcWStL-N9EgcRNfm6iTsl-uqJhsSjcQPSjYKvV75DStFLIcMuYE7i-b-IPMYc2kGdkMbFWSsRSfzbJjg32SaCV1z9RCnOV84M8DZ-2Rl_1s8rB9IWzVJbgpIKoibjsWMoM_vslzUUo-p0rDglTjn9l8lKO-pLSzXdwCt72gN0f6t3kRDwV0CwWGfxAf8Q08z2z4gos2ZI315__pqk14pk10iFfm-vVarmQYsLLTq1cTrjYBz_ZpAvEPbXZ3Tjn6It5gOf6HvGYd_iRodHVz95K86FMFB-mlkkWISWcHOOkrkoE9z5ViGxHw3g%26sai%3DAMfl-YROkW5d9jCnrnpowtu_oZIPZkCah_HR5ltUzdoYV3heOVXC52ySuC0xsVdzLvSGcb7mXvqlUdI5aGYrnaJSMPqfjM5t_PmkLKB8gulof037Bf4afQN_m95KbopvMrF5%26sig%3DCg0ArKJSzKP9pLp_A26YEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0LtftJC-oE;stc=1;chaa=1;sttr=589;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 03:20:21 GMT
sz6jfbnf7.js
cdn.krxd.net/controltag/ Frame 1A3A 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sz6jfbnf7.js?
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28611619.347749104;dc_ver=92.271;sz=300x250;u_sd=1;dc_adk=1593749571;ord=ce1u4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstObS7eQYcWStL-N9EgcRNfm6iTsl-uqJhsSjcQPSjYKvV75DStFLIcMuYE7i-b-IPMYc2kGdkMbFWSsRSfzbJjg32SaCV1z9RCnOV84M8DZ-2Rl_1s8rB9IWzVJbgpIKoibjsWMoM_vslzUUo-p0rDglTjn9l8lKO-pLSzXdwCt72gN0f6t3kRDwV0CwWGfxAf8Q08z2z4gos2ZI315__pqk14pk10iFfm-vVarmQYsLLTq1cTrjYBz_ZpAvEPbXZ3Tjn6It5gOf6HvGYd_iRodHVz95K86FMFB-mlkkWISWcHOOkrkoE9z5ViGxHw3g%26sai%3DAMfl-YROkW5d9jCnrnpowtu_oZIPZkCah_HR5ltUzdoYV3heOVXC52ySuC0xsVdzLvSGcb7mXvqlUdI5aGYrnaJSMPqfjM5t_PmkLKB8gulof037Bf4afQN_m95KbopvMrF5%26sig%3DCg0ArKJSzKP9pLp_A26YEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0LtftJC-oE;stc=1;chaa=1;sttr=589;prcl=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a664604e1419e2d44aca4ec63a70e26d9d77dbe885343ddc1bb486e2ed608bb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Sat, 19 Nov 2022 03:20:21 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1162
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-length
5493
x-served-by
config-service-a004-ash-prod.krxd.net, cache-iad-kjyo7100034-IAD, cache-syd10140-SYD
x-response-time
1
x-do-esi
esi
x-timer
S1668828022.597796,VS0,VE0
etag
"42fccaa015e6e1362362f34b805669045cc98afd"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 4, 166
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1A3A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28611619.347749104;dc_ver=92.271;sz=300x250;u_sd=1;dc_adk=1593749571;ord=ce1u4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstObS7eQYcWStL-N9EgcRNfm6iTsl-uqJhsSjcQPSjYKvV75DStFLIcMuYE7i-b-IPMYc2kGdkMbFWSsRSfzbJjg32SaCV1z9RCnOV84M8DZ-2Rl_1s8rB9IWzVJbgpIKoibjsWMoM_vslzUUo-p0rDglTjn9l8lKO-pLSzXdwCt72gN0f6t3kRDwV0CwWGfxAf8Q08z2z4gos2ZI315__pqk14pk10iFfm-vVarmQYsLLTq1cTrjYBz_ZpAvEPbXZ3Tjn6It5gOf6HvGYd_iRodHVz95K86FMFB-mlkkWISWcHOOkrkoE9z5ViGxHw3g%26sai%3DAMfl-YROkW5d9jCnrnpowtu_oZIPZkCah_HR5ltUzdoYV3heOVXC52ySuC0xsVdzLvSGcb7mXvqlUdI5aGYrnaJSMPqfjM5t_PmkLKB8gulof037Bf4afQN_m95KbopvMrF5%26sig%3DCg0ArKJSzKP9pLp_A26YEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0LtftJC-oE;stc=1;chaa=1;sttr=589;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 22:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
275710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 22:45:11 GMT
1555855612151696907
s0.2mdn.net/simgad/ Frame 1A3A 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1555855612151696907
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
0b69c2e6002a5330e9d710e3a1d6071b07b24c9dd32c882e4fc94120a9b33164
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 19:50:16 GMT
x-content-type-options
nosniff
age
199805
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59315
x-xss-protection
0
last-modified
Fri, 28 Oct 2022 09:30:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 19:50:16 GMT
ad_impression.gif
beacon.krxd.net/ Frame 1A3A 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=sz6jkbf85&campaignid=28611619&advertiserid=8082718&placementid=347749104&adid=541355939&creativeid=180888644&siteid=4088137
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.29.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-29-137.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n006-pdx-prod.krxd.net
date
Sat, 19 Nov 2022 03:20:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1668828021
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ad_impression.gif
beacon.krxd.net/ Frame 1A3A 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=sz6jfbnf7&campaignid=28611619&advertiserid=8082718&placementid=347749104&adid=541355939&creativeid=180888644&siteid=4088137
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.29.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-29-137.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n002-pdx-prod.krxd.net
date
Sat, 19 Nov 2022 03:20:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=21 t=1668828021
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A3A 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 03:20:21 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame E833 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIgaAQ65Y7G8BppyQ_znbh4&google_cver=1&google_push=ASkJ3FZrwsepR8YotlyzuiUxjixnGqFFPQY72SvW81lMDCCAEguo_FEXU9TUPso_n0JO5eKFEde0I0sdylukRP2fPt7Co4o2Vi89BBNUOzAulkJSn03FWLFekivO4fxr_ys_-LiC3VFagBrY
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
gdn.socdm.com/rtb/ Frame E833
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEBJLqV_1z6iDBNk5zEfw32Y&google_cver=1&google_push=ASkJ3FYuQS0JzSPMnCjuxhGYszequrbZzmSjKFbvPDninWgiWsD7m5eA4sLllYYM_RkWL...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WTNoTGFzQ284WWtBQUNzY3hmc0FBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEBJLqV_1z6iDBNk5zEfw32Y&google_cver=1
43 B
956 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEBJLqV_1z6iDBNk5zEfw32Y&google_cver=1
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
124.146.153.150 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 03:20:23 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEBJLqV_1z6iDBNk5zEfw32Y&google_cver=1","cluster_id":42,"gdpr":false,"ipv4":"173.245.209.165","key":"Y3hLasCo8YkAACscxfsAAAAA","privacy_sensitive":false,"uid":"Y3hLasCo8YkAACscxfsAAAAA","upstream_id":"a-ad40058"}
X-SO-Key
Y3hLasCo8YkAACscxfsAAAAA
X-SO-Upstream-ID
a-ad40058
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40058.dc2p.scaleout.jp
X-SO-UID
Y3hLasCo8YkAACscxfsAAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
173.245.209.165
X-SO-Cluster-ID
42
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
3
X-SO-LB-Hostname
m-ng9.dc4p.scaleout.jp

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEBJLqV_1z6iDBNk5zEfw32Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E833
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIUKu3r9ZYkQNwLkYkTlyAc&google_cver=1&google_push=ASkJ3Fbyx1lG5jg6i_lx0spFN3FQgWtPLwp1ISfwzpoLoUzJY07C0jQheiqUNI5ydfGYrXHdL5XD6g1R...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQxNjQ5Njk0MzIzNDM0OTc3OQ&google_push=ASkJ3Fbyx1lG5jg6i_lx0spFN3FQgWtPLwp1ISfwzpoLoUzJY07C0jQheiqUNI5ydfGYrXHdL5XD6g...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQxNjQ5Njk0MzIzNDM0OTc3OQ&google_push=ASkJ3Fbyx1lG5jg6i_lx0spFN3FQgWtPLwp1ISfwzpoLoUzJY07C0jQheiqUNI5ydfGYrXHdL5XD6g1RdtkWRcM0ZEOh6TEa779JEN5ldFfdfQyC3XSM1JzzPTrvlpux7kaOeMcdVoc-e3eU
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQxNjQ5Njk0MzIzNDM0OTc3OQ&google_push=ASkJ3Fbyx1lG5jg6i_lx0spFN3FQgWtPLwp1ISfwzpoLoUzJY07C0jQheiqUNI5ydfGYrXHdL5XD6g1RdtkWRcM0ZEOh6TEa779JEN5ldFfdfQyC3XSM1JzzPTrvlpux7kaOeMcdVoc-e3eU
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame E833
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIUKu3r9ZYkQNwLkYkTlyAc&google_cver=1&google_push=ASkJ3FY0RL73J1Tem5WwTvqlHFCisbddf0ZMMBomwvPBtXTIf3ImM96CgRJ51DFS8KCHJivsIEhTtTJ_...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQxNjQ5Njk0MzIzNDM0OTc3OQ&google_push=ASkJ3FY0RL73J1Tem5WwTvqlHFCisbddf0ZMMBomwvPBtXTIf3ImM96CgRJ51DFS8KCHJivsIEhTtT...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQxNjQ5Njk0MzIzNDM0OTc3OQ&google_push=ASkJ3FY0RL73J1Tem5WwTvqlHFCisbddf0ZMMBomwvPBtXTIf3ImM96CgRJ51DFS8KCHJivsIEhTtTJ_4QsbmnqK-6JJ_CXxUJkp6iEsiVHdOEg47aovrUUj58m_cQEXw-SZKKt0buvY3wJfMg
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQxNjQ5Njk0MzIzNDM0OTc3OQ&google_push=ASkJ3FY0RL73J1Tem5WwTvqlHFCisbddf0ZMMBomwvPBtXTIf3ImM96CgRJ51DFS8KCHJivsIEhTtTJ_4QsbmnqK-6JJ_CXxUJkp6iEsiVHdOEg47aovrUUj58m_cQEXw-SZKKt0buvY3wJfMg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame E833
Redirect Chain
  • https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEOHQt24ld_0rDKktjgJ_bIA&google_cver=1&google_push=ASkJ3FYED4NlzFeq6JnnNcdz_STuNBHuStehT9rYKPULM3b5c0YgF4OtLWmv2JRbHgBTCN_1lQpNMKHKh3PCS...
  • https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=ASkJ3FYED4NlzFeq6JnnNcdz_STuNBHuStehT9rYKPULM3b5c0YgF4OtLWmv2JRbHgBTCN_1lQpNMKHKh3PCSB8pENrbV0KvX7GXZUmnwJGW-l...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=ASkJ3FYED4NlzFeq6JnnNcdz_STuNBHuStehT9rYKPULM3b5c0YgF4OtLWmv2JRbHgBTCN_1lQpNMKHKh3PCSB8pENrbV0KvX7GXZUmnwJGW-l38t3C1FuIBe3P1lGmQRDhYozByyGD6G5pS
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=ASkJ3FYED4NlzFeq6JnnNcdz_STuNBHuStehT9rYKPULM3b5c0YgF4OtLWmv2JRbHgBTCN_1lQpNMKHKh3PCSB8pENrbV0KvX7GXZUmnwJGW-l38t3C1FuIBe3P1lGmQRDhYozByyGD6G5pS
Date
Sat, 19 Nov 2022 03:20:22 GMT
Server
nginx
Connection
close
Content-Length
0
Content-Type
Application/xml;charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E833
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEMHP5h0mlic_KDIJ63ikocU&google_cver=1&google_push=ASkJ3FaajVoN_B9zx-4sn9hBh9lOkWnuzwSb2EwowMDwEQJdi2yp4N4Ht_RUKpK2WT4fu5wJ97aoybJX2lVpNcNb5UBC7J7Fl...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzExODI5NjIyNjgzNTc1MjAwMFYxMA%3d%3d&mn_hm=MzExODI5NjIyNjgzNTc1MjAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FaajVoN_B9zx-4sn9hBh9lOkWn...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzExODI5NjIyNjgzNTc1MjAwMFYxMA%3d%3d&mn_hm=MzExODI5NjIyNjgzNTc1MjAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FaajVoN_B9zx-4sn9hBh9lOkWnuzwSb2EwowMDwEQJdi2yp4N4Ht_RUKpK2WT4fu5wJ97aoybJX2lVpNcNb5UBC7J7FlJ3KDGYlXFsjmYzEKxAgdl6YjIfTzO3U-CK6ITlU01WkawlN7Q&gdpr=&gdpr_consent=
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:22 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzExODI5NjIyNjgzNTc1MjAwMFYxMA%3d%3d&mn_hm=MzExODI5NjIyNjgzNTc1MjAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FaajVoN_B9zx-4sn9hBh9lOkWnuzwSb2EwowMDwEQJdi2yp4N4Ht_RUKpK2WT4fu5wJ97aoybJX2lVpNcNb5UBC7J7FlJ3KDGYlXFsjmYzEKxAgdl6YjIfTzO3U-CK6ITlU01WkawlN7Q&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Sat, 19 Nov 2022 03:20:22 GMT
pub
cs.chocolateplatform.com/ Frame E833 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame E833 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JVaHtcTmnCvC5DJ24-24XRnxSgoBeR9n_v4tmBrOHM_pMUG1fg3fzEQi2esVo7yWWzLNDr
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
PugMaster
image6.pubmatic.com/AdServer/ Frame 6AE9 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4833728&p=157182&s=326399&a=0&ptask=DSP&np=0&fp=1&rp=0&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
d50c44d22281e0231ac803d59f1c6a1e3d4aba10e392cbaaae962f8477e26531

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 19 Nov 2022 03:20:21 GMT
content-length
1636
content-type
text/html; charset=UTF-8
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.196.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-196-126.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
/
www.google.com/pagead/1p-user-list/859754747/ Frame 414C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1668828018837&cv=9&fst=1668826800000&num=1&guid=ON&eid=376635471%2C375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=3491355711&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/859754747/ Frame 414C 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/859754747/?random=1668828018837&cv=9&fst=1668826800000&num=1&guid=ON&eid=376635471%2C375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=3491355711&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/707564276/ Frame CA43 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1668828020332&cv=11&fst=1668826800000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3318347940&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/707564276/ Frame CA43 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/707564276/?random=1668828020332&cv=11&fst=1668826800000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3318347940&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4755 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkdfq4CzRqVPMqc-Ii1Xy4BFNJeRYW_LTzKhoGa3bxM0bmYcC68uGlKxw9EZv2fsRRXFr3oOnPL4FlGI04eJl3Wh4JEHf3MeWaeIuT2UKsAC8N_DkG9CtNA8w8lNCB2DvD9Pzec6EExE5-qulsUHJCs5j0lhUZ0YWvbs1Vbqim106x5BtE6IV4zbDyB-q31Cpwm0YlI8sU1GW1DnlGKcjEHQrDwyZyjlVUapGwU_0jRmPr9VzTmZiDLKwDFRxK5tXc8SZoBkfdkpXxDuPu181765NaU65hq_8ED48eCeIN_ufZnCtnTJQLN6YciX-oOW_M744w&sai=AMfl-YR55TTAXf1hb6XB15RT0gXgjwU4-4Hs-0H7FuYXrWu-ZMCctZ2_1FOFM1Z3V1yLCcZcL29KbTz96JfJ2zzkDU4n3sU9f7z7eHBxQ3uGX8v9zTvBpOvttSslzWvCQN1d&sig=Cg0ArKJSzNkME8TVyBlaEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 03:20:21 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 16BB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
274445
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 23:06:16 GMT
expires
Wed, 15 Nov 2023 23:06:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F52 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=B_xEMdEt4Y6zgHZe9yAPaqoPwDAAAAAA4AeAEAg
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame 230E 		2 KB
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1668828021614&cv=11&fst=1668828021614&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&auid=1953817170.1668828020&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
557cf69a557275ffccea5168a52ebd426abf4dc843458381fe7faf031f49e4fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
857
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B976 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
274445
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 23:06:16 GMT
expires
Wed, 15 Nov 2023 23:06:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5BF9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hLagAAARhXzQA7&gdpr=0&gdpr_consent=
1 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hLagAAARhXzQA7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 03:20:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 19 Nov 2022 03:20:21 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hLagAAARhXzQA7&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-syd10136-SYD
x-timer
S1668828022.899601,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame D70C
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xvbdsp9y67t
1 B
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xvbdsp9y67t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 03:20:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Sat, 19 Nov 2022 03:20:22 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xvbdsp9y67t
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
1
Pug
image2.pubmatic.com/AdServer/ Frame 85E7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cnUi4nAkIu9pI3TrISU4u3NwceNpJyy5dnWMAlQY
42 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cnUi4nAkIu9pI3TrISU4u3NwceNpJyy5dnWMAlQY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 19 Nov 2022 03:20:21 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cnUi4nAkIu9pI3TrISU4u3NwceNpJyy5dnWMAlQY
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 2C36
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=557869551418898506&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=557869551418898506&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
fcd2bbbd-2fe5-4196-9a9d-daa6f3d4a8e6
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 19 Nov 2022 03:20:21 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=557869551418898506&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame F8CA
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 03:20:21 GMT
expires
Sat, 19 Nov 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1423921
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0563
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=O3yAKFybQ8Bgjmk6w6vnJ6310aU
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=O3yAKFybQ8Bgjmk6w6vnJ6310aU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Sat, 19 Nov 2022 03:20:21 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=O3yAKFybQ8Bgjmk6w6vnJ6310aU
SPug
image4.pubmatic.com/AdServer/ Frame 6AE9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oDR6E01E2uXGZ35oGJGLTap53WWzjgQ-~A&gdpr=0&gdpr_consent=
0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oDR6E01E2uXGZ35oGJGLTap53WWzjgQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oDR6E01E2uXGZ35oGJGLTap53WWzjgQ-~A&gdpr=0&gdpr_consent=
date
Sat, 19 Nov 2022 03:20:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 6AE9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6416496943234349779
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6416496943234349779
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6416496943234349779
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 6AE9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3cab3366-7473-4804-944c-659682ec4039&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10521886487974600733&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=0e11d93b-d848-45dd-9911-3ebf4e499df8&ssp=pubmatic&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10521886487974600733&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=231733304340001964306&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10521886487974600733&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3cab3366-7473-4804-944c-659682ec4039&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3cab3366-7473-4804-944c-659682ec4039&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 03:20:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3cab3366-7473-4804-944c-659682ec4039&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Sat, 19 Nov 2022 03:20:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6AE9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4508445342604819091&gdpr=0&gdpr_consent=&us_privacy=
1 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4508445342604819091&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 03:20:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4508445342604819091&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4F52 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 03:20:24 GMT
index.html
s0.2mdn.net/sadbundle/8429175054428509462/ Frame 624E 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8429175054428509462/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
ef8ada9cc4c13d8dec0c08d17408e56b08f925ad761589894de2c2a618052fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
110147
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5069
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 20:44:35 GMT
expires
Fri, 17 Nov 2023 20:44:35 GMT
last-modified
Mon, 26 Sep 2022 14:57:15 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4F52 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFYBHJtsGQy4vfyTnmwW3SrpGgX2sGqqrTfzdkU6yfmco_Mry5KJKcm6YqQ8AXvZiyaBnJ-7_ACUfTgJKhEosOfyKxxggxsaP5n-m7tmXCDtPkndwpf-cq8ijKryD2F2xqJzMX6m0eIxsnp0nZiCboW6-u2S1aRREOu6fi6P08dT7Qnq0fTeJNxFwHSV0UUtgNNewY1dnHM7BLO5ddyJfzJ423KdfVwxqMENWfdTLxoLcHe3CKTo4hqEA-1LYWcRq_9cYC3rFyEDAPyoKf_ohhSBo1i6gV8w7anxVxJf4SRIjrhAa-M8mDbIZJuKLI4TANh07MqYclbDN6ppn1ThKgdJNHLZIuWxt7TZZhn7XgLP8hIU7SJkpKWaTs5wj-LfXRfUjsXGq7GJF6Ri8yGggBe8cF586R-l1Im4PdZOfYUscU-VAGJbWTKJil_QjRN98relRWmLCnZJK5YVQ_54xr3EDoR7I3KLLZBTr7CdUEiDvNSU1HY-crQfeXYhyizciV_vznfNKq5jf-0SVDh2WtbxW3UF5EFnrv2iFvsXqvAp4h_9-e-EiU6B4vqObOk4iGwt986uAjp4zjAbQt3H76mwHgtTeylxqFi4T1pQwEjUNi8VOu1pNCi0GGOQaA6nGsjXJ52OwFfa2km_fuvQO_8MN9OxixQpWv2e7V97AIbzjhECg-mz1Sj4ksAC0F7DuB1aNKyUMAMTsmnko2MkYgDGpQkP6DMycARo0pK9714DwPMEAouemi94uZ5MG0FHe99qWIPCmqXXk3AAvaUsP0ktnIHYMJ-952SuhUmQgISe06Kk7rbRuEKMZMoBwfsEaLhV0b2dk8_79qgcT41AULpH-FOnqWNSwzD2jFGAzPzPvRVqr7rP5SytiKqRyfIgSIlQuN1aj0ZJA7hEZEV59mnfRwY4-IYmDczd83OiBP5XlD7lItzKofLAiPsYrzmO9HbU-2B-fK62Uft3glkGW3Udqpmc8XFpFzJB-pVfbF1uPEe8l-PdmS_f6jtrFxO4oE2qJgF2r616_G6Ekw2GrwP7UUTNxTyLlf_7onRVT6sNh2mno7IBaN90mhlL8n08SiUQNKkCVKT2tO1W4fE6CKJfGcXp-Z21durelc-YSnFpxtaa6an8i0pfwPmdRmrsm1_AlPsRyx3gUr8uDGnI5kL3IUhHWW8adua_AKXiB9j2vo7pJi2fvtdHSiBG-cdrhwfBZ0WWJ0vHTKkbrpmOwcIRfKMedwH8uZkcbK3g&sai=AMfl-YRGXhinSfHc0iYjcS7_GKDPss-5rwdVYfxg95oSaECVePhMZqc5Cuo3KCJKTuxyDdgF0gsLZ9YhXh0kF58a1u041TQ7hx_eClc4QE8x6nybhbwSfMA5nOX1jfpOjLE7srBft9BoEdE2nFbWLrAX4x63rIK0eAo6g3I&sig=Cg0ArKJSzHgeQJdGA8BKEAE&uach_m=[UACH]&pr=6:0.386703&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=841&cbvp=1&cstd=838&cisv=r20221110.56346&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 19 Nov 2022 03:20:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 03:20:21 GMT
m
secure-gg.imrworldwide.com/cgi-bin/ Frame 4F52 		44 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn352761&cr=178772036&ce=N1381871.279382DBMUTASCOLOUDERDI&pc=347121494&ci=nlsnci3744&am=1&at=view&rt=banner&st=image&r=3575472960%22style=%22display:none%22&C78=G1,DCM&uoo=0
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.213.124 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-213-124.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame 1A3A 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sz6jfbnf7.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Sat, 19 Nov 2022 03:20:21 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
168842
age
21382360
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
84509
x-served-by
cache-syd10140-SYD
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1668828022.734195,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
truncated
/ Frame 1A3A 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2075fd357d315f69b808248d36c3d99795becb149033d022c81b1a03beccdb1f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 1D5D 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138413026298&pubOrder=3068195175&cb=254077713&custom=homepage&custom3=168400391&adsafe_par&impId=16442a13-67b9-11ed-a75b-0679fa08ad36
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.49.143 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-49-143.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
bf48ea036703a22f9dddf0cce9e2b1f18797b3b3224a6fc97294054deea01c96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EA87 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
274445
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 23:06:16 GMT
expires
Wed, 15 Nov 2023 23:06:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.196.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-196-126.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
main.19.8.365.js
static.adsafeprotected.com/ Frame 126B 		196 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.365.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138412773756&pubOrder=3068195175&cb=1108170245&custom=homepage&custom3=168400391&adsafe_par&impId=16442a15-67b9-11ed-a75b-0679fa08ad36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-105.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
216ba835e231434cd3c2ce6e760ded2025d6e4f56cc58facbff381b0b2a87fd1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:49:22 GMT
x-amz-version-id
Vqi07xtV7_e2oYjjMO93A9MKtrJ0y1dj
content-encoding
gzip
via
1.1 68e9cf75e80989314f45f964ce8fa084.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
268259
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 15 Nov 2022 22:25:26 GMT
server
AmazonS3
etag
W/"e5052dd7e7b2a5bcce2aed91a616a5dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Fb4KTNoZzs3R6ptejgtqDdP-8L-saz7mpjjlgyavkcCYAmxR7Jx5LQ==
main.19.8.365.js
static.adsafeprotected.com/ Frame D377 		196 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.365.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138413026295&pubOrder=3068195175&cb=1525276461&custom=homepage&custom3=168400391&adsafe_par&impId=16442a12-67b9-11ed-a75b-0679fa08ad36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-105.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
216ba835e231434cd3c2ce6e760ded2025d6e4f56cc58facbff381b0b2a87fd1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:49:22 GMT
x-amz-version-id
Vqi07xtV7_e2oYjjMO93A9MKtrJ0y1dj
content-encoding
gzip
via
1.1 68e9cf75e80989314f45f964ce8fa084.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
268259
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 15 Nov 2022 22:25:26 GMT
server
AmazonS3
etag
W/"e5052dd7e7b2a5bcce2aed91a616a5dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
n2sbFifl0DkboO96qw8QgGdQV3b8sKxKINRmYkKtFk-2g6ZCf17-JA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6235 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 03:20:24 GMT
index.html
s0.2mdn.net/sadbundle/4795973331100619613/ Frame 1AB4 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4795973331100619613/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
d21cc2e3d89e527ce95d0db25f4fc10c2fd7d00a523d547a580face8d93366fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
47861
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5134
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 14:02:41 GMT
expires
Sat, 18 Nov 2023 14:02:41 GMT
last-modified
Mon, 26 Sep 2022 14:57:44 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6235 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsunff7DYreTsav1Yp7oycro8pRd-4CISWzJJN91QkNvj_57iYJhzPk_PoyVP4ivJP3tUjSqZg2AGm8I3TD4F21SLo1Cd4sa6otGtTm_O9rqAHFz7_4gxCJsVFoLVkPm5qq1crVHUT20zzi8EZGwktlRJk1Rd_-DxQD34WwUwh_dP2-_SyMWJ4gEo9gs4uLSN9bSOwMCi8Fu8_X14IcJUs9ft1koQDmqu1XY8qiSD_eVAqfYheb35ChKtnDhqDdSCkbq8JzxRVDTHoBWX9b5Xzg3xTODwWJtKVnbxGOzNaB_CkLvvtY32-YjpKk1713pbqumfSYfjfUe5ZwUCHjw3VFDty5rFNs5cudxkIXkvqQxLnb3WhAPcsh8WcbqWD859XZ78F91peEevpZLXwGZl0xsxCdIji63Wv9PHpx07_mDGojFJSJRgwnlvz91__M-XDApt3nAFXGSP7V9YoW_p_tKcCvF98Gc4LXxwSy2B2G8mg3KLpcl7ByP-U4VUfQ7IexEfsjuu9gWI_AMcrBi-1pqWMuPCnc2NOk1qQNml-j_gQvIDMe-MUsM9__iGtzXf1kq9narwmAqUu34kjScEFB2oNRQuM-u3swGkyNbC5qECXP1tmUMfHZ_y-GmZ_YJ1X04x4Iy1_SE-rrAgs1aAoZ38-ifYlbnqAwidxDc8PRZpTxRg3IQxZlxmmnERiU9S4aIWG4r7_t5KVwig5h_grGj2-ImmLeXfi_woLEYNGTZ__A8v9wotn25gHgkCwFRQ2S_lJ4yEVQXYyR_ZuRFpiQk460-qT9m32etfn-cEmQfzQxv9SOj4Y4yscGBLV4-4rjASejTk_CweK5RCjRAaC3MpnMZ11AnZhLLDprtspsSM_e5DvBMSb4ei-A6Qwjt8_gtfgvgv91s2r0E7rMtBytNh8gMSJINHux1qky8ZtxVQu02TsAgRazuPPge8UT-czy7W26iikBkQA6jHZzQEB3Jp5sAbKjBOqHeFBUL8JtskzPHQr_2R79BKb-grefzP4nxWfHNfyIlpTtm3epTwCPpJ2dnhbQhYIhXORICYlmI7hOlSxk2_mbbCzoT_jeaMXR4L_VyfjOWTDQfxQ8AXIW-FvqVGEzvAAsqbkt8k903porr7puywWVjMS6YrNKPxHyxhLYjgxUg6wejucYDZa6LtlfHTLvEiBDAoWUMvCuHIXxDU_f5bVWaVy4Rahkhn3162_1PjmHZmA9im7oxAKYsABbOmebo&sai=AMfl-YRpzAE3ZtUNkYHfTbTgbxsVEtYq-XiSkX8H1ijSBwhVipawc6yit8S6ADAAMAab5_Yz9QAZoVdPldspV_PpQ8scPyP-9QeCpS2e49keGaxY0vv-bIvGBrQeS7Xl-j0ojQ874yxd1tIi-F_7B6YqTDeVumoIkVMEVm4&sig=Cg0ArKJSzE7-X8epDb0REAE&uach_m=[UACH]&pr=6:0.551447&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=834&cbvp=1&cstd=832&cisv=r20221110.95953&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 19 Nov 2022 03:20:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 03:20:21 GMT
m
secure-gg.imrworldwide.com/cgi-bin/ Frame 6235 		44 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn352761&cr=178772045&ce=N1381871.279382DBMUTASCOLOUDERDI&pc=347416077&ci=nlsnci3744&am=1&at=view&rt=banner&st=image&r=672606364%22style=%22display:none%22&C78=G1,DCM&uoo=0
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.213.124 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-213-124.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
www.google.com/pagead/1p-user-list/820018408/ Frame 230E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820018408/?random=1668828021614&cv=11&fst=1668826800000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2987979171&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/820018408/ Frame 230E 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/820018408/?random=1668828021614&cv=11&fst=1668826800000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2987979171&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame 16BB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:56:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
217429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Nov 2023 14:56:32 GMT
ad_impression.gif
beacon.krxd.net/ Frame 1A3A 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?campaignid=28611619&advertiserid=8082718&placementid=347749104&adid=541355939&creativeid=180888644&siteid=4088137&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=5bb1a854-5225-4e13-bbe6-aec479649e32&confid=sz6jfbnf7
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.29.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-29-137.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n015-pdx-prod.krxd.net
date
Sat, 19 Nov 2022 03:20:22 GMT
cache-control
private, no-cache, no-store
x-request-time
D=47 t=1668828022
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
9387eb504f31179bdcd7cba9e015bccc
content.api.news/v3/images/bin/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/9387eb504f31179bdcd7cba9e015bccc?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
888efefa4bae7462eeb492b1b2c5554f9c011c05bd212c80f35ed4ff36a5ab0c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:22 GMT
last-modified
Sat, 19 Nov 2022 02:05:05 GMT
server
Akamai Image Manager
etag
c6f3baeee34dc91ff0ab423bb8f39680-9387eb504f31179bdcd7cba9e015bccc-320
edge-cache-tag
9387eb504f31179bdcd7cba9e015bccc
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5179404
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
13425
expires
Wed, 18 Jan 2023 02:03:46 GMT
328a533346431ffb5a78bfb749081fb0
content.api.news/v3/images/bin/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/328a533346431ffb5a78bfb749081fb0?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
751049bc37024119640ca4beeea7c67d8ccf95e7d6e4633d9f1afd3cc5484fcd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:22 GMT
x-check-cacheable
YES
edge-cache-tag
328a533346431ffb5a78bfb749081fb0
content-length
12277
last-modified
Fri, 18 Nov 2022 18:01:08 GMT
server
Akamai Image Manager
x-serial
1894
etag
3775484ba451d3b6311ef666a0082496-328a533346431ffb5a78bfb749081fb0-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5150465
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 17 Jan 2023 18:01:27 GMT
main.19.8.365.js
static.adsafeprotected.com/ Frame 1D5D 		196 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.365.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138413026298&pubOrder=3068195175&cb=254077713&custom=homepage&custom3=168400391&adsafe_par&impId=16442a13-67b9-11ed-a75b-0679fa08ad36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-105.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
216ba835e231434cd3c2ce6e760ded2025d6e4f56cc58facbff381b0b2a87fd1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:49:22 GMT
x-amz-version-id
Vqi07xtV7_e2oYjjMO93A9MKtrJ0y1dj
content-encoding
gzip
via
1.1 68e9cf75e80989314f45f964ce8fa084.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
268260
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 15 Nov 2022 22:25:26 GMT
server
AmazonS3
etag
W/"e5052dd7e7b2a5bcce2aed91a616a5dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
2glHZqqjfEIa0NgJt4IcuiCfHGqpxxeZbnWmEgz4BwiD2fJHRvVVtQ==
2667891553612180355_1667548731684_script.js
massets.bonzai.co/ Frame B669 		337 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/2667891553612180355_1667548731684_script.js
Requested by
Host: invoke.bonzai.co
URL: https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=2667891553612180355&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=266920143196706123&rnd=1128617417
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c49928247ac43f83ebf63fc22f836d61be1b1be432e965be1e6d3e7eda2c433

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 01:06:57 GMT
content-encoding
gzip
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 07:58:59 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
1044806
etag
"76dc5ccc2ae10c4dbf5f749e6e552304"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31104000
accept-ranges
bytes
content-length
133432
x-amz-cf-id
WtYW7XQ56Udv0HMHhFf3lEfI6TUSQzfmjMLwl3heG3upjAUBhLHeiw==
rec
collector.bonzai.co/ Frame B669 		0
0
B28611619.347748519;dc_pre=COm6yuukufsCFWUOtwAdEDEFdA;dc_trk_aid=538999851;dc_trk_cid=178895209;ord=1128617417;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/ Frame B669
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28611619.347748519;dc_trk_aid=538999851;dc_trk_cid=178895209;ord=1128617417;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
  • https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28611619.347748519;dc_pre=COm6yuukufsCFWUOtwAdEDEFdA;dc_trk_aid=538999851;dc_trk_cid=178895209;ord=1128617417;dc_lat=;dc_rdid=;tag...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28611619.347748519;dc_pre=COm6yuukufsCFWUOtwAdEDEFdA;dc_trk_aid=538999851;dc_trk_cid=178895209;ord=1128617417;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.130.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f149.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:22 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28611619.347748519;dc_pre=COm6yuukufsCFWUOtwAdEDEFdA;dc_trk_aid=538999851;dc_trk_cid=178895209;ord=1128617417;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rec
collector.bonzai.co/ Frame B669 		0
0
5bb1a854-5225-4e13-bbe6-aec479649e32
consumer.krxd.net/consent/get/ Frame 1A3A 		219 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5bb1a854-5225-4e13-bbe6-aec479649e32?idt=device&dt=kxcookie&callback=Krux.ns.myer.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7eed21740305ef907c076f7fe204726291215471a6f0d2da05b2d88f4a80b0ec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
consumer-a005-pdx-prod.krxd.net, cache-syd10162-SYD
date
Sat, 19 Nov 2022 03:20:22 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-timer
S1668828022.318827,VS0,VE182
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
content-length
184
x-cache-hits
0, 0
467351a2860b7236f8a37e1ab99ad4f7
content.api.news/v3/images/bin/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/467351a2860b7236f8a37e1ab99ad4f7?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0d43783d689a41b3f09f8784e96f2926db6d05baae37e6d14455ced684b9abb0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:22 GMT
x-check-cacheable
YES
edge-cache-tag
467351a2860b7236f8a37e1ab99ad4f7
content-length
7635
last-modified
Sat, 19 Nov 2022 03:13:57 GMT
server
Akamai Image Manager
x-serial
1408
etag
dabcfb9d831db8599b725dd075fb8911-467351a2860b7236f8a37e1ab99ad4f7-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5183594
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 18 Jan 2023 03:13:36 GMT
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame EA87 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:56:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
217430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Nov 2023 14:56:32 GMT
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame B976 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:56:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
217430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Nov 2023 14:56:32 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame EAB0 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25677392&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
8c11280c15e0035a5036aacf023831e4c5112806703f71a802fbb28c87478116

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 03:20:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
googleads4.g.doubleclick.net/pcs/ Frame 1A3A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvD8_SUBoJW3y4vWaJGyk7vUF8frW2gWkVPvidCVbQR5Clc-rkDhJuIB-hE--3jQTgldmG0bxyRUXNuquDcrv5z4rDmDZNfA43Rjd7StVLvQKhVxGL731kSHXs2XqZYcc1L3jqSw3fkA9oEzVRMrRYBIiOUqOpqIwluj-ab7A&sai=AMfl-YR0x9YTKwigVGw0jL7MqIIw9XQ4Z5e5uQoUbDYrzCx47uMV-ZQGQwKhPhzprShkV7xQFN0yH6yg9dCCsmiHtJYlxZ4i7yp4NhmY1gr9&sig=Cg0ArKJSzPUgAafpx-eDEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=950&vt=11&dtpt=949&dett=2&cstd=0&cisv=r20221110.03541&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28611619.347749104;dc_ver=92.271;sz=300x250;u_sd=1;dc_adk=1593749571;ord=ce1u4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstObS7eQYcWStL-N9EgcRNfm6iTsl-uqJhsSjcQPSjYKvV75DStFLIcMuYE7i-b-IPMYc2kGdkMbFWSsRSfzbJjg32SaCV1z9RCnOV84M8DZ-2Rl_1s8rB9IWzVJbgpIKoibjsWMoM_vslzUUo-p0rDglTjn9l8lKO-pLSzXdwCt72gN0f6t3kRDwV0CwWGfxAf8Q08z2z4gos2ZI315__pqk14pk10iFfm-vVarmQYsLLTq1cTrjYBz_ZpAvEPbXZ3Tjn6It5gOf6HvGYd_iRodHVz95K86FMFB-mlkkWISWcHOOkrkoE9z5ViGxHw3g%26sai%3DAMfl-YROkW5d9jCnrnpowtu_oZIPZkCah_HR5ltUzdoYV3heOVXC52ySuC0xsVdzLvSGcb7mXvqlUdI5aGYrnaJSMPqfjM5t_PmkLKB8gulof037Bf4afQN_m95KbopvMrF5%26sig%3DCg0ArKJSzKP9pLp_A26YEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0LtftJC-oE;stc=1;chaa=1;sttr=589;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 03:20:22 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1A3A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPvrsAQv9V0fHXdOdXMT1nzZsIFDop5Lfn84eIP0SDt2z9mb8HsC60Z_T4uqA2VGTxFaL8xCddLquKoMj3Vc6lRGj0JzPCHKYYUVOPplpTvJBalia2GhK1Pp8C-icFcp2wuCDtXZJH4vbHZ0R9ZSWQb1Rf6mH1GQYgR64qN2tcGvE7iqVzOU2muBjjR00-sWnbInMbO3vs38puHZibe0bgcd15s3gEg9icHKKA_jFOGJc02z7yhW0ERb4ABQyiF22Hi_BnzCy3AjjpJGDGBTbR2huz47eWwPezCztATl8rtmzN2-mwoX9I8ftQohyFmw8R_tNE&sai=AMfl-YSy7_JIgBzy-iGp8rKc-AWtx4tEBuuaRNHblSTyT_G6G6sDDXr_zcwit7GTgqRYWEWGtrbnoTOzIzngabpjNTsLDYH86W5qzC3E2XZOLcoL3tKWKhWqzDaFz3Oe_bHt&sig=Cg0ArKJSzKL0rsaTuDWREAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 03:20:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 16BB 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_xEMdEt4Y6zgHZe9yAPaqoPwDAAAAAA4AeAEAg&bg=!srGlsfXNAAbvMpMzzzI7ACkAdvg8Wu8aYwS5ZBe3VZbGO377XojOsfCPvqCdA2ElbMOSqTabMxQWGgIAAADAUgAAAANoAQeZAvlU3w-tbciNDTz3HJw5MowWTUB9xQvg899UCBXOYn4uDieZPGAACtuDMougAyW4WlU1JGit4i-AHVjD-YzPGbFQAxVWZ4WmXY2Hv6WUU772Gmnt_7fNYlV1Bcvy2Q83_VKeb5MTFWcVpzT_ntJQXS8JlLd2l4AFqjY1grdwukVOIRIBF2gv39AL3TiT5h0933ecbAnE7eXPLyYsdCxNAdPiwv-7ro9o71DjumZJm2GonzZW_r5PcJLAzikV0VaSE99iYc7IVdzy4kzP5w9rP9AFhCX0I4BRAtfXJSVgKhKPUmwMU9UZV_IR_FcV6p8vsZL9c15FaVWdsBWexTXI6q9VE3paeV5tkdY1XkSypBZyYlvtLUwZbD6LP_vDNqoE817XpxdYFYo2VTGPnA428m-74HcmECXGbRWikahgaKzCqDdKBeHaEkwXNLTnfW-kJ6tG4ZvzSAxB8kWoV--WBtvWjJGEsvwdd9rZFXBGQrvK_31DiqDwqMOMBL5DQpa1yP_lqLMGq7K2IoH1j3eJ2kh-07pJrae97F4PyotiDaxwNBMG4gACf4mElHdWwb_d0fWXBb3LtHdrJvvHKSr5QvCDgMX6gBSDim8XAL-j57Rw1qbrRYfDy2Qwtv2wi7Smn8nVbYEyxtDsFtaLZzeKIm3fCSDfNgsj4BBxtCAF3B8_E-woW3IcU4J5jZdy19Bjq3l85oleP0YU41WwBjCMuy7n3Lc1qNkIp3L3CaCM-lo7yba8NkzJqdOTXvg2hYjIxNvJF95Ax3FvyBnWkr2uRaheLOJfJB_gqjtPmQLcng7MxChXFO-X7qhyQ-WoFZfSDk4bJa3iNe7_LHu9fxd_sPLlafmF2JwIKb03lhNB7ixt_w05NwDj2dzGDXqWQiG6SIq0Kk-N1GjhgxasZfNtpzirz3zCjEHdK9m7WzlrR5MmRY_0xg2pZ7EuDm0t1DPV7DniYuAMC26m7Qz0mUhfAS9tT5BtUBOufVHEgvj4UiAD4_E0I0r5Iwwuvw
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f9239fe4bfc02122bf69d91452dbd2e4.js
s0.2mdn.net/sadbundle/4795973331100619613/ Frame 1AB4 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4795973331100619613/f9239fe4bfc02122bf69d91452dbd2e4.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4795973331100619613/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
1b3c9643e43ad6c968ba4b0bdb40110924149c0ae6fec2e2c9fee420b185aa8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4795973331100619613/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 14:02:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47861
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25316
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 14:57:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 14:02:41 GMT
c0e08484d98add59b8950f00c6c5740e.js
s0.2mdn.net/sadbundle/8429175054428509462/ Frame 624E 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8429175054428509462/c0e08484d98add59b8950f00c6c5740e.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8429175054428509462/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
cdaf1e9148d4726cb77eef9740fb96e65c455d7a0948cbe94dea74f17f2f2fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8429175054428509462/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 20:44:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25310
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 14:57:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 20:44:35 GMT
optout_check
beacon.krxd.net/ Frame 1A3A 		77 B
236 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.myer.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.29.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-29-137.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef94f345e1e2e2c839c86239e71064deb6ccb06f673acb4dfee2753a5ff025fc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n004-pdx-prod.krxd.net
date
Sat, 19 Nov 2022 03:20:22 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=34 t=1668828022
content-type
text/javascript
Pug
image2.pubmatic.com/AdServer/ Frame 85E8
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=dlg_uEOpC6C1B-otdUt4Yw
42 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=dlg_uEOpC6C1B-otdUt4Yw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 03:20:22 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=dlg_uEOpC6C1B-otdUt4Yw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 8A53 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sat, 19 Nov 2022 03:20:23 GMT
Pragma
no-cache
Server
nginx
expires
-1
cm
ipac.ctnsnet.com/int/ Frame 6FB1 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 19 Nov 2022 03:20:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 1464
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=b8099646608b43bb8210e909025f3e56
42 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=b8099646608b43bb8210e909025f3e56
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Sat, 19 Nov 2022 03:20:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=b8099646608b43bb8210e909025f3e56
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
pxd
dps.jp.cinarra.com/ Frame 3461 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.176.115.166 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-176-115-166.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Sat, 19 Nov 2022 03:20:23 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B930
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1668828023007
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6687245709
  • https://sync.1rx.io/usersync/tradedesk/1fbac794-a072-4166-a080-d44c7a6c596e
  • https://sync.targeting.unrulymedia.com/csync/RX-9af9a5e5-3c27-4120-9a90-c0b57ad4b46e-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9af9a5e5-3c27-4120-9a90-c0b57ad4b46e-004
42 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9af9a5e5-3c27-4120-9a90-c0b57ad4b46e-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Sat, 19 Nov 2022 03:20:24 GMT
etag
RX9af9a5e53c2741209a90c0b57ad4b46e004
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9af9a5e5-3c27-4120-9a90-c0b57ad4b46e-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Pug
simage2.pubmatic.com/AdServer/ Frame A1A8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:USZ8x5kB1OWep15&gdpr=0&gdpr_consent=
42 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:USZ8x5kB1OWep15&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 19 Nov 2022 03:20:22 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:USZ8x5kB1OWep15&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0f40721276a047f1b@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 7C7C
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=1abe8abe-67b9-11ed-a73a-2ee288dff49c
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=1abe8abe-67b9-11ed-a73a-2ee288dff49c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sat, 19 Nov 2022 03:20:23 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=1abe8abe-67b9-11ed-a73a-2ee288dff49c
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-1
info
uipglob.semasio.net/pubmatic/1/ Frame EAB0 		42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:14 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame EAB0
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&gdpr=0&gdpr_consent=&ct=y
49 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
3.1.116.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-116-111.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:23 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.16.184
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:23 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.10.140
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame EAB0
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0e11d93b-d848-45dd-9911-3ebf4e499df8%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1fbac794-a072-4166-a080-d44c7a6c596e&ttd_puid=0e11d93b-d848-45dd-9911-3ebf4e499df8%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1fbac794-a072-4166-a080-d44c7a6c596e&ttd_puid=0e11d93b-d848-45dd-9911-3ebf4e499df8%2C
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:23 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1fbac794-a072-4166-a080-d44c7a6c596e&ttd_puid=0e11d93b-d848-45dd-9911-3ebf4e499df8%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
Pug
simage2.pubmatic.com/AdServer/ Frame EAB0
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=557869551418898506
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=557869551418898506
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 03:20:22 GMT
AN-X-Request-Uuid
d3b74526-cdff-4dc2-8820-92f51ad3ac25
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=557869551418898506
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EAB0
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=33d1b29053371b3d&is_secure=true&networkId=17100&version=1&nuid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJrVTUrTtctwN1Her-AAAAAAA&expiration=1668914423&nuid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&...
42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJrVTUrTtctwN1Her-AAAAAAA&expiration=1668914423&nuid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:23 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJrVTUrTtctwN1Her-AAAAAAA&expiration=1668914423&nuid=B4720C8F-DDC6-447E-B3B7-C00B6CD12D23&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA87 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZTcSdUt4Y4H0BOu94t4P1_27yAcAAAAAOAHgBAI&bg=!iYqlis7NAAbvMpMzzzI7ACkAdvg8WpBZQ4oLBikgBwV5zrp9LqcqrgxOSoM89VpatUflonf10czcrQIAAAEvUgAAAARoAQcKAGA8Bh-Af2RX_rt5PVkLSE5JHMK7Mw33jQSYuRM_FFBINZxaKvzsRSK8u01OpsFADb4D6hL8TGUJ4cDtM8ps620TdD_wSGO17CMRwPFzmvBtK3bUPcH0zTa5PZdMsPu6bv2ZArpvR2lNYtzWn0xjk4fWnVyDmVuO4PJqIHMles7tSTk45wMjr-EgENgpHI7DJw7lX57Ir4pzIazIoCEpLkD2VgTUT0uKPHJUdLgeBaOBd3asIVMn54vqKL6GVX7f0op-ZfRt7yp4tmmp7gGniwr7R3TZqQS2nnBkcJPaT2I2_jC8XGDo3P1Y8guiEZZwMKfeRsFWRT3DmnjIGbm_G75BKSDCvNrV7ADOfxHxOemh-yd4aHjZfa876Kej6zQGbVgJDzk07YVCmiqatFbcFjqA1PcvWVqLaOpb9EgzQfq65MSnz-ajgPo0o72rRLluG_b29nakd0Q-SBKlHl-4ed4Rxdg1MQM0nyAQ_pcr_N1_SkUAQsvVNJTXqpJ3ajTBoMqlpaTrlb6AT-DLEoNOHU6J0ATfHiRyaMfquTRfxWkihpxs2RJlq8BPRMmDtVbj7V4vMDA3i_YKlnpsLJsJrHZIbPueQ8rj0wDCO7FIvaCt0bDQt11GPYkThKWQFhbhlof7zt26xvvaB31GsgWXD_MrUXdbayGIlpdeWSQ80mvA5-ROde8wyFZVobkutvaHcaQJp1N0c7byWKO3oB6eijF-7MUc9SNZunIyC9QOTh1TaRkzuWYNo8cowhvGbtFuYAAEpGJIVyjYC6pCRySH9XuKcQxl6qXv2nzysQDyMGBBItAezaQtDM2sNawQMnREOp7E3y0EJNs1XWR2knSQUlBMzNQAPPv1C0Pk7GfIXCFywKDG0QGsclu4VvYQ-YsoNUCtQnZT7GyAN8PCroKbhfw-mDh_bt5HLWtUcmRZmGLuONJJcUVdpTGvkQNI-4nEmYKn38jtEnCp_SWtXDTb8Y6eKDMpuKgrOJkHVZ5dy6Teb_WJLLxUD4rzxZJdyCNm1NLPqqhfUB-5KQpJtfhoFIgU3NgmRBo4aAhTWlNB4A
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B976 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzWfHdEt4Y5SBHtaGrAGI_JnQBAAAAAA4AeAEAg&bg=!Tk2lTQnNAAbvMpMzzzI7ACkAdvg8WoFiSP4L6UplddfLCdtnvUE9wXjI_nVKszd3m3lzQzcVl8MxVAIAAAExUgAAAARoAQcKABJktFTxWQ06mEN7Ale9yat1ThGZAvme5aErGtjPvrf09-lSAnIzhwYiU9c6uuzSsJJSecYdWpV4oUM6sYSTRsFr14bI0lhst1_boMfKLDnZJiKa2K-2U_cHqgzWixHPOCspU4ewG_bZVqBB6k-bRGyVSJ3F4h6uCqx64jemdT8KHgYFXCAEj96W-KS_znKH05ScYV2_pzUGkwnlDZ1l2s0eNC0QWKpszuT-Wg3I3UU4Ze0kTkXz-qwJdzE5ewxpwKaHm-ddggUi6MvmAzSy3zUVZN5jqI2ddAqmUCrSXvfLqW_-iQjQyHQjqP9yjC34zh_GjUz869B_tILGkkRK58DGGKgHdgDQdh3sP_z1akb2fd4oxYGG_C55zOYMjqJ9y3neP4C2ZOQokvpETJDW5yjDW6BlX7pmHSS-UQWYPauwIACj90ddJi7jwCyVWWypUhIwg_A9-HzlPF73ypNmaEZ7ruo-Y1WQbScl6X44zKr6pwWdd4TeZr2qoedqo_XrYpFlnmcq87bsDC8gVhxn5dux7nFjwDskZaXWgEKJHHbo4q2mjIPxjj7Xegfc7VHRSFxovveqJJBU1lLH6Pl1egxpLPePIfGrqgfxiqMyvUjKLwrXsCfZO_eQGS4vgomxp_95RoarrH5oFnOiQoSXMAuy-Ojpu4kgcCO_uK4aJSklsbpCHBoUHkREM4NPUwn5VFeNXaERUA6DHShH8bgySw7Yu65w5SDTEfrMMxz4g3RJ3vhSYntcfx8p_5ZFo0udlCFMj9BOFRQeEXE29NNOlyiEF_68lrhgwO8g3jYwlS2rpDHwrooyO5CvWQJn6sLQSQSuPFAjDu9YrMCqLw9mei65vpEUe2oyxvyA5YI7wjefkzSIbUs-5RNwmDRhqSmYgT_4-oIMIqtVzmWJ_UReofRXLgACAqL8SP_LvHtVYXeW-vtvd5V7FpSvuupsGsco9vxcu5b5DXevdIF3Xv8yd6TcfXS8IlYP-2G3iPw3pBlYSmnrClCyjU4lcvPr0xj2EAjJZTz2UWLYeh42lp4V6Q
Requested by
Host: bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
URL: https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame B1FC 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-105.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 68e9cf75e80989314f45f964ce8fa084.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
5053446
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
CbSw_qhLSonBOkyAIgitJsalpK2Ye29qRqpVHMKcIzlnOCzu0L_Ntg==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138412773756&pubOrder=3068195175&cb=1108170245&custom=homepage&custom3=168400391&adsafe_par&impId=16442a15-67b9-11ed-a75b-0679fa08ad36&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:2ec05d77-bff8-06b4-7744-d8b64dd11f03,c:unBGEb,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-789bd99cd5-4xtnv,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:0.12039.1.1,am:i,cc:0.12039.1.1,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:949,mot:0,app:0,maw:0,fm:tnBejac+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v*.10507%7C1v1%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1v*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:A.qs.tn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1000,oid:199c7d6b-67b9-11ed-8f8d-4a1719f72d38,v:19.8.365,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.49.143 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-49-143.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:22 GMT
server
nginx
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=2ec05d77-bff8-06b4-7744-d8b64dd11f03&tv=%7Bc:unBGEW,pingTime:-2,time:1046,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:510,beZ:511,mfA:1458,cmA:1460,inA:1461,inZ:1467,prA:1467,prZ:1501,si:1510,poA:1511,poZ:1527,cmZ:1527,mfZ:1527,loA:1542,loZ:1546,ltA:1555,ltZ:1555,mdA:512,mdZ:1442%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D,ha1:%7Bres1:1,ps:1,ts:1668828022798,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:1,h:1,t:999%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1046,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:999,wc:0.0.1600.1200,ac:0.12039.1.1,am:i,cc:0.12039.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B94~0%5D,as:%5B94~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBejac+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v*.10507%7C1v1%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1v*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:A.qs.tn,siq:1001,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_3,google_ads_iframe_/5129/ndm.hwt/home_3__container__,ad-block-1000x50-1%5D,sinceFw:45,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:23 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
css
fonts.googleapis.com/ Frame 624E 		3 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:500|Montserrat:700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8429175054428509462/c0e08484d98add59b8950f00c6c5740e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
879cac2694db158c159d91d3ce3285a24913fcf257b7080bcd8046d3e9e4dbe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 19 Nov 2022 03:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Nov 2022 01:56:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Nov 2022 03:20:23 GMT
c8e578c0b57293bd631dd06a41e92be7.jpg
s0.2mdn.net/sadbundle/8429175054428509462/media/ Frame 624E 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8429175054428509462/media/c8e578c0b57293bd631dd06a41e92be7.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8429175054428509462/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
b5f0466dafb00f3e4eef00370d66f8f2721ba207cd6a65c13f1a904cd742948d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8429175054428509462/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 20:44:35 GMT
x-content-type-options
nosniff
age
110147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31218
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 14:57:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 20:44:35 GMT
0a0a1aabe42fed7d850e659d8b6cdc84.svg
s0.2mdn.net/sadbundle/8429175054428509462/media/ Frame 624E 		2 KB
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8429175054428509462/media/0a0a1aabe42fed7d850e659d8b6cdc84.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8429175054428509462/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
35637f785cd363ad1d686ef895d0d8f8840d3e310b1aa7a511033fa056a83092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8429175054428509462/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 20:44:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
754
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 14:57:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 20:44:35 GMT
e211ffec91f99a8652ac102ce4f1e31e.svg
s0.2mdn.net/sadbundle/8429175054428509462/media/ Frame 624E 		16 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8429175054428509462/media/e211ffec91f99a8652ac102ce4f1e31e.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8429175054428509462/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
618dea9b88ecc17aca37274bb276bce8854fc467c838d6f8f9e485ab194bcd2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8429175054428509462/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 20:44:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7247
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 14:57:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 20:44:35 GMT
6c34f3ef302f7f6da5e6082f2b97b88c.svg
s0.2mdn.net/sadbundle/8429175054428509462/media/ Frame 624E 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8429175054428509462/media/6c34f3ef302f7f6da5e6082f2b97b88c.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8429175054428509462/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
c52003e5564797d76babb4b69ea4a21c8acd8afcd66d7ac5c4ee990314f2752a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8429175054428509462/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 20:44:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1855
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 14:57:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 20:44:35 GMT
css
fonts.googleapis.com/ Frame 1AB4 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:500|Montserrat:700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4795973331100619613/f9239fe4bfc02122bf69d91452dbd2e4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
879cac2694db158c159d91d3ce3285a24913fcf257b7080bcd8046d3e9e4dbe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 19 Nov 2022 03:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Nov 2022 02:58:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Nov 2022 03:20:23 GMT
a54f4edda84a048af9afec68952693c5.jpg
s0.2mdn.net/sadbundle/4795973331100619613/media/ Frame 1AB4 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4795973331100619613/media/a54f4edda84a048af9afec68952693c5.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4795973331100619613/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
865b38391da9f48afc55071a884a1e7325ab0a90571d8b82f89b7473b85e7276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4795973331100619613/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 23:24:13 GMT
x-content-type-options
nosniff
age
186969
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46281
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 14:57:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 23:24:13 GMT
0a0a1aabe42fed7d850e659d8b6cdc84.svg
s0.2mdn.net/sadbundle/4795973331100619613/media/ Frame 1AB4 		2 KB
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4795973331100619613/media/0a0a1aabe42fed7d850e659d8b6cdc84.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4795973331100619613/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
35637f785cd363ad1d686ef895d0d8f8840d3e310b1aa7a511033fa056a83092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4795973331100619613/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 14:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47860
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
754
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 14:57:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 14:02:42 GMT
e211ffec91f99a8652ac102ce4f1e31e.svg
s0.2mdn.net/sadbundle/4795973331100619613/media/ Frame 1AB4 		16 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4795973331100619613/media/e211ffec91f99a8652ac102ce4f1e31e.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4795973331100619613/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
618dea9b88ecc17aca37274bb276bce8854fc467c838d6f8f9e485ab194bcd2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4795973331100619613/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 14:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47860
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7247
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 14:57:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 14:02:42 GMT
6c34f3ef302f7f6da5e6082f2b97b88c.svg
s0.2mdn.net/sadbundle/4795973331100619613/media/ Frame 1AB4 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4795973331100619613/media/6c34f3ef302f7f6da5e6082f2b97b88c.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4795973331100619613/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
c52003e5564797d76babb4b69ea4a21c8acd8afcd66d7ac5c4ee990314f2752a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4795973331100619613/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 14:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47860
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1855
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 14:57:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 14:02:42 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=2ec05d77-bff8-06b4-7744-d8b64dd11f03&tv=%7Bc:unBGFL,time:1097,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1097,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:999,wc:0.0.1600.1200,ac:0.12039.1.1,am:i,cc:0.12039.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B144~0%5D,as:%5B144~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBejac+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v*.10507%7C1v1%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1v*,rmeas:1,rend:1,renddet:A.qs.tn,siq:1001%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:23 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 1893 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-105.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 68e9cf75e80989314f45f964ce8fa084.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
5053447
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Pdp5qsDu-FIFp_i2TbRTe-__LLlEfJ75xQpekFnHVdoiyEQeuupoCQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=970x250|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138413026295&pubOrder=3068195175&cb=1525276461&custom=homepage&custom3=168400391&adsafe_par&impId=16442a12-67b9-11ed-a75b-0679fa08ad36&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:fe227a97-fbbd-de53-22a4-b24575ca3e7e,c:unBGJ5,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-789bd99cd5-q7xz5,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:1287,mot:0,app:0,maw:0,fm:tnBejaf+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1s*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1300,oid:199c7d83-67b9-11ed-b6df-2ed10e40cd8d,v:19.8.365,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.49.143 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-49-143.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:23 GMT
server
nginx
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fe227a97-fbbd-de53-22a4-b24575ca3e7e&tv=%7Bc:unBGJ5,pingTime:-8,time:1300,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1300,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1299,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B12~100%5D,as:%5B12~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBejaf+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1300%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:23 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fe227a97-fbbd-de53-22a4-b24575ca3e7e&tv=%7Bc:unBGJg,pingTime:0,time:1311,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1300%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1311,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1299,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~100%5D,as:%5B23~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBejaf+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1300%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:23 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fe227a97-fbbd-de53-22a4-b24575ca3e7e&tv=%7Bc:unBGJx,pingTime:-2,time:1328,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:842,beZ:843,mfA:2129,cmA:2130,inA:2130,inZ:2131,prA:2131,prZ:2139,si:2142,poA:2143,poZ:2151,cmZ:2151,mfZ:2151,loA:2160,loZ:2161,ltA:2170,ltZ:2170,mdA:844,mdZ:2106%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1300%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1328,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1299,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B40~100%5D,as:%5B40~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBejaf+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1s*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1300,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1%5D,sinceFw:27,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:23 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fe227a97-fbbd-de53-22a4-b24575ca3e7e&tv=%7Bc:unBGJZ,time:1356,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1356,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1299,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~100%5D,as:%5B68~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBejaf+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1300%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:23 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
desktop_truskinwww.heraldsun.com.au.js
massets.bonzai.co/c2/jd/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/c2/jd/desktop_truskinwww.heraldsun.com.au.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2667891553612180355_1667548731684_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
753623f88346064bb548612ff9e5d5fd5b26939fc32942c060de14d6007cb912

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:24 GMT
content-encoding
gzip
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 01:53:11 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
etag
"9edf0d1a271a1eec31ac16f11fbd329d"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
988
x-amz-cf-id
SyM24D764Ean4iDuYl3gZqLhL3h2shTuvJYf5LPJaoqhM3hJAIQPlQ==
rec
collector.bonzai.co/ Frame B669 		0
0
1px.gif
dcollector.bonzai.co/ Frame B669 		35 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjY4ODI4MDIzMTU0LCJmaSI6ZmFsc2UsInRrIjoiOTQ2ZWViOTE5NWE0NDI1OTYyODc1ZDZjN2U4OWUiLCJhZCI6IjI2Njc4OTE1NTM2MTIxODAzNTUiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY5MjAxNDMxOTY3MDYxMjMiLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJEZXRlY3RlZCBTREssIFdlYiJ9&etc=0.5014875015580429
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-67.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 22:59:55 GMT
via
1.1 aba5c115363c1a37b7337fdb5a449b1e.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
15630
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
7x7QgI0kawC4rbGMVpaKoI2o24UiPLH3QqIE4VS8TPZL225K0rVNRg==
rec
collector.bonzai.co/ Frame B669 		0
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 347D 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-105.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 68e9cf75e80989314f45f964ce8fa084.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
5053447
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Ygak1B8Zr2JnM7py4H7jU4x4JLYTowKDSxUCgr1bMv5RqvimJlV55g==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138413026298&pubOrder=3068195175&cb=254077713&custom=homepage&custom3=168400391&adsafe_par&impId=16442a13-67b9-11ed-a75b-0679fa08ad36&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:7cf947d6-fae5-53bf-a127-5152363b57d5,c:unBGLl,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-789bd99cd5-c78xg,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1123.622.300.250,am:i,cc:1123.622.300.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:1235,mot:0,app:0,maw:0,fm:tnBejdm+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1t*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1247,oid:19ce6279-67b9-11ed-8006-f6ff91991869,v:19.8.365,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.49.143 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-49-143.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:23 GMT
server
nginx
x-server-name
app03.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cf947d6-fae5-53bf-a127-5152363b57d5&tv=%7Bc:unBGLv,pingTime:0,time:1257,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1247%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1257,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1247,wc:0.0.1600.1200,ac:1123.622.300.250,am:i,cc:1123.622.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B21~100%5D,as:%5B21~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBejdm+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:1247%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:24 GMT
server
nginx
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cf947d6-fae5-53bf-a127-5152363b57d5&tv=%7Bc:unBGLK,pingTime:-2,time:1272,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:270,beZ:272,mfA:1505,cmA:1506,inA:1506,inZ:1507,prA:1507,prZ:1514,si:1517,poA:1518,poZ:1526,cmZ:1526,mfZ:1526,loA:1535,loZ:1536,ltA:1542,ltZ:1542,mdA:272,mdZ:1469%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:300.250,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1247%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1272,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1247,wc:0.0.1600.1200,ac:1123.622.300.250,am:i,cc:1123.622.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~100%5D,as:%5B36~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBejdm+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1t*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:1247,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1,newscorpau_multi_collection-3%5D,sinceFw:24,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:24 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cf947d6-fae5-53bf-a127-5152363b57d5&tv=%7Bc:unBGMk,time:1308,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1308,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1247,wc:0.0.1600.1200,ac:1123.622.300.250,am:i,cc:1123.622.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B72~100%5D,as:%5B72~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBejdm+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:1247%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:24 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A3A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuG3IiV7xMPfDCfmfkQ-a07vs-sn20Y-D-57BgY5qSvb8Y9ScAD2TjeDM0PXFJEKPN2Gc6VFbBcgNh0h9cdu-Cp0vVSPsG6Jbs&sig=Cg0ArKJSzEaZ9MPyeTkiEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=1593749571&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668828019458&rpt=2813&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A3A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVE5WY2oX5ePIUuTyshFkVFIQrzjMnsNF9KfILw3ziS0wJXAHKraaRCYbC-wZCxoTnRDMmGc0h8ONEvSfcr1ASNC-WKM8bHngHSB7uqAYS5vwNq3aY&sig=Cg0ArKJSzNygq8D6eipUEAE&id=lidar2&mcvt=1003&p=622,1123,872,1423&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2956706420&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668828019458&rpt=2807&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
desktop_truskinwww.heraldsun.com.au.js
massets.bonzai.co/c2/jd/ Frame B669 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/c2/jd/desktop_truskinwww.heraldsun.com.au.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2667891553612180355_1667548731684_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
753623f88346064bb548612ff9e5d5fd5b26939fc32942c060de14d6007cb912

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:24 GMT
content-encoding
gzip
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 01:53:11 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
x-amz-server-side-encryption
AES256
etag
"9edf0d1a271a1eec31ac16f11fbd329d"
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
988
x-amz-cf-id
oHhfcEU4iKpvRMEYQC61nAkrqtb2frbuH49jOsqP5U1DOS-drnT5kQ==
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 1AB4 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500|Montserrat:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 14:22:34 GMT
x-content-type-options
nosniff
age
46669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 14:22:34 GMT
truncated
/ Frame 1AB4 		289 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecd766a690e0d4d93a1fd5713d744b6ce51963d67b62def74fe37f3747a14a30

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/ Frame 624E 		289 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecd766a690e0d4d93a1fd5713d744b6ce51963d67b62def74fe37f3747a14a30

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 624E 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500|Montserrat:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 14:22:34 GMT
x-content-type-options
nosniff
age
46669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 14:22:34 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=2ec05d77-bff8-06b4-7744-d8b64dd11f03&tv=%7Bc:unBGQs,pingTime:-10,time:1760,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1668828023524%7C%7Cc9c771a25b38c31b9a3aab6b81e18d60%7C%7Cf8b8963e850cee297829880103706300%7C%7C2b5a68cef2ac6a0c37832c75c4ea8003%7C%7C4fa039576b121a2aaf054cb7ffd87264%7C%7C43fe09f0c704a90926e4ad92c1c398d3%7C%7C224dd8d5a88ab91d18fd382e868b18bc%7C%7Cda5d82034ff814dc9473726eede01c04%7C%7C1663701684%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:24 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame 6AE9 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157182&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fe227a97-fbbd-de53-22a4-b24575ca3e7e&tv=%7Bc:unBGTB,pingTime:-10,time:1952,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1668828023524%7C%7Cc9c771a25b38c31b9a3aab6b81e18d60%7C%7Cf8b8963e850cee297829880103706300%7C%7C2b5a68cef2ac6a0c37832c75c4ea8003%7C%7C4fa039576b121a2aaf054cb7ffd87264%7C%7C43fe09f0c704a90926e4ad92c1c398d3%7C%7C224dd8d5a88ab91d18fd382e868b18bc%7C%7Cda5d82034ff814dc9473726eede01c04%7C%7C1663701684,sca:%7Bspg:2ec05d77-bff8-06b4-7744-d8b64dd11f03%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:23 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
googleads4.g.doubleclick.net/pcs/ Frame 6235 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsunff7DYreTsav1Yp7oycro8pRd-4CISWzJJN91QkNvj_57iYJhzPk_PoyVP4ivJP3tUjSqZg2AGm8I3TD4F21SLo1Cd4sa6otGtTm_O9rqAHFz7_4gxCJsVFoLVkPm5qq1crVHUT20zzi8EZGwktlRJk1Rd_-DxQD34WwUwh_dP2-_SyMWJ4gEo9gs4uLSN9bSOwMCi8Fu8_X14IcJUs9ft1koQDmqu1XY8qiSD_eVAqfYheb35ChKtnDhqDdSCkbq8JzxRVDTHoBWX9b5Xzg3xTODwWJtKVnbxGOzNaB_CkLvvtY32-YjpKk1713pbqumfSYfjfUe5ZwUCHjw3VFDty5rFNs5cudxkIXkvqQxLnb3WhAPcsh8WcbqWD859XZ78F91peEevpZLXwGZl0xsxCdIji63Wv9PHpx07_mDGojFJSJRgwnlvz91__M-XDApt3nAFXGSP7V9YoW_p_tKcCvF98Gc4LXxwSy2B2G8mg3KLpcl7ByP-U4VUfQ7IexEfsjuu9gWI_AMcrBi-1pqWMuPCnc2NOk1qQNml-j_gQvIDMe-MUsM9__iGtzXf1kq9narwmAqUu34kjScEFB2oNRQuM-u3swGkyNbC5qECXP1tmUMfHZ_y-GmZ_YJ1X04x4Iy1_SE-rrAgs1aAoZ38-ifYlbnqAwidxDc8PRZpTxRg3IQxZlxmmnERiU9S4aIWG4r7_t5KVwig5h_grGj2-ImmLeXfi_woLEYNGTZ__A8v9wotn25gHgkCwFRQ2S_lJ4yEVQXYyR_ZuRFpiQk460-qT9m32etfn-cEmQfzQxv9SOj4Y4yscGBLV4-4rjASejTk_CweK5RCjRAaC3MpnMZ11AnZhLLDprtspsSM_e5DvBMSb4ei-A6Qwjt8_gtfgvgv91s2r0E7rMtBytNh8gMSJINHux1qky8ZtxVQu02TsAgRazuPPge8UT-czy7W26iikBkQA6jHZzQEB3Jp5sAbKjBOqHeFBUL8JtskzPHQr_2R79BKb-grefzP4nxWfHNfyIlpTtm3epTwCPpJ2dnhbQhYIhXORICYlmI7hOlSxk2_mbbCzoT_jeaMXR4L_VyfjOWTDQfxQ8AXIW-FvqVGEzvAAsqbkt8k903porr7puywWVjMS6YrNKPxHyxhLYjgxUg6wejucYDZa6LtlfHTLvEiBDAoWUMvCuHIXxDU_f5bVWaVy4Rahkhn3162_1PjmHZmA9im7oxAKYsABbOmebo&sai=AMfl-YRpzAE3ZtUNkYHfTbTgbxsVEtYq-XiSkX8H1ijSBwhVipawc6yit8S6ADAAMAab5_Yz9QAZoVdPldspV_PpQ8scPyP-9QeCpS2e49keGaxY0vv-bIvGBrQeS7Xl-j0ojQ874yxd1tIi-F_7B6YqTDeVumoIkVMEVm4&sig=Cg0ArKJSzE7-X8epDb0REAE&uach_m=[UACH]&pr=6:0.551447&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3049&vt=11&dtpt=2215&dett=3&cstd=832&cisv=r20221110.95953&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 03:20:24 GMT
1px.gif
dcollector.bonzai.co/ Frame B669 		35 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjY4ODI4MDI0MTEzLCJmaSI6ZmFsc2UsInRrIjoiOTQ2ZWViOTE5NWE0NDI1OTYyODc1ZDZjN2U4OWUiLCJhZCI6IjI2Njc4OTE1NTM2MTIxODAzNTUiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY5MjAxNDMxOTY3MDYxMjMiLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJQYWdlIGZ1bmN0aW9uIGNhbGxlZCwgZHRzTWFpbiJ9&etc=0.15064398616061636
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-67.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 22:59:55 GMT
via
1.1 aba5c115363c1a37b7337fdb5a449b1e.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
15630
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
cA-_SgIcMJ29Jts59N3UvbqvwNjyZ3R2SbGkvXj_vqYfhbEmklSuSA==
rec
collector.bonzai.co/ Frame B669 		0
0
truncated
/ 		48 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f0ddb8ae9b06e9b440b190836aceba6aa24702d0ae4b358b77c4b2db29d602d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/jpeg
0699b740-b6dc-4383-a4f9-2d2ead845c91_v1_5.png
massets.bonzai.co/ Frame B669 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/0699b740-b6dc-4383-a4f9-2d2ead845c91_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
067ad9af108327122242a6037f57e9fb339b5b8232fafca5af68e40c83a63ed3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 07:17:07 GMT
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
last-modified
Mon, 31 Oct 2022 01:03:15 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
1281798
etag
"cad6c7a8c1e86d7a3dfa679ac60bcc38"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9515
x-amz-cf-id
cXiO8zndcj1T_YiTp6_nvsPozxadRamDMPJ6V_pv3osHWDM9W2ADdw==
eaa69a0d-3da3-441c-9f64-2734a1142768_v1_5.png
massets.bonzai.co/ Frame B669 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/eaa69a0d-3da3-441c-9f64-2734a1142768_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df0f2961fcf22b5b181582f74613310c0b25d8e2c38062df1ca1811187dfc4c6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 01:06:58 GMT
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:55:30 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
1044807
etag
"8676314060baaf677f64da0d05f86172"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
35012
x-amz-cf-id
Z5y_3XSsbN4qOQetiXAgcO3IdKfg1DUqxWeMs986lZEhDrxn4iqzVg==
97c489a6-dd2f-49a6-a22a-681b937da036_v1_5.png
massets.bonzai.co/ Frame B669 		450 KB
450 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/97c489a6-dd2f-49a6-a22a-681b937da036_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b04bdc0369f1282ae5539b7fad8b1c45ee6cd0b7b3314a4aacb178d9f55c9086

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 07:17:07 GMT
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:55:45 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
1281798
etag
"0681a029cd7ec1d1802c3f36af58abf4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
460416
x-amz-cf-id
UyHTecFt6difENAKY68Xyq-1LNoSBP6TgL-JEWWy5j87p4z0gQGAjg==
09ecfbe2-f7fe-40c8-bd9c-02037f548044_v1_5.png
massets.bonzai.co/ Frame B669 		397 KB
398 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/09ecfbe2-f7fe-40c8-bd9c-02037f548044_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a0c99baf829ea5d70bf41f38fbf741e8d3b42b7842c081ecfd0d3993ea74801

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 01:06:58 GMT
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:55:39 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
1044807
etag
"d4b4002901057d2660bb2dbea51785a5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
406832
x-amz-cf-id
rVlyqsNK7drTqZqJ60b5tmjNsA6_dK_HPTIQO2uX4XJ09K9RgitY6A==
43c8b194-037a-4233-a700-5f886865e396_v1_5.png
massets.bonzai.co/ Frame B669 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/43c8b194-037a-4233-a700-5f886865e396_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddc6a0df25826e5cbf2eff4b33d93834f90e09180d0f81c9ffefb69d3cf2a673

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 01:06:58 GMT
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:55:55 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
1044807
etag
"8aaef6a1b918e9bf2a0ad31eee6a9846"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
14876
x-amz-cf-id
VmG9kjcs0ShP5ZOmrT3Mn3MSz1r42_FfvgsRUMyaCipkZ57dsvYx9A==
me-min-0c34c9ac03.js
s.bzcdn.co/canvas/ca/video/raw-lib/ Frame B669 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/me-min-0c34c9ac03.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-60.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 08:24:18 GMT
content-encoding
br
via
1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront)
last-modified
Thu, 30 Jun 2022 08:09:32 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
12250566
etag
W/"b162e5356e64e3f4caba75f7adf0b8d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
chCEAACJ7HAhDp8Ct5AiKj_PGjdpvyM19ALjB2PUn5fGfro-wZLCSg==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fe227a97-fbbd-de53-22a4-b24575ca3e7e&tv=%7Bc:unBH0d,pingTime:1,time:2362,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1300%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2362,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1299,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1074~100%5D,as:%5B1074~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:863,fm:tnBejaf+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t.10507%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1300,sis:1519%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:24 GMT
server
nginx
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fe227a97-fbbd-de53-22a4-b24575ca3e7e&tv=%7Bc:unBH0e,pingTime:1,time:2363,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1300%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2363,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1299,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1075~100%5D,as:%5B1075~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:863,fm:tnBejaf+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t.10507%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1300,sis:1519%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:24 GMT
server
nginx
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fe227a97-fbbd-de53-22a4-b24575ca3e7e&tv=%7Bc:unBH0f,pingTime:1,time:2364,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1300%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2364,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1299,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1076~100%5D,as:%5B1076~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:863,fm:tnBejaf+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t.10507%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1300,sis:1519,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:24 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fe227a97-fbbd-de53-22a4-b24575ca3e7e&tv=%7Bc:unBH0f,pingTime:1,time:2364,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1300%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2364,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1299,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1076~100%5D,as:%5B1076~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:863,fm:tnBejaf+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t.10507%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1300,sis:1519,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:24 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
googleads4.g.doubleclick.net/pcs/ Frame 4F52 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFYBHJtsGQy4vfyTnmwW3SrpGgX2sGqqrTfzdkU6yfmco_Mry5KJKcm6YqQ8AXvZiyaBnJ-7_ACUfTgJKhEosOfyKxxggxsaP5n-m7tmXCDtPkndwpf-cq8ijKryD2F2xqJzMX6m0eIxsnp0nZiCboW6-u2S1aRREOu6fi6P08dT7Qnq0fTeJNxFwHSV0UUtgNNewY1dnHM7BLO5ddyJfzJ423KdfVwxqMENWfdTLxoLcHe3CKTo4hqEA-1LYWcRq_9cYC3rFyEDAPyoKf_ohhSBo1i6gV8w7anxVxJf4SRIjrhAa-M8mDbIZJuKLI4TANh07MqYclbDN6ppn1ThKgdJNHLZIuWxt7TZZhn7XgLP8hIU7SJkpKWaTs5wj-LfXRfUjsXGq7GJF6Ri8yGggBe8cF586R-l1Im4PdZOfYUscU-VAGJbWTKJil_QjRN98relRWmLCnZJK5YVQ_54xr3EDoR7I3KLLZBTr7CdUEiDvNSU1HY-crQfeXYhyizciV_vznfNKq5jf-0SVDh2WtbxW3UF5EFnrv2iFvsXqvAp4h_9-e-EiU6B4vqObOk4iGwt986uAjp4zjAbQt3H76mwHgtTeylxqFi4T1pQwEjUNi8VOu1pNCi0GGOQaA6nGsjXJ52OwFfa2km_fuvQO_8MN9OxixQpWv2e7V97AIbzjhECg-mz1Sj4ksAC0F7DuB1aNKyUMAMTsmnko2MkYgDGpQkP6DMycARo0pK9714DwPMEAouemi94uZ5MG0FHe99qWIPCmqXXk3AAvaUsP0ktnIHYMJ-952SuhUmQgISe06Kk7rbRuEKMZMoBwfsEaLhV0b2dk8_79qgcT41AULpH-FOnqWNSwzD2jFGAzPzPvRVqr7rP5SytiKqRyfIgSIlQuN1aj0ZJA7hEZEV59mnfRwY4-IYmDczd83OiBP5XlD7lItzKofLAiPsYrzmO9HbU-2B-fK62Uft3glkGW3Udqpmc8XFpFzJB-pVfbF1uPEe8l-PdmS_f6jtrFxO4oE2qJgF2r616_G6Ekw2GrwP7UUTNxTyLlf_7onRVT6sNh2mno7IBaN90mhlL8n08SiUQNKkCVKT2tO1W4fE6CKJfGcXp-Z21durelc-YSnFpxtaa6an8i0pfwPmdRmrsm1_AlPsRyx3gUr8uDGnI5kL3IUhHWW8adua_AKXiB9j2vo7pJi2fvtdHSiBG-cdrhwfBZ0WWJ0vHTKkbrpmOwcIRfKMedwH8uZkcbK3g&sai=AMfl-YRGXhinSfHc0iYjcS7_GKDPss-5rwdVYfxg95oSaECVePhMZqc5Cuo3KCJKTuxyDdgF0gsLZ9YhXh0kF58a1u041TQ7hx_eClc4QE8x6nybhbwSfMA5nOX1jfpOjLE7srBft9BoEdE2nFbWLrAX4x63rIK0eAo6g3I&sig=Cg0ArKJSzHgeQJdGA8BKEAE&uach_m=[UACH]&pr=6:0.386703&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3316&vt=11&dtpt=2475&dett=3&cstd=838&cisv=r20221110.56346&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8723608110cc15873df457753e57bc88-1668827996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 03:20:24 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cf947d6-fae5-53bf-a127-5152363b57d5&tv=%7Bc:unBH1E,pingTime:1,time:2258,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1247%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2258,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1247,wc:0.0.1600.1200,ac:1123.578.300.250,am:i,cc:1123.578.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1022~100%5D,as:%5B1022~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBejdm+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:1247,sis:1493%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:24 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cf947d6-fae5-53bf-a127-5152363b57d5&tv=%7Bc:unBH1E,pingTime:1,time:2258,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1247%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2258,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1247,wc:0.0.1600.1200,ac:1123.578.300.250,am:i,cc:1123.578.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1022~100%5D,as:%5B1022~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBejdm+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:1247,sis:1493%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:24 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cf947d6-fae5-53bf-a127-5152363b57d5&tv=%7Bc:unBH1F,pingTime:1,time:2259,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1247%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2259,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1247,wc:0.0.1600.1200,ac:1123.578.300.250,am:i,cc:1123.578.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1023~100%5D,as:%5B1023~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBejdm+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:1247,sis:1493,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:24 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cf947d6-fae5-53bf-a127-5152363b57d5&tv=%7Bc:unBH1F,pingTime:1,time:2259,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1247%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2259,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1247,wc:0.0.1600.1200,ac:1123.578.300.250,am:i,cc:1123.578.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1023~100%5D,as:%5B1023~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBejdm+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:1247,sis:1493,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:24 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cf947d6-fae5-53bf-a127-5152363b57d5&tv=%7Bc:unBH5k,pingTime:-10,time:2486,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1668828023524%7C%7Cc9c771a25b38c31b9a3aab6b81e18d60%7C%7Cf8b8963e850cee297829880103706300%7C%7C2b5a68cef2ac6a0c37832c75c4ea8003%7C%7C4fa039576b121a2aaf054cb7ffd87264%7C%7C43fe09f0c704a90926e4ad92c1c398d3%7C%7C224dd8d5a88ab91d18fd382e868b18bc%7C%7Cda5d82034ff814dc9473726eede01c04%7C%7C1663701684,sca:%7Bspg:2ec05d77-bff8-06b4-7744-d8b64dd11f03%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:24 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame EAB0 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame C3E3 		893 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5193130&p=157182&s=326399&a=0&ptask=DSP&np=0&fp=1&rp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
208ba9cd7370db8ec4dbb16c20e21ecbcf2662a86ec68a1036233ad365284798

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 19 Nov 2022 03:19:47 GMT
content-length
893
content-type
text/html; charset=UTF-8
141
match.deepintent.com/usersync/ Frame 5B53 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Sat, 19 Nov 2022 03:20:25 GMT
server
c
cookiesync
core.iprom.net/ Frame A729 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sat, 19 Nov 2022 03:20:26 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-d9468c701c0f@version_1.530v3
X-core-time
1ms
X-server-arch
v2
i.match
s.tribalfusion.com/z/ Frame A0E1
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76c5cf56494ea7f9-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 03:20:25 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76c5cf549f24a7f9-SYD
content-type
text/html
date
Sat, 19 Nov 2022 03:20:25 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1056
/
csync.loopme.me/ Frame 3303 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.223.115 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
115.223.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

date
Sat, 19 Nov 2022 03:20:25 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame FA74
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5C3DCA0D4C614A8AB9EF97C994B48D9D&gdpr=0&gdpr_consent=
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5C3DCA0D4C614A8AB9EF97C994B48D9D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 03:20:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sat, 19 Nov 2022 03:20:24 GMT
expires
Fri, 18 Nov 2022 03:20:24 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5C3DCA0D4C614A8AB9EF97C994B48D9D&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
ce-video-new-min-fd8262ba53.css
s.bzcdn.co/canvas/ca/video/raw-lib/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2667891553612180355_1667548731684_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-60.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18c54fdefb6751daf143fd6c63b4f2153f2df222eda828a5ec2f10ab8c410f59

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:26:14 GMT
content-encoding
gzip
via
1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront)
last-modified
Fri, 05 Aug 2022 09:09:38 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
6857651
etag
W/"32363fbe7416020c70983107aea60606"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
SwlLcNkhfmmHyNk0_MZrSvriler-2THNFUdfMPUEOb9eRid_cxx9dg==
ce-video-vv-6b88b1ed56.css
s.bzcdn.co/canvas/ca/video/raw-lib/ 		431 B
773 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-vv-6b88b1ed56.css
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2667891553612180355_1667548731684_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-60.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca40f6cbbf38d34bcdbd7727249fd016b7bc8aac6e117adcb82d3792e76f9860

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:26:14 GMT
via
1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront)
last-modified
Fri, 05 Aug 2022 09:09:38 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
6857651
etag
"430de22743d923be7f36b54d1776a908"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
431
x-amz-cf-id
Y2J1rSPBZ47V43yHCYiHcm-o5kZwDzzExpF7ADhffoMLZYvrl7bGcQ==
0699b740-b6dc-4383-a4f9-2d2ead845c91_v1_5.png
massets.bonzai.co/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/0699b740-b6dc-4383-a4f9-2d2ead845c91_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
067ad9af108327122242a6037f57e9fb339b5b8232fafca5af68e40c83a63ed3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 07:17:07 GMT
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
last-modified
Mon, 31 Oct 2022 01:03:15 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
1281799
etag
"cad6c7a8c1e86d7a3dfa679ac60bcc38"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9515
x-amz-cf-id
R2FS0ups82XjXLDuZxrV_JuXaT_EEeP-0nqD0cQzws9y8Pvqzpgj8w==
eaa69a0d-3da3-441c-9f64-2734a1142768_v1_5.png
massets.bonzai.co/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/eaa69a0d-3da3-441c-9f64-2734a1142768_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df0f2961fcf22b5b181582f74613310c0b25d8e2c38062df1ca1811187dfc4c6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 01:06:58 GMT
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:55:30 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
1044808
etag
"8676314060baaf677f64da0d05f86172"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
35012
x-amz-cf-id
sNDL7c_crRlJ10_1L8vZ-yceCtRM4lDikMO4wf86h3QnzsADzkLcNQ==
97c489a6-dd2f-49a6-a22a-681b937da036_v1_5.png
massets.bonzai.co/ 		450 KB
450 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/97c489a6-dd2f-49a6-a22a-681b937da036_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b04bdc0369f1282ae5539b7fad8b1c45ee6cd0b7b3314a4aacb178d9f55c9086

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 07:17:07 GMT
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:55:45 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
1281799
etag
"0681a029cd7ec1d1802c3f36af58abf4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
460416
x-amz-cf-id
UAYbTDsjiVvw3x20qPEUDZbOnj0PXIpGPe5SGRo7pI-2s3sdoa13BA==
09ecfbe2-f7fe-40c8-bd9c-02037f548044_v1_5.png
massets.bonzai.co/ 		397 KB
398 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/09ecfbe2-f7fe-40c8-bd9c-02037f548044_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a0c99baf829ea5d70bf41f38fbf741e8d3b42b7842c081ecfd0d3993ea74801

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 01:06:58 GMT
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:55:39 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
1044808
etag
"d4b4002901057d2660bb2dbea51785a5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
406832
x-amz-cf-id
4l7iHk9NJQ_d9rue1i2TfAsnYVB_YfuGf1wD9DLhhyzzSEaDgJIayA==
43c8b194-037a-4233-a700-5f886865e396_v1_5.png
massets.bonzai.co/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/43c8b194-037a-4233-a700-5f886865e396_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddc6a0df25826e5cbf2eff4b33d93834f90e09180d0f81c9ffefb69d3cf2a673

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 01:06:58 GMT
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:55:55 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
1044808
etag
"8aaef6a1b918e9bf2a0ad31eee6a9846"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
14876
x-amz-cf-id
8g9UqhovCc8gMKDxjsCihn-NITCLQcmrVZlvmqUAfQVC5Cf5KPFyfg==
me-min-0c34c9ac03.js
s.bzcdn.co/canvas/ca/video/raw-lib/ 		133 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/me-min-0c34c9ac03.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2667891553612180355_1667548731684_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-60.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
017ed3a3015deeaaeadc08a4d8dcde59e102fb6838ab0df6b89ff4aee77ec196

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 08:24:18 GMT
content-encoding
br
via
1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront)
last-modified
Thu, 30 Jun 2022 08:09:32 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
12250567
etag
W/"b162e5356e64e3f4caba75f7adf0b8d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
UE-j54Y9yURlOYYLcR8ckrzS-hWT47j1VxAQ3seUxbwinrk7FTtrXw==
1px.gif
dcollector.bonzai.co/ Frame B669 		35 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjY4ODI4MDI0OTE0LCJmaSI6ZmFsc2UsInRrIjoiOTQ2ZWViOTE5NWE0NDI1OTYyODc1ZDZjN2U4OWUiLCJhZCI6IjI2Njc4OTE1NTM2MTIxODAzNTUiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY5MjAxNDMxOTY3MDYxMjMiLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJQYWdlIHJlYWR5LCAqIn0=&etc=0.14805728712186306
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-67.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 22:59:55 GMT
via
1.1 aba5c115363c1a37b7337fdb5a449b1e.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
15631
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
s7hdKOepqyaJcsv1-jjOGJ7uhar0hl0WFXgIyVB_VXhnax89lI897g==
6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.0000000.jpeg
massets.bonzai.co/mediaconvert/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/mediaconvert/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.0000000.jpeg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecdc40c675cbe207cc7d075bdfdd8b994ce97f159c3d73d31dfaf24998051b0b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 19:25:40 GMT
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:56:36 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
28486
x-amz-server-side-encryption
AES256
etag
"cbf88ebcce5ad03d2384987732f85a21"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
65050
x-amz-cf-id
_sjY14pAIF1Dz-bW4zhu6ThCk7K9ROR3L_cupeIHceW_GSAJsEN6nQ==
1px.gif
dcollector.bonzai.co/ Frame B669 		35 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjY4ODI4MDI0OTQ0LCJmaSI6ZmFsc2UsInRrIjoiOTQ2ZWViOTE5NWE0NDI1OTYyODc1ZDZjN2U4OWUiLCJhZCI6IjI2Njc4OTE1NTM2MTIxODAzNTUiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY5MjAxNDMxOTY3MDYxMjMiLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJQYWdlIHJlYWR5LCBkdHNNYWluIn0=&etc=0.060158567025928145
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-67.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 22:59:55 GMT
via
1.1 aba5c115363c1a37b7337fdb5a449b1e.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
15631
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
YZ5tGTS9t9c2iWkzihKE1kqGnStK6DKAELQ_7qIMgtZQZT_kPgmOGg==
6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.mp4
massets.bonzai.co/mediaconvert/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5/ 		0
0
TL-Play.svg
s.bzcdn.co/canvas/ca/video/raw-lib/ 		379 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/TL-Play.svg
Requested by
Host: s.bzcdn.co
URL: https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-60.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5479429cf03c62393df0e79e6ad5f626153798b7339ff83af1a1a8495824f2e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:25:09 GMT
via
1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 11:20:35 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
21317
etag
"bd3cbcf6fa4e381e788b759e0f902237"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
379
x-amz-cf-id
HCBRRRhckIh_g39RDUbIOAhI9bIR_LBGSJaFTjRQ37sC5PvBcYeyoQ==
mute.svg
s.bzcdn.co/canvas/ca/video/raw-lib/ 		612 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/mute.svg
Requested by
Host: s.bzcdn.co
URL: https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-60.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e745fd04b3660338e575422753f485d606dc732ef86fd366601483f65ab97744

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:11:13 GMT
via
1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 11:20:35 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
553
etag
"4d2781ec1a00eaf0d5c27a476a0576be"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
612
x-amz-cf-id
ek6SE5C0LU7fbzwmmMzd0bcbtnf7ziKDPGLLKl4qGNKEFjTf-vbMpg==
1px.gif
dcollector.bonzai.co/ Frame B669 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjY4ODI4MDI1MjQ5LCJmaSI6ZmFsc2UsInRrIjoiOTQ2ZWViOTE5NWE0NDI1OTYyODc1ZDZjN2U4OWUiLCJhZCI6IjI2Njc4OTE1NTM2MTIxODAzNTUiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY5MjAxNDMxOTY3MDYxMjMiLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJQYWdlIGxvYWQsICoifQ==&etc=0.3539590165537727
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-67.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 22:59:55 GMT
via
1.1 aba5c115363c1a37b7337fdb5a449b1e.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
15631
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
X7et1bnHcZ92tATuyi27pc7Cgq7ZOxnHTTQ2ZQNrjY3I7gMvAAqqZQ==
1px.gif
dcollector.bonzai.co/ Frame B669 		35 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjY4ODI4MDI1MjQ5LCJmaSI6ZmFsc2UsInRrIjoiOTQ2ZWViOTE5NWE0NDI1OTYyODc1ZDZjN2U4OWUiLCJhZCI6IjI2Njc4OTE1NTM2MTIxODAzNTUiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY5MjAxNDMxOTY3MDYxMjMiLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJQYWdlIGxvYWQsIGR0c01haW4ifQ==&etc=0.343718768109037
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-67.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 22:59:55 GMT
via
1.1 aba5c115363c1a37b7337fdb5a449b1e.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
15631
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
HJw5KP93oRNo0FBAHhVcP1iX4CDtwngQgme062MNtsy8sPeWljTWDQ==
6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.mp4
massets.bonzai.co/mediaconvert/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/mediaconvert/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.mp4?ngsw-bypass=true
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c90a02d7c77c4dd508eede5f22240786f23c358336aef0f7c7a20d13f147ed64

Request headers

Referer
https://www.heraldsun.com.au/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 18 Nov 2022 12:49:06 GMT
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:56:49 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
52280
etag
"3df3649cd6c3e3d1d6fd63e637a3adb1"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-1613534/1613535
accept-ranges
bytes
x-amz-cf-id
K68PkvnLUdLRvKVbAKTvbck-CnUfgfP8Qn8jyruWfzCmyS92IA_UWw==
Content-Length
1613535
pause.svg
s.bzcdn.co/canvas/ca/video/raw-lib/ 		530 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/pause.svg
Requested by
Host: s.bzcdn.co
URL: https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-60.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc75e0032627fad35171c6bf3cd6f4ae84561c235b1d41da56fb4dd6a6fb5c6a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 11:38:48 GMT
via
1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 11:20:35 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
56498
etag
"c190fe9dcb74b7867b47253015f2f9a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
530
x-amz-cf-id
rDJqOGviZl5CAupFmeykdKJox3KkscImzKmzdfXFLwghXiVqS9RQUg==
rec
collector.bonzai.co/ Frame B669 		0
0
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40heraldsun.com.au&g=36976&p=https%3A%2F%2Fmassets.bonzai.co%2Fmediaconvert%2F6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5%2F6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.mp4%3Fngsw-bypass%3Dtrue&i=&g0=home%2Chomepage%2Cno_video&u=chrSABoXJ9ICypZk&t=hy3laC5pS3qCv81FhDNwtidBQ9qbd&x=0&y=0&V=136&VS=H5&n=1&b=32718&r=&_vd=15000&_vi=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&_vp=heraldsun.com.au%2F&_vh=heraldsun.com.au&_pu=BXIkjfC0a0eaBoJN9O&_pt=Co9S3eC2ryMaDQgp4hBNCrY_DtubOv&_pr=&_vdd=heraldsun.com.au&_vt=ct&_vs=s2&_vcs=0&_vbr=-1&_vvs=0.304&_vpt=10&_vtn=https%3A%2F%2Fmassets.bonzai.co%2Fmediaconvert%2F6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5%2F6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.0000000.jpeg&_vaup=auto&_vce=0&c=0.01&W=0&R=1&I=0&E=0&j=20&tz=0&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.69.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-69-6.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:25 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=BXIkjfC0a0eaBoJN9O&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.36&x=0&m=0&y=12844&o=1600&w=1200&j=30&R=1&W=0&I=0&E=6&e=1&r=&b=12669&t=Co9S3eC2ryMaDQgp4hBNCrY_DtubOv&V=136&tz=0&_acct=anon&_vi=&_vp=https://massets.bonzai.co/mediaconvert/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.mp4?ngsw-bypass=true&_vdd=video%40heraldsun.com.au&_vs=s2&_vt=ct&_vap=&_vtn=https%3A%2F%2Fmassets.bonzai.co%2Fmediaconvert%2F6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5%2F6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.0000000.jpeg&_vd=15000&sn=3&sv=DqwUx5DqAaRyOZwKBBrx4cQYE01k&sd=1&im=062b0732&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.69.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-69-6.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:26 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
rec
collector.bonzai.co/ Frame B669 		0
0
SPug
simage4.pubmatic.com/AdServer/ Frame C3E3 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157182&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:20:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fe227a97-fbbd-de53-22a4-b24575ca3e7e&tv=%7Bc:unBI2H,pingTime:5,time:6360,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1300%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6360,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1299,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5072~100%5D,as:%5B5072~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:300,fm:tnBejaf+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t.10507%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1300,sis:1519%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:28 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fe227a97-fbbd-de53-22a4-b24575ca3e7e&tv=%7Bc:unBI2I,pingTime:5,time:6361,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1300%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6361,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1299,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5073~100%5D,as:%5B5073~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:300,fm:tnBejaf+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t.10507%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1300,sis:1519%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:28 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cf947d6-fae5-53bf-a127-5152363b57d5&tv=%7Bc:unBI53,pingTime:5,time:6313,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1247%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6313,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1247,wc:0.0.1600.1200,ac:1117.624.300.250,am:i,cc:1117.624.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5077~100%5D,as:%5B5077~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:295,fm:tnBejdm+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:1247,sis:1493%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:28 GMT
server
nginx
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cf947d6-fae5-53bf-a127-5152363b57d5&tv=%7Bc:unBI53,pingTime:5,time:6313,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1247%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6313,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1247,wc:0.0.1600.1200,ac:1117.624.300.250,am:i,cc:1117.624.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5077~100%5D,as:%5B5077~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:295,fm:tnBejdm+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1m8%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u21%7C1u22%7C1u23%7C1u24%7C1u25%7C1u26%7C1u3%7C1u4%7C1u5%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:1247,sis:1493%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.226.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-226-35.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 03:20:28 GMT
server
nginx
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
rec
collector.bonzai.co/ Frame B669 		0
0
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40heraldsun.com.au&g=36976&p=https%3A%2F%2Fmassets.bonzai.co%2Fmediaconvert%2F6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5%2F6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.mp4%3Fngsw-bypass%3Dtrue&i=&g0=home%2Chomepage%2Cno_video&u=chrSABoXJ9ICypZk&t=hy3laC5pS3qCv81FhDNwtidBQ9qbd&x=0&y=0&V=136&VS=H5&n=1&b=32718&_vd=15000&_vi=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&_vp=heraldsun.com.au%2F&_vh=heraldsun.com.au&_pu=BXIkjfC0a0eaBoJN9O&_pt=Co9S3eC2ryMaDQgp4hBNCrY_DtubOv&_pr=&_vdd=heraldsun.com.au&_vt=ct&_vs=s2&_vcs=1&_vbr=-1&_vvs=5.304&_vpt=4969&_vtn=https%3A%2F%2Fmassets.bonzai.co%2Fmediaconvert%2F6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5%2F6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.0000000.jpeg&_vaup=auto&_vce=5&c=0.09&W=0&R=1&I=0&E=5&j=20&tz=0&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.69.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-69-6.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 03:20:30 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
rec
collector.bonzai.co/ Frame B669 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/13/2721370f
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/L2hE9Iup/VHLDoHn/XSyFiIz/zo/aVY1NmXSLOX5/OwoJHgE/D1U/2Ik5SXnMB
Domain
syd-1-apex.go.sonobi.com
URL
https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%22229c0e488dae47%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%2237bb64fb28044d%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%22470461c44613cb%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%22586346d1b88761%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=5a26e780-cfc1-4896-a395-dcd73a52680a&pv=c3f5212f-fd83-4c48-8bca-928e68932c51&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEHFBYbN096VnmpZUmKFTsH4&google_cver=1&google_push=ASkJ3FaFaFNzVCoLdFYTvnGqQFUnN5bTgxehHooExjKPiTE-lF3IR6L6WELEdiH8vIEqmDz_vjTis4Oz3Yrl7j_aNeIHX-DIIrSB_NyJww-5D_vdRXbXDBicUvZteM9BNYtFS4-8hCsUjeKblw
Domain
collector.bonzai.co
URL
https://collector.bonzai.co/rec?ev=pre-preimp&tk=946eeb9195a4425962875d6c7e89e&ad=2667891553612180355&brkp=1920x1080&brkpid=dtsMain&cw=970&ch=250
Domain
collector.bonzai.co
URL
https://collector.bonzai.co/rec?mode=test&adid=2667891553612180355&tk=946eeb9195a4425962875d6c7e89e&domain=www.heraldsun.com.au&pagename=/
Domain
collector.bonzai.co
URL
https://collector.bonzai.co/rec?ev=preimp&tk=946eeb9195a4425962875d6c7e89e&ad=2667891553612180355&brkp=1920x1080&brkpid=dtsMain&cw=970&ch=250
Domain
collector.bonzai.co
URL
https://collector.bonzai.co/rec?ev=imp&tk=946eeb9195a4425962875d6c7e89e&ad=2667891553612180355
Domain
collector.bonzai.co
URL
https://collector.bonzai.co/rec?q=eyJicGlkIjoiZHRzTWFpbiIsInBhZ2VJZCI6ImR0c01haW4iLCJ3aWR0aCI6MTkyMCwiaGVpZ2h0IjoxMDgwLCJldiI6ImluaXRpYWxfYnAiLCJldm4iOiJpbml0aWFsX2JwIiwiZXZ0IjoiQXV0byIsImZpIjpmYWxzZSwibyI6InBvcnRyYWl0IiwiY3R6IjowLCJjdHMiOjE2Njg4MjgwMjQxMTcsIm1vZGUiOiJsaXZlIiwidGsiOiI5NDZlZWI5MTk1YTQ0MjU5NjI4NzVkNmM3ZTg5ZSIsImFkIjoiMjY2Nzg5MTU1MzYxMjE4MDM1NSJ9&etc=0.5330869176138415
Domain
massets.bonzai.co
URL
https://massets.bonzai.co/mediaconvert/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.mp4?ngsw-bypass=true
Domain
collector.bonzai.co
URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZWxlaWQiOiJranpzUiIsImVsZW4iOiJ2ZG8gMSIsImVsZXQiOiJWSURFTyIsImV2IjoidmlkZW9zdGFydCIsImV2biI6IlZpZGVvIFN0YXJ0IiwiZXZ0IjoiQXV0byIsImZpIjpmYWxzZSwicG4iOiJEZXNrdG9wIHRydVNraW4gbWFpbiIsInBpZCI6ImR0c01haW4iLCJwdCI6ImR0cyIsImJya3AiOiJEZXNrdG9wIHRydVNraW4gbWFpbiIsImJya3BpZCI6ImR0c01haW4iLCJhdXRvIjp0cnVlLCJ2bGVuIjoxNSwicG9zIjowLjAwMDc3OSwid2lkIjoxLCJvIjoicG9ydHJhaXQiLCJjdHoiOjAsImN0cyI6MTY2ODgyODAyNTU3NCwibW9kZSI6ImxpdmUiLCJ0ayI6Ijk0NmVlYjkxOTVhNDQyNTk2Mjg3NWQ2YzdlODllIiwiYWQiOiIyNjY3ODkxNTUzNjEyMTgwMzU1In0=&etc=0.024807696800396517
Domain
collector.bonzai.co
URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZWxlaWQiOiJranpzUiIsImVsZW4iOiJ2ZG8gMSIsImVsZXQiOiJWSURFTyIsImV2IjoidmlkZW90aW1lIiwiZXZuIjoiVmlkZW8gVGltZSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsInBuIjoiRGVza3RvcCB0cnVTa2luIG1haW4iLCJwaWQiOiJkdHNNYWluIiwicHQiOiJkdHMiLCJicmtwIjoiRGVza3RvcCB0cnVTa2luIG1haW4iLCJicmtwaWQiOiJkdHNNYWluIiwiYXV0byI6dHJ1ZSwidmxlbiI6MTUsInBvcyI6MS4wMDg0MTQsIndpZCI6MSwibyI6InBvcnRyYWl0IiwiY3R6IjowLCJjdHMiOjE2Njg4MjgwMjY2MTgsIm1vZGUiOiJsaXZlIiwidGsiOiI5NDZlZWI5MTk1YTQ0MjU5NjI4NzVkNmM3ZTg5ZSIsImFkIjoiMjY2Nzg5MTU1MzYxMjE4MDM1NSJ9&etc=0.26006627977702745
Domain
collector.bonzai.co
URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZWxlaWQiOiJranpzUiIsImVsZW4iOiJ2ZG8gMSIsImVsZXQiOiJWSURFTyIsImV2IjoidmlkZW90aW1lIiwiZXZuIjoiVmlkZW8gVGltZSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsInBuIjoiRGVza3RvcCB0cnVTa2luIG1haW4iLCJwaWQiOiJkdHNNYWluIiwicHQiOiJkdHMiLCJicmtwIjoiRGVza3RvcCB0cnVTa2luIG1haW4iLCJicmtwaWQiOiJkdHNNYWluIiwiYXV0byI6dHJ1ZSwidmxlbiI6MTUsInBvcyI6My4xNzk5MjIsIndpZCI6MSwibyI6InBvcnRyYWl0IiwiY3R6IjowLCJjdHMiOjE2Njg4MjgwMjg3OTAsIm1vZGUiOiJsaXZlIiwidGsiOiI5NDZlZWI5MTk1YTQ0MjU5NjI4NzVkNmM3ZTg5ZSIsImFkIjoiMjY2Nzg5MTU1MzYxMjE4MDM1NSJ9&etc=0.8080850290515635
Domain
collector.bonzai.co
URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZWxlaWQiOiJranpzUiIsImVsZW4iOiJ2ZG8gMSIsImVsZXQiOiJWSURFTyIsImV2IjoidmlkZW90aW1lIiwiZXZuIjoiVmlkZW8gVGltZSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsInBuIjoiRGVza3RvcCB0cnVTa2luIG1haW4iLCJwaWQiOiJkdHNNYWluIiwicHQiOiJkdHMiLCJicmtwIjoiRGVza3RvcCB0cnVTa2luIG1haW4iLCJicmtwaWQiOiJkdHNNYWluIiwiYXV0byI6dHJ1ZSwidmxlbiI6MTUsInBvcyI6NS4wMzkzMTQsIndpZCI6MSwibyI6InBvcnRyYWl0IiwiY3R6IjowLCJjdHMiOjE2Njg4MjgwMzA2NDksIm1vZGUiOiJsaXZlIiwidGsiOiI5NDZlZWI5MTk1YTQ0MjU5NjI4NzVkNmM3ZTg5ZSIsImFkIjoiMjY2Nzg5MTU1MzYxMjE4MDM1NSJ9&etc=0.7428293462858964

Verdicts & Comments Add Verdict or Comment

330 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| _taboola object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr function| toggleShowMore function| $ function| jQuery function| admiral object| googletag object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore function| loadjs boolean| isLoadedIndiesJs string| urhehlevkedkilrobacf function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| 4dm1r11545242527 boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise object| __AMP_LOG object| __AMP_MODE function| AmpStoryPlayer object| placementData object| COMSCORE function| udm_ object| ns_p object| lazySizes object| ads_api function| algoliasearch function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg string| nam object| app object| vidora function| vidoraTrackExtraElements object| vidoraHelper object| auth object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| fetchGDPR function| _tealium_old_error boolean| __tealium_twc_switch object| nb undefined| rea_site_short string| site_short string| pathname string| loc object| theseAddresses object| notTheseAddresses object| nrm_sites object| sectionData number| _sf_endpt function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker object| m object| vidora_ns function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc function| GeaLoader object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent object| KAMPYLE_EMBED function| setImmediate function| clearImmediate object| ID5 number| interval object| npt object| ads_core object| ads_extra string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig boolean| excludeKargo object| adUnits object| pbjs object| __iasPET number| AMAZON_APS_TIMEOUT object| kw_ignore object| ggeac function| pbjsChunk object| _pbjsGlobals object| apsUnits boolean| isAlloyConfigured object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| atsenvelopemodule object| ats boolean| apstagLOADED object| nca_ipsos object| dm string| s_tnt function| cookieWrite function| cookieRead string| g function| formatTime string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo object| s_i_newscorpau-hsweb_newscorpau-global object| brandmetrics function| __assign object| tbopt function| omrhp object| UrlCache object| SUBSCRIPTIONS object| SWG undefined| google_measure_js_timing object| Criteo boolean| hasApsUnits object| ads_ready object| diagPixSentCodes object| __iasAdRefreshConfig boolean| DotMetricsInitScript object| DotMetricsSettings function| __spreadArrays object| _brandmetrics function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| ajax object| instance object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData object| DotmetricsJSON object| CryptoJS object| DotMetricsObj object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 undefined| oneTagObj function| ebDecode object| bsResponseObj object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| googDdmPs object| categoryData object| __IntegralASExec object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| MediaElementPlayer

227 Cookies

Domain/Path Name / Value
.taboola.com/newscorpau-aud-heraldsun/ Name: taboola_session_id
Value: v2_2cd26063d6b38474c07b03a98bf1b0cf_10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1_1668828001_1668828001_CIi3jgYQgPNHGP7pme_IMCABKAEwEDiu_QZA8IUQSOaS1wNQlZoCWABgAGiy-ebp3bfByjVwAQ
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: 8723608110cc15873df457753e57bc88
.heraldsun.com.au/ Name: nk
Value: 8723608110cc15873df457753e57bc88
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1668827996
www.heraldsun.com.au/ Name: lux_uid
Value: 166882800029890782
.taboola.com/ Name: t_gid
Value: 10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1
www.heraldsun.com.au/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1
.heraldsun.com.au/ Name: bm_sv
Value: 15C0331FD7E5779D9C8228448C2C6EC3~YAAQ3V8yuGf4k4OEAQAAK3fmjRE0bb93o6dU9SnuRU2yavZVGyYm8bYVBEPheawzMCgHTBMGHni7pb1/z+pf2+NUydFOXi/mTJA9xjApoCiQgCphKbDU/i38IB29XCqp+RtBbzPZrQVHEH46qhdDGXk0/NtAJy5Q1ylU58kan6l2x5LnWc2zmX2OlzINnwGPwqj5y4BmujNWo5Vekph8NGUwPmTrEQP0eKT9TKbnagwDf3KFnEyBuyNO8d2l+dLO2acfQVOP~1
www.heraldsun.com.au/ Name: _tb_sess_r
Value:
www.heraldsun.com.au/ Name: _tb_t_ppg
Value: https%3A//www.heraldsun.com.au/
www.heraldsun.com.au/ Name: AWSALB
Value: B7GZy2dae6Dr8isyk5kvdZrB9MwtETK6XCQo7xRxwUxJEdlhOPynbbXC7cNRpZKDRmQn7GjwUbbd0McfGXUYWJgGS9xALs65FTm4ulP30N9FtQmpWsj8qRclzgMA
.heraldsun.com.au/ Name: ak_bmsc
Value: EF092D174CEC91E72B67D56ED0F04E8D~000000000000000000000000000000~YAAQ3V8yuIH4k4OEAQAATnrmjRF5eAZuL4u+QWMm+qLmnAQ1Q4NDXPBOCUMQgJrEXdPBwSuNAf3a7wnSmj5E+joASFBYfj7BVWIMACt+68v4335G5XiyjtdOYBsI+qn2F3NEc40Vj/UKg6AljXJGOuwLInakBnXsCPdiUhsO14fqi56C9UbizeujYUCEJ6tq+gPXL8bq4sOfAep63RPLMcQcXGSNygwXibS0yMhuSun3fQevCmUZrn660tV24sYRtkXqK4KOf32sdT6l5PXpDnn8M0l45g4sF2hpfISoSUcTYNTaR/L4kE+w4BlLxNfVwTj686uytIBkMjGCaR1Nq5pP+HB+eqTRumAi3NpvCiwAVsMkBDZf4uzNlNmClqTAfXldvBFdrIgEkLEp9RwXiEtgRCl7mkPxByf8Mx2xkuYcSRqz37MTDbHTikAqnR/7io93/ICDOwf0o+zMpQJdJhj0yw/eMkDevPD1oQESD18tMg4Irr2vq+/m464uK1/4zzGf
www.heraldsun.com.au/ Name: AWSALBCORS
Value: B7GZy2dae6Dr8isyk5kvdZrB9MwtETK6XCQo7xRxwUxJEdlhOPynbbXC7cNRpZKDRmQn7GjwUbbd0McfGXUYWJgGS9xALs65FTm4ulP30N9FtQmpWsj8qRclzgMA
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3A0ea4b780-67b9-11ed-8aa9-cfcb9df8ca2a.%2BRTzEdh4ttfq35UKPnAUf8xxHHaHPdSYZ2myLHTapcQ
.heraldsun.com.au/ Name: _awl
Value: 3.1668828003.0.5-86cc7264f3c0bcf0bcc5b9a92536df5e-6763652d617369612d6561737431-0
.heraldsun.com.au/ Name: utag_main
Value: v_id:01848de67de80011c3513ac07dd803074001d06c00b08$_sn:1$_se:1$_ss:1$_st:1668829803817$ses_id:1668828003817%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.49463053050687056
.scorecardresearch.com/ Name: UID
Value: 1879499cccf5dc11aec8ad51668828003
.heraldsun.com.au/ Name: _cb
Value: BXIkjfC0a0eaBoJN9O
.heraldsun.com.au/ Name: _chartbeat2
Value: .1668828005221.1668828005221.1.DqwUx5DqAaRyOZwKBBrx4cQYE01k.1
.heraldsun.com.au/ Name: _cb_svref
Value: null
.heraldsun.com.au/ Name: metrics_pcsid
Value: not%20set
www.heraldsun.com.au/ Name: vidoraUserId
Value: sq7elsrbs3d1ja2hae9qfgoc0f7vin
.heraldsun.com.au/ Name: _ncid
Value: 48650d6199dc00b96a759df44c57a120
.demdex.net/ Name: demdex
Value: 22351096293973863592816500108686719027
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: s_ecid
Value: MCMID%7C22372258978627638852818895652904085801
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19316%7CMCMID%7C22372258978627638852818895652904085801%7CMCAAMLH-1669432807%7C9%7CMCAAMB-1669432807%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C1979214203%7CMCOPTOUT-1668835207s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.1.1
.heraldsun.com.au/ Name: s_nr30
Value: 1668828007940-New
.heraldsun.com.au/ Name: s_tslv
Value: 1668828007940
.heraldsun.com.au/ Name: s_inv
Value: 0
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Chome%7Chomepage%7Chomepage
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_tp
Value: 12492
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Chome%257Chomepage%257Chomepage%2C10%2C10%2C1200%2C1%2C10
.heraldsun.com.au/ Name: s_cc
Value: true
.doubleclick.net/ Name: IDE
Value: AHWqTUm4qmYH-ziFw-7AcTU9aIO21WDTXA7pYfwN4Y4p6BcO-6arG1EVPJXExe-on9g
.adscale.de/ Name: uu
Value: 24fea13f909440d9af96d96f62c9831e
.adsrvr.org/ Name: TDID
Value: 1fbac794-a072-4166-a080-d44c7a6c596e
.adnxs.com/ Name: uuid2
Value: 557869551418898506
.dpm.demdex.net/ Name: dpm
Value: 22351096293973863592816500108686719027
.turn.com/ Name: uid
Value: 4508445342604819091
.adscale.de/ Name: cct
Value: 1668828009019
.casalemedia.com/ Name: CMID
Value: Y3hLaa2fgsAZB0xPZIQo1QAA
.casalemedia.com/ Name: CMPS
Value: 4757
.casalemedia.com/ Name: CMPRO
Value: 4757
.rubiconproject.com/ Name: khaos
Value: LAND3X3Y-1A-L80Q
www.heraldsun.com.au/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: 1c87fbf3-318c-454b-a755-3d51317c89eb.1668828007.1.1668828010.1668828007.84324a59-d750-43e6-8df7-94d258f4625c
.newscgp.com/ Name: sp
Value: 40369779-0c7b-46d4-a0a7-1b1da868a756
.eyeota.net/ Name: mako_uid
Value: 1848de69557-cd9000001085983
.eyeota.net/ Name: SERVERID
Value: 22915~DM
.scanscout.com/ Name: uid
Value: CI-abbf335a118fa5039abd5dc17c4923c2
.scanscout.com/ Name: UIAA
Value: 22351096293973863592816500108686719027
.scanscout.com/ Name: UIXX_UPDT
Value: "UIAA=1668828009809"
.postrelease.com/ Name: visitor
Value: 0dcdc546-91f5-40af-9ea4-fca0da911962
.postrelease.com/ Name: status
Value: 0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y3hLagAAARhXzQA7
.demdex.net/ Name: dextp
Value: 358-1-1668828008296|470-1-1668828008398|481-1-1668828008499|771-1-1668828008600|903-1-1668828008701|19566-1-1668828008802|23728-1-1668828008902|30432-1-1668828009003|30064-1-1668828009104|66757-1-1668828009205|134096-1-1668828009306|144230-1-1668828009406|144231-1-1668828009507|144232-1-1668828009608|144233-1-1668828009709|144234-1-1668828009810|144235-1-1668828009911|144236-1-1668828010018|144237-1-1668828010119|147592-1-1668828010220|461447-1-1668828010321
.socdm.com/ Name: SOC
Value: Y3hLasCo8YkAACscxfsAAAAA
.bluekai.com/ Name: bku
Value: pSL99sonKswFly/a
.openx.net/ Name: i
Value: 069bfe6c-9953-46b8-bd8a-0e2e5f9a6c03|1668828010
.smartadserver.com/ Name: pid
Value: 3987041248189081607
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 107:10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiYyMjM3MjI1ODk3ODYyNzYzODg1MjgxODg5NTY1MjkwNDA4NTgwMVIPCNmymu_IMBgBKgRTR1Az8AHZsprvyDA=
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: sgp3
.lijit.com/ Name: ljt_reader
Value: FrNoDQZH9HKiMYmdTHeg9YXZ
.contextweb.com/ Name: V
Value: RKWlTcclaKof
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1hba|5Ql.0.10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 36d150549085f4dc
.spotxchange.com/ Name: audience
Value: 137abd29-67b9-11ed-b4df-1457a7f90107
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y3hLagAAARhXzQA7&KRTB&22978-Y3hLagAAARhXzQA7&KRTB&23194-Y3hLagAAARhXzQA7&KRTB&23209-Y3hLagAAARhXzQA7
.lijit.com/ Name: _ljtrtb_42
Value: 10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1
.krxd.net/ Name: _kuid_
Value: PNRdmjqF
.criteo.com/ Name: uid
Value: 4e7d4dad-2529-4774-8853-f67d798557ac
.3lift.com/ Name: tluid
Value: 3399902450208168048103
.omnitagjs.com/ Name: ayl_visitor
Value: 6835a2011a07c67bd509a0aafca9efc1
.bidswitch.net/ Name: c
Value: 1668828012
.bidswitch.net/ Name: tuuid_lu
Value: 1668828012
.adform.net/ Name: C
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3b7c8028-5c9b-43c0-608e-693ac3abe727.fr3NNFV%2BtQ%2B%2Bhuv5RFcUbI4PA4H3BhfmerHwVii5Zq0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AO3yAKFybQ8Bgjmk6w6vnJ6310aU.ZMvKiOElUqRGvyZX7LCdjMJTlkdSsx5eDk1YnudFXZI
.bidswitch.net/ Name: tuuid
Value: 3cab3366-7473-4804-944c-659682ec4039
.mfadsrvr.com/ Name: tuuid
Value: 40ecc522-b1c4-4ff5-970d-190433732455
.mfadsrvr.com/ Name: c
Value: 1668828012
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-3cab3366-7473-4804-944c-659682ec4039
.adform.net/ Name: uid
Value: 6416496943234349779
.mfadsrvr.com/ Name: tuuid_lu
Value: 1668828013
.mfadsrvr.com/ Name: ssh
Value: !taboola,1668828013
.adx.opera.com/ Name: UID
Value: OPU313dd8e5373b4988b157063ca771de13
.ad-m.asia/ Name: uid
Value: 91BToGUHvf
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1668828014303.1534043097
.semasio.net/ Name: SEUNCY
Value: 2D54C4DDDD464A38
.everesttech.net/ Name: ev_sync_dd
Value: 20221119
.admatrix.jp/ Name: uid
Value: 71674732-0ed8-4bc5-8d07-165a6e9111d0
ads.playground.xyz/ Name: connect.sid
Value: s%3AwfIvf2nOapvT3W_2X3YNdrmZEg-tYf9O.FYxK2jdn%2BrZJjc%2F8WhTV%2BK%2BIhywEbdT9E2S4pwY4Rwk
.tapad.com/ Name: TapAd_TS
Value: 1668828015641
.tapad.com/ Name: TapAd_DID
Value: 0e11d93b-d848-45dd-9911-3ebf4e499df8
mfad.inskinad.com/ Name: azk
Value: ue1-d2700e4ae4a64b6ea9cefecaa93d60d3
mfad.inskinad.com/ Name: azk-ss
Value: true
.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898%2C17568988%2C17568985
.heraldsun.com.au/ Name: aam_uuid
Value: 22351096293973863592816500108686719027
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=c2425eca-d46b-4b23-97dd-8ef81fc68654&Created=11/19/2022 03:20:16&UserMode=0&guid=50671553-5736-4a06-984f-d66b606ae42d&ver=1
.heraldsun.com.au/ Name: nol_fpid
Value: ctyu9nv6krllhs4ykz4ynrhxyu0f71668828016|1668828016287|1668828016287|1668828016287
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13062
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A7DhFVuNzkmolo3gBnEdDQE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: kwkJHF3+jDQamRLnAnKFuNQ2OZRGdCFe+Wmp2TzCMDwe7fvUABnqoW++eJA2egciR4MSri1YOYlC/TVafR7tO/WpO46ZFQl7tR1igebOKiDSOqLfVx6EBQ5sUBUu
.imrworldwide.com/ Name: IMRID
Value: 170ef3e0-67b9-11ed-8be3-edf3b19ccdb0
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.google.com/ Name: NID
Value: 511=LRRePjVAmBmy1uc1Jnv4i2JzWU9DvBsXBYkgTq31A0JNdtEJ__a4580eNiFNWPFdIbxx2mgnfcKLiMB5212RkFXWrJBmbtlejwUH6n9iNItvaNbri02guSQARKIwOAZ0VtOY0QJKFyzl4rkZHZNvPxddFhx_Z6mEUOCRf3k7RdY
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 005amuCuT0_004c3mCuT0_
.serving-sys.com/ Name: G4
Value: 0009fM00I._
.serving-sys.com/ Name: OT2
Value: 0001DC1rAr
.serving-sys.com/ Name: u2
Value: 61806c97-01ae-4cd2-a26e-8053a47406ee4JP050
.mathtag.com/ Name: uuid
Value: 79ff6378-4b71-4500-b7b3-2c6b61442a02
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B4720C8F-DDC6-447E-B3B7-C00B6CD12D23
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-1fbac794-a072-4166-a080-d44c7a6c596e&KRTB&22918-1fbac794-a072-4166-a080-d44c7a6c596e&KRTB&23031-1fbac794-a072-4166-a080-d44c7a6c596e
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:79ff6378-4b71-4500-b7b3-2c6b61442a02&KRTB&16736-uid:79ff6378-4b71-4500-b7b3-2c6b61442a02&KRTB&23019-uid:79ff6378-4b71-4500-b7b3-2c6b61442a02&KRTB&23208-uid:79ff6378-4b71-4500-b7b3-2c6b61442a02
www.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 100
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBFwG9Kjby0UGyulW60Of_8&KRTB&16514-CAESEBFwG9Kjby0UGyulW60Of_8&KRTB&23025-CAESEBFwG9Kjby0UGyulW60Of_8&KRTB&23386-CAESEBFwG9Kjby0UGyulW60Of_8
.simpli.fi/ Name: suid
Value: 5C3DCA0D4C614A8AB9EF97C994B48D9D
www.heraldsun.com.au/ Name: _lr_retry_request
Value: true
www.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
.yahoo.com/ Name: A3
Value: d=AQABBHNLeGMCEMa67VSE8C2Si2vv1qg164AFEgEBAQGceWOCYwAAAAAA_eMAAA&S=AQAAAq02WGZUwgwyCkJAtRxHQW4
.rlcdn.com/ Name: pxrc
Value: CPOW4ZsGEgUI6AcQABIFCOhHEAA=
.id5-sync.com/ Name: id5
Value: 5cfc4544-dc05-4515-9156-00f58f0a7777#1668828010123#4
.heraldsun.com.au/ Name: __gads
Value: ID=30d0334d6a75e1fc:T=1668828018:S=ALNI_MamT0sBL5IghnaaCJ-fniD0dXW43g
.heraldsun.com.au/ Name: __gpi
Value: UID=00000b7eec0a2041:T=1668828018:RT=1668828018:S=ALNI_MZZuQe0_CTS_LofnBURL6DiYr-0aA
www.heraldsun.com.au/ Name: cbd
Value: 10000
.pippio.com/ Name: did
Value: N-hY8uHfDcn1fErW
.pippio.com/ Name: didts
Value: 1668828019
.pippio.com/ Name: nnls
Value:
.id5-sync.com/ Name: 3pi
Value: 464#1668828011132#1679642551#10a51dba-a6ee-42a7-ac6e-c5ee3c68eaf6-tucta71d0e1|112#1668828015077#-1430980042#2D54C4DDDD464A38|2#1668828019470#1711442162#557869551418898506|3#1668828018416#-1244750756#79ff6378-4b71-4500-b7b3-2c6b61442a02|264#1668828017189#1465418392#1fbac794-a072-4166-a080-d44c7a6c596e|10#1668828013184#-1894666294#6416496943234349779|123#1668828020091#-518694181|108#1668828016674#650986699
.id5-sync.com/ Name: callback
Value:
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.1953817170.1668828020
.bidr.io/ Name: bito
Value: AAI9BE7G8JcAACBhVbgCwQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.zemanta.com/ Name: zuid
Value: vpiWxSqG-JMAKk57XIgU
.pippio.com/ Name: pxrc
Value: CPSW4ZsGEgQIAhAAEgYI7OsBEAA=
.dyntrk.com/ Name: dyn_u
Value: 07030002_63784b745e964
.www.heraldsun.com.au/ Name: ln_or
Value: d
.linksynergy.com/ Name: rmuid
Value: e833fca7-a76c-4eb3-a698-31823a7bd91a
.linksynergy.com/ Name: icts
Value: 2022-11-19T03:20:20Z
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.rubiconproject.com/ Name: audit
Value: 1|WoHD7pFKxXWBIfVNBjvbS4z5BpcJcnkyu8RsNszd01u1Mnm1d2tbLc73iBXdzthJjzUPhTjmziNBK03vAHceEOzJ7rckCi5uj+jmrISZb8g9a0yI6WwQ70GcckauZUtYJkJLRzDf5JdRybUP8CpSe5bTAIcZVdp65cmAxi7+9V1o8946LEpae9kIb4G5wtpyAWUOhSrDlPzc6UO785F0Pw==
.linkedin.com/ Name: li_sugr
Value: f6c3de59-d85c-4cb4-8569-c5a7574356d7
.linkedin.com/ Name: bcookie
Value: "v=2&1797685c-a3c3-4f64-8677-cf53b08ad32a"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2793:u=1:x=1:i=1668828021:t=1668914421:v=2:sig=AQF5RUx1suBC77z0DcB5X297eTk50xjY"
.rlcdn.com/ Name: rlas3
Value: MQAgxex6LZLRnE740mK5qVMVkQkgA/y7XRz3mIBspPM=
.mookie1.com/ Name: id
Value: 10521886487974600733
.mookie1.com/ Name: mdata
Value: 1|10521886487974600733|1668828021293
.mookie1.com/ Name: ov
Value: f53d4b9811d067c6e2405cfedb0bcee4
.t.co/ Name: muc_ads
Value: 9aa75e4f-c6be-4bbf-a9d6-2fd2229f713f
.twitter.com/ Name: personalization_id
Value: "v1_qo2O4SDSwnWpOwdgk4sXRg=="
.linkedin.com/ Name: UserMatchHistory
Value: AQLQRfka1MxNZwAAAYSN5sKZrqS0BCJ_Uaiuibb5NXwV_jFqRDyyssUZHaNbytVwxLiXww_1sXOJ0A
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQL2gxjVNgbprQAAAYSN5sKah60BoNlk9o0rnZtEy6VTnrRzoOMkTL2l65rtXde2-dn_VMTEMvDX936u1MTICw
.lkqd.net/ Name: lkqdidts
Value: 1668828021
.lkqd.net/ Name: sr59
Value: 1||1668828021
.lkqd.net/ Name: lkqdid
Value: cMGeP7B7T1Q
.adnxs.com/ Name: anj
Value: dTM7k!M4/YEVNsVF']wIg2E>5rDnt3!oApg#MUU_pPi_y0/m2EFv71K+!P5Mpet+7UlTaGs:u`ukpd=3!AXTO:4=sB!#*Pxub*=t
.casalemedia.com/ Name: CMTS
Value: 4862
.blismedia.com/ Name: b
Value: 63784B758D2D5261EC4D3C33BLIS
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&20221119032021c70fa107-1eae-4d14-8ec4-869be6e66144AQFcgu71Zlo46FO5pkA8VJJLttGI65tG"
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~28df:18z8~28df"
.c.appier.net/ Name: _auid
Value: dlg_uEOpC6C1B-otdUt4Yw
.c.appier.net/ Name: _gu
Value: CAESEOJimvr8rKEDHbcUbxe07cU
.quantserve.com/ Name: d
Value: EKkBCwHOJ_ijAA
.quantserve.com/ Name: mc
Value: 63784b75-ea1ec-a76d9-a9c23
.ladsp.com/ Name: cr
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4508445342604819091&KRTB&23150-4508445342604819091
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6416496943234349779&KRTB&23263-6416496943234349779
.media.net/ Name: data-g
Value: CAESEMHP5h0mlic_KDIJ63ikocU~~3
.mookie1.com/ Name: syncdata_IOW
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-557869551418898506&KRTB&23339-557869551418898506
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-O3yAKFybQ8Bgjmk6w6vnJ6310aU&KRTB&23334-O3yAKFybQ8Bgjmk6w6vnJ6310aU&KRTB&23417-O3yAKFybQ8Bgjmk6w6vnJ6310aU&KRTB&23426-O3yAKFybQ8Bgjmk6w6vnJ6310aU
.media.net/ Name: visitor-id
Value: 3118296226835752000V10
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-cnUi4nAkIu9pI3TrISU4u3NwceNpJyy5dnWMAlQY&KRTB&19420-cnUi4nAkIu9pI3TrISU4u3NwceNpJyy5dnWMAlQY&KRTB&22979-cnUi4nAkIu9pI3TrISU4u3NwceNpJyy5dnWMAlQY&KRTB&23403-cnUi4nAkIu9pI3TrISU4u3NwceNpJyy5dnWMAlQY
.ladsp.com/ Name: smn_uid
Value: YcuBszT9DFjmfdjIJnr1ag7_4xq5OPk
.ladsp.com/ Name: lum
Value: CPaLm-_IMBIFCAEQqAE
.pubmatic.com/ Name: DPSync3
Value: 1668902400%3A174%7C1669420800%3A248_164%7C1670025600%3A201_197_226_245
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Alexandria
.ambientdsp.com/ Name: _aUID
Value: xvbdsp9y67t
.adsymptotic.com/ Name: U
Value: 97d96716428dd83a9162f30fa11d6a46
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-xvbdsp9y67t
.mookie1.com/ Name: syncdata_TAP
Value: 1
.ctnsnet.com/ Name: cid_3ccd145e44c045d7b75ed73e3bc5ebe7
Value: 1
.ctnsnet.com/ Name: cid_b8099646608b43bb8210e909025f3e56
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-dlg_uEOpC6C1B-otdUt4Yw&KRTB&23130-dlg_uEOpC6C1B-otdUt4Yw
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7755
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-b8099646608b43bb8210e909025f3e56&KRTB&23139-b8099646608b43bb8210e909025f3e56&KRTB&23328-b8099646608b43bb8210e909025f3e56&KRTB&23427-b8099646608b43bb8210e909025f3e56
.dotomi.com/ Name: DotomiTest
Value: 33d1b29053371b3d
.w55c.net/ Name: wfivefivec
Value: USZ8x5kB1OWep15
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 669f7d3c014beb713e29010be60d2aea
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIxLCW69_5pDsQBRIXCghwdWJtYXRpYxILCNSDqMPg-aQ7EAUSFgoHcnViaWNvbhILCKTw_cvg-aQ7EAUSFQoGZ29vZ2xlEgsItKWA0uD5pDsQBRIZCgpyaWdodG1lZGlhEgsIpPD9y-D5pDsQBRIYCgliaWRzd2l0Y2gSCwj2_bHd4PmkOxAFEhUKBmNhc2FsZRILCO75oOLg-aQ7EAUSFAoFdGFwYWQSCwiM5dzu4PmkOxAFGAEgASgCMgsIiNLDoPf5pDsQBTgBWgthZGNvbmR1Y3RvcmAC
.w55c.net/ Name: matchpubmatic
Value: 5
.adgrx.com/ Name: ADGRX_UID
Value: 1abe8abe-67b9-11ed-a73a-2ee288dff49c
.agkn.com/ Name: ab
Value: 0001%3A%2BiYv6MUhmNB%2BRaVeBVwxT7tnbyWKObbF
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9af9a5e5-3c27-4120-9a90-c0b57ad4b46e-004%22%2C%22nxtrdr%22%3Afalse%7D
.socdm.com/ Name: SOSYNC
Value: anNvbjp7ImdkbiI6MTY2ODgyODAyM30
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAJrVTUrTtctwN1Her-AAAAAAA&KRTB&22713-AAAJrVTUrTtctwN1Her-AAAAAAA&KRTB&22715-AAAJrVTUrTtctwN1Her-AAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:USZ8x5kB1OWep15&KRTB&23421-uid:USZ8x5kB1OWep15&KRTB&23429-uid:USZ8x5kB1OWep15
.mookie1.com/ Name: syncdata_NEU
Value: 1
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-1abe8abe-67b9-11ed-a73a-2ee288dff49c&KRTB&23275-1abe8abe-67b9-11ed-a73a-2ee288dff49c
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9af9a5e5-3c27-4120-9a90-c0b57ad4b46e-004%22%7D
.pubmatic.com/ Name: PugT
Value: 1668828024
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-9af9a5e5-3c27-4120-9a90-c0b57ad4b46e-004&KRTB&17107-RX-9af9a5e5-3c27-4120-9a90-c0b57ad4b46e-004
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 157182:4
.pubmatic.com/ Name: SyncRTB3
Value: 1669420800%3A15_2_223%7C1670112000%3A35%7C1674000000%3A69%7C1669680000%3A63%7C1670025600%3A179_54_71_5_238_220_99_165_8_234_13_214_7_56_22_204_3_247_176_233_21_96_107_209_231
.heraldsun.com.au/ Name: _v__chartbeat3
Value: chrSABoXJ9ICypZk
.tribalfusion.com/ Name: ANON_ID
Value: aSnseFN3IdbSIdwFUNGA5XKojV33styfZda2HBKkVGoKqUaXWU0kGk7wZbpgiketwAcWp8ncyjZdfWZdYRO7RLgl
.pubmatic.com/ Name: SPugT
Value: 1668828026

10 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=301601274175.4774?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=301601274175.4774?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=301601274175.4774?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
javascript error URL: https://www.heraldsun.com.au/
Message:
Access to XMLHttpRequest at 'https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%22229c0e488dae47%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%2237bb64fb28044d%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%22470461c44613cb%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%22586346d1b88761%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=5a26e780-cfc1-4896-a395-dcd73a52680a&pv=c3f5212f-fd83-4c48-8bca-928e68932c51&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0' from origin 'https://www.heraldsun.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%22229c0e488dae47%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%2237bb64fb28044d%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%22470461c44613cb%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%22586346d1b88761%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=5a26e780-cfc1-4896-a395-dcd73a52680a&pv=c3f5212f-fd83-4c48-8bca-928e68932c51&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://login.newscorpaustralia.com/csp-reports
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEHFBYbN096VnmpZUmKFTsH4&google_cver=1&google_push=ASkJ3FaFaFNzVCoLdFYTvnGqQFUnN5bTgxehHooExjKPiTE-lF3IR6L6WELEdiH8vIEqmDz_vjTis4Oz3Yrl7j_aNeIHX-DIIrSB_NyJww-5D_vdRXbXDBicUvZteM9BNYtFS4-8hCsUjeKblw
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
8828iayzkvjstuhtt6jcely8u8zcy1668828016.nuid.imrworldwide.com
a.c.appier.net
a.tribalfusion.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.com.au
analytics.twitter.com
api.rlcdn.com
app.cauly.co.kr
assets.vidora.com
ats-wrapper.privacymanager.io
au-gmtdmp.mookie1.com
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
b1sync.zemanta.com
bcd7512691e490f40804569a6579a527.safeframe.googlesyndication.com
beacon.krxd.net
bedsberry.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
bs.serving-sys.com
c.amazon-adsystem.com
c1.adform.net
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.krxd.net
cdn.linkedin.oribi.io
cdn.speedcurve.com
cdn.taboola.com
cdn1.adoberesources.net
cds.taboola.com
ce.lijit.com
check.analytics.rlcdn.com
cm.adgrx.com
cm.ambientdsp.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
collector.bonzai.co
connect.facebook.net
consumer.krxd.net
content.api.news
core.iprom.net
cr-p1.ladsp.com
cs.chocolateplatform.com
cs.lkqd.net
cs.media.net
csync.loopme.me
d.turn.com
d3div1mtym39ic.cloudfront.net
dcollector.bonzai.co
dis.criteo.com
dpm.demdex.net
dps.jp.cinarra.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
e1.emxdgt.com
eb2.3lift.com
edge.adobedc.net
edition.pagesuite.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gdn.socdm.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image5.pubmatic.com
image6.pubmatic.com
images.taboola.com
insight.adsrvr.org
invoke.bonzai.co
ipac.ctnsnet.com
jadserve.postrelease.com
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lm.serving-sys.com
login.newscorpaustralia.com
massets.bonzai.co
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
metrics.heraldsun.com.au
mfad.inskinad.com
mhr.talk.news.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news.google.com
newscorpau.demdex.net
odr.mookie1.com
origin.go.heraldsun.com.au
p.adsymptotic.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.zprk.io
play.google.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rm-script.dotmetrics.net
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.bzcdn.co
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure-ds.serving-sys.com
secure-gg.imrworldwide.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
sg-trc-events.taboola.com
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
subscriptions.heraldsun.com.au
syd-1-apex.go.sonobi.com
sync-dsp.ad-m.asia
sync-t1.taboola.com
sync-tapi.admatrix.jp
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.adx.opera.com
t.co
tags.bluekai.com
tags.news.com.au
tags.rd.linksynergy.com
tags.tiqcdn.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
ts2020-indies-client.web.app
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
visitor.omnitagjs.com
widget.perfectmarket.com
www.facebook.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.heraldsun.com.au
www.linkedin.com
x.bidswitch.net
collector.bonzai.co
cs.chocolateplatform.com
login.newscorpaustralia.com
massets.bonzai.co
syd-1-apex.go.sonobi.com
103.229.10.211
103.229.205.243
103.231.98.193
103.231.98.194
103.71.26.125
104.16.89.20
104.18.101.194
104.18.25.173
104.18.33.19
104.18.36.94
104.22.52.86
104.244.42.3
104.244.42.69
104.254.150.228
104.254.151.68
104.26.6.155
104.65.228.208
104.65.228.244
104.69.108.119
104.83.196.116
104.83.196.200
107.178.244.193
107.178.254.65
107.22.173.254
119.9.108.180
124.146.153.150
124.146.215.48
13.107.42.14
13.114.188.47
13.224.158.57
13.227.138.100
13.227.138.6
13.227.248.101
13.250.213.124
13.251.70.29
13.33.100.143
13.33.33.30
13.33.33.73
13.33.88.104
13.33.88.113
13.33.88.20
13.33.88.56
13.33.88.60
13.33.88.67
13.33.91.15
13.35.8.26
133.186.161.88
139.5.84.243
141.226.224.32
141.226.229.48
142.250.4.104
142.250.4.132
142.250.4.155
142.250.4.156
142.251.10.157
142.251.10.94
142.251.12.132
142.251.12.148
142.251.12.156
142.251.12.95
146.20.132.166
15.197.193.217
151.101.194.133
151.101.2.217
151.101.65.108
151.101.65.175
151.101.65.44
151.101.66.133
151.101.66.49
157.240.15.13
157.240.15.35
162.19.138.118
162.19.138.119
162.19.138.83
169.197.150.8
172.104.45.159
172.217.194.149
172.217.194.156
172.217.194.157
172.253.118.139
172.253.118.97
172.64.133.15
172.64.151.162
172.64.154.237
173.231.184.20
18.138.18.111
18.141.80.142
18.142.1.26
18.142.41.66
18.155.68.99
18.161.111.105
18.176.115.166
18.181.124.83
18.194.192.141
182.161.73.129
182.161.73.145
182.161.73.146
184.31.5.52
185.84.60.30
192.0.66.122
195.5.165.20
199.127.207.180
199.232.44.157
199.36.158.100
202.131.200.82
202.131.200.84
209.191.163.209
23.106.127.164
23.106.127.53
23.106.69.72
23.36.48.24
23.49.60.167
23.52.112.182
23.52.112.234
23.59.168.10
23.73.13.201
3.1.116.111
3.105.150.206
3.214.69.6
3.215.244.231
3.224.58.51
34.102.253.54
34.120.155.137
34.126.167.117
34.160.169.226
34.96.105.8
34.98.64.218
34.98.67.3
35.156.139.93
35.174.181.179
35.186.193.173
35.190.60.146
35.213.12.39
35.214.223.115
35.227.202.26
44.239.168.124
50.116.239.135
50.31.142.127
52.197.202.80
52.220.190.140
52.223.2.229
52.28.196.126
52.33.87.56
52.46.128.147
52.52.52.67
52.54.226.35
52.74.162.2
52.84.228.218
52.94.222.140
52.95.129.82
54.149.113.230
54.169.17.254
54.192.150.117
54.192.150.4
54.192.150.8
54.192.150.94
54.192.150.97
54.202.29.137
54.230.61.52
54.237.32.183
54.254.49.143
63.140.48.156
67.199.150.81
67.199.150.85
67.199.150.86
69.173.158.64
69.173.158.65
74.118.186.45
74.125.130.149
74.125.200.101
74.125.200.94
74.125.24.154
74.125.24.157
74.214.196.131
82.145.213.8
89.207.22.73
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c
017ed3a3015deeaaeadc08a4d8dcde59e102fb6838ab0df6b89ff4aee77ec196
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
0410667774b2bd722b467b963b089b64713a930b990c7a0a7a7235a8dda77ff7
05505732b9e8d6da41cc85e9247e1771de4a36edc477414f7e9de726a27d1c6b
067ad9af108327122242a6037f57e9fb339b5b8232fafca5af68e40c83a63ed3
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b69c2e6002a5330e9d710e3a1d6071b07b24c9dd32c882e4fc94120a9b33164
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d43783d689a41b3f09f8784e96f2926db6d05baae37e6d14455ced684b9abb0
0e56a77328a7ac0c307fff20cc40b71b466a5798b95f5020e44344f7ed6db0b5
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
103a71dbc1e335cc7bcb983086a8fc6ff522fc13bb72ce004c117368639be1c2
1042ba7acf8407e7a93f760a96b5a304ea06140107dee88a3494acc33502388e
11cfb4abc85034d465c3e607a55a8378c6d1a9f9e3c178d484d65759e1c6f80b
126b837a8f488caa05ec18268ed4ccea9ca6850c50baf1303dae094165cfda56
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1342a285d604d7551ba1b5f3d0f0fbfe73d5e321f541677bf3f20337e9ef8a0c
14d9cf30251a36da8a4fa4740b497f250c08499eda252fdd6ca4db49c9c966f3
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c54fdefb6751daf143fd6c63b4f2153f2df222eda828a5ec2f10ab8c410f59
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
1a34f218c2ac3a13453e863b1e7cb0f1a9aa7f88fb78e5f8e8d88953ae00d041
1ad4794a2327551b3b4c89fc345ca763c117d50a001fc64f050dd4ce1ef7ddfc
1af93a79baedcd0b0141f5ea252e90b09939df173357ac3dbcba632498e5385d
1b3c9643e43ad6c968ba4b0bdb40110924149c0ae6fec2e2c9fee420b185aa8e
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f0ddb8ae9b06e9b440b190836aceba6aa24702d0ae4b358b77c4b2db29d602d
2075fd357d315f69b808248d36c3d99795becb149033d022c81b1a03beccdb1f
20875502438955cdb54618cef95302e816fd117baedfda67d839c2eea97d51d6
208ba9cd7370db8ec4dbb16c20e21ecbcf2662a86ec68a1036233ad365284798
2097f65b66aa0ebc20b642a8706f35fbc7367147c7bc8f36f855e7e6d4549c5a
216ba835e231434cd3c2ce6e760ded2025d6e4f56cc58facbff381b0b2a87fd1
218379c2ce1b5f1d83de77e2cf00ab47f736efeaf060c1c91652f110056e9183
22e9cd1c63d981e40c0f75002a17d8d06ffc7159f741de319f4dd7df2d34dffa
24713e413b9683a29e14f18d8cfe3a6657f2d693c59aa833bc58706f490150c5
260ae4aaf9a98760302699a24a09df152bc83a5ee937e42ea6320d09037edd80
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2767cb7c637007e5e81a85776f1b44b2eefd7797204a16cb130b46d939806e2b
289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63
2a664604e1419e2d44aca4ec63a70e26d9d77dbe885343ddc1bb486e2ed608bb
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b09ae712243cfc754c40dd240d9dd011865099fc641225f3f98a6336555f091
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2f323c23ab941c9e378e9d2152511d980d7a88ead0645133a98ecfe2027bbf61
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f9fe749a15b11e399b3bae73ac9f279898d8f76eee2d9b5a8b93d8515ac9baf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e373cb7d88e052f79a7b469851adf061f7d88e2f595115e9f01beae1293a05
331a41e041ef7bb9034f2d4fc8ccf814cc608cfc0a3f895cb3d79a1fd7a1aaf5
35637f785cd363ad1d686ef895d0d8f8840d3e310b1aa7a511033fa056a83092
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a
36a1d1c43e402933e481767a31986cd28968a959cd0fcfb614fa1b2da6a8b7cc
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3a4fe2266b924e98a73a8ea5a7357f33336079209df75e32b46bb9b3bd749f4d
3aeab02ed27a6e05e8f77e04ce118c817d88615966aa5c3662dcb0ec13d33c0c
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee455138c5a2ac218dfaef865fb6e8131490ad85d6d63492cebc49a2b335c85
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49ffe1baff54e97f4e54b695383d2f114a40fb1886465028824b97d801affd3d
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c49928247ac43f83ebf63fc22f836d61be1b1be432e965be1e6d3e7eda2c433
4cc955b9c215c5bf97224d3ebd3ce26f85eeb24cd7f337175bef7aebbbaa98b6
4dac27962abc535e8e0c5707e167d2fe63d16dbfda95ce820c6c8218796d24c1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0ed2ca39b17d551be05900cb086017f230a0d524577ccadaff6a5bf83f0be7
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51289411df7a3f45dbe270d8d01cb50bd9b5f2c446fead20ef7a01ae7959262c
52bbf512b60fd2daf3567636b2bc83a87eabe61a3531eb7a12007ab1f7b5c55d
548d4dd829439a4c2f766017b751377f3be1a5ea2213f9d4e1447ae5a027cef0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557cf69a557275ffccea5168a52ebd426abf4dc843458381fe7faf031f49e4fc
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ed63f92253823bb9bf301b85a3f7e1652bd282950fae6a9d41514ac5e88ed0b
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
618dea9b88ecc17aca37274bb276bce8854fc467c838d6f8f9e485ab194bcd2f
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18
63919867af3995b5bdf26e6d016d1c020d0a79b7d28ba4f397065826b734f432
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
6791d1bf5e635c220f789d582fef4008fe5feb5ad7c4423419996411e8be01a3
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6a0c99baf829ea5d70bf41f38fbf741e8d3b42b7842c081ecfd0d3993ea74801
6a70a882ceb37291af2e03c9d79dae1804ad189f687a6457214ee4df8deddf5a
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bdf564f11423f37660031ae7e7d1e5a219430c9a1bff7625af77f352c096a9d
6c77d9fedc0a692cdb6cfd3f9f2d9ad7e38f17d11d5d860c86bee2357b1f4bec
6d7a5232206bffbd6ed85328c2fbf0b1e8542e54a026a2c9c4c89cf9184ea810
6f4f784115d19960a7381a4cb6e5e143151b0ca1098aa4bdc87aa5b9cc453e56
713781b7f655579d6badf43510123e0843cb718c85bb5530c6f1d051da72a133
7141b95c3bb7533101c1074d98d7ec2f404a12f29aca043c1ca899d5272084ad
7438942bad8e111238e2c203afb9db7173273bb8c5d50baf74084611369d0e6f
751049bc37024119640ca4beeea7c67d8ccf95e7d6e4633d9f1afd3cc5484fcd
753623f88346064bb548612ff9e5d5fd5b26939fc32942c060de14d6007cb912
757066733cc5808a89fa43b99da0148bc8fad6820af900f0ab67d6109ee1af11
76617148e1e3e0071f05d0d21ae3339c48d266cc90f29c333d64cdc43fabea32
76d3d3afe9155d36343ffcfd2944db155511b33ac954cd529b13bc8e30fa0d2e
78f20195a61708feaa410072efa4021c141b9fd27f5875daf6e2c31e58b60327
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7a548f3e052a0db47833a7c5e9fdc8bed6df5954abb3642fa5728b77c9dae5eb
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7eed21740305ef907c076f7fe204726291215471a6f0d2da05b2d88f4a80b0ec
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
80064884a1f4b136327da7b4fd39427ab08d2c50da1e06a9cecde33bbeb13abd
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
81fea29c3a15d5f24793161b87d973a6604c7be18801f5b26116f13a4149aa22
82c6192650ee6f6e456b49639a4d13522009d138b403c54a592d0cde2a30229d
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848360150c7285fb18cb4639a4bb09a3664499b3076d27648f1fd1ff8a7f538f
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
865b38391da9f48afc55071a884a1e7325ab0a90571d8b82f89b7473b85e7276
879cac2694db158c159d91d3ce3285a24913fcf257b7080bcd8046d3e9e4dbe3
88337d7fa9071989053ff7effabb582fb3dacd3637cbea1b8b3cf652f06a26d3
888efefa4bae7462eeb492b1b2c5554f9c011c05bd212c80f35ed4ff36a5ab0c
889879b43a954c6bc9b21d243f89132e7e625e53f86dcec92b6c70bfb6e4b119
8954da94be8689f004b2b8cb62071394238053e3bca6fe6027f33e27f59aeb6f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95
8c11280c15e0035a5036aacf023831e4c5112806703f71a802fbb28c87478116
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
916d8cdfdf06a891561e96a5f6d21ece28f1482ab0b71f905c35c838af24b589
95b455aa0f452d2e4ee5e6f7f8d23f6063b1b4c4d1e6cd2c607692ca99f1e4b9
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
98abddb65ee0b41c1ebaec4f837afc504de8975050dc0a81d370c1fc4191b543
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c9561742c95eb23efa08a9aaafe9c760a3580f9fc35ae4e70eaa8ed2eb0f55a
9cd5d42c8875eb8d6fcba62b801117f3fd40d8deca0adba6b41678e08d77fab6
9d80eb68d400d9ac11a5d782b5ffd430dcbf9d31e63180f9dee34b9906ccd6f8
9e47ed2c15b82499c44e99168ffcaa05c7a2e15ce8d035a52b2ea9bcef036f7d
9f2be0b1b140f38349c1a9f5aa5f6fc61aed42e9360d137bc6bb0fc864cadff4
9f2c555739a5381db81ff8608f59cb3fd19d57d32e896ee9456d76553e04b531
9ffba5fabb4279da3b75965cb391091f1271fa2ad919ae51f998e863ee7d5399
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a2d394c8474dfabc643e183cc3421642ad0842d0a0c8144bc4c6077de64e6845
a411a20ade78048bc2363a9613edadcd9de84994a123f97beae3559e9afa8c79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a6701a03543baf2e69a514cf69440bf2b8cd8c782c73a9633155edcf62a5966e
a78b32d679bed5e0c64fb39b7afe4680234d3406fd40a2ef15695d54619fd30e
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa23ab86a61744f51cc8f2b620d9f5215cd85f76e10f533222f602d0ab31b0e0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04bdc0369f1282ae5539b7fad8b1c45ee6cd0b7b3314a4aacb178d9f55c9086
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26cf16fceae57ae7d806f7cb4e9f3da3e9c82c1a4c36a3a06c187a962b22334
b409c9d8e227cfc9f2dbeb9116f1d49220ad0fcc9d7cddb4a5a7bd9e1c47a891
b4bd3b89146811d4168bfe525a981f93d27621b3add12e3836507b9b26e64a52
b5e1f5e47fcd4c4a4923cf617a5025ac465087f7c99384f3e45121c2b5d6c5e9
b5f0466dafb00f3e4eef00370d66f8f2721ba207cd6a65c13f1a904cd742948d
b9f6a182e0ccc9529f1e1126e07608fd29dc697744ca3064e6d7f1d1c9310229
ba6b2969ea261b2e4766b17fe567522e17fc835c5fab2034b196f8975674cacc
ba8c3058c6d474be354158989412b2ded878b66af54256ac5bc39a8b76e381d8
ba924e837f079b6d8c728f19d89127dd52be8f4095971626a85ca54f58450153
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc3dcc30048d55cf5b3b4bdc53b7e5081b28bb15d3ce73648fbb4e0fc694e2b6
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf48ea036703a22f9dddf0cce9e2b1f18797b3b3224a6fc97294054deea01c96
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d4be8d98314556b0fcadcac08fb50d221f58a572f4725ea8ebf0b2b596a6b1
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c48f224fd876acd5f21e3a5c335be806b2ee912fbf9f705acf8497eba7c503db
c52003e5564797d76babb4b69ea4a21c8acd8afcd66d7ac5c4ee990314f2752a
c5479429cf03c62393df0e79e6ad5f626153798b7339ff83af1a1a8495824f2e
c55691f16e9f7f68d23d0b8b0b5a91ed4ae77541c47cc8c5d1a6b7ec65b84dfe
c606f8399c7f111a4f6a69475c266f2be87b09c6580501f0ba4cf1e3d90558ab
c6146baa9b73b9a6ae5926e7992ae2fde51d643f8c499cc43a329735e58312be
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df
c7935fa059e0e8b123b5670156ab7009349ab76c129a4f7a9427c9b37d0d9661
c90a02d7c77c4dd508eede5f22240786f23c358336aef0f7c7a20d13f147ed64
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
c9ed73cb1cb030ef97f37d50539840a9de3cf14916a6ee0bbe331c2119161192
ca40f6cbbf38d34bcdbd7727249fd016b7bc8aac6e117adcb82d3792e76f9860
cdaf1e9148d4726cb77eef9740fb96e65c455d7a0948cbe94dea74f17f2f2fda
ce198c1d3387ca52ac0766c5c62017c1b311c7a399207cf9b897923d0b6d5e38
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d21cc2e3d89e527ce95d0db25f4fc10c2fd7d00a523d547a580face8d93366fe
d278a5e767eb3d527a49d5d227808348c832f931a532d797c58a7d6b5bb1f658
d33fa6d1df85087a74ecb1ab62953dd953c276867824a7d6398d1f5bbfedb4d1
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
d50c44d22281e0231ac803d59f1c6a1e3d4aba10e392cbaaae962f8477e26531
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d79ba1a4549502813b3415628e3df0be408f5d5487651af686d52350fe17367c
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
dbed06d37303d9a2f40a4c7c800d2879e8788cbf872d160593a837fcc9d06603
dc540b177e0fcc77484aef49904e1b5696681e49c791ac8bb65f26ad6a6ad4b8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddc6a0df25826e5cbf2eff4b33d93834f90e09180d0f81c9ffefb69d3cf2a673
ded34b159092aba33a6f9397157be39ce9e270f20153ad71f3ccc474a7540f08
df0f2961fcf22b5b181582f74613310c0b25d8e2c38062df1ca1811187dfc4c6
df463fc1704f5c3a92715f0a09f98a15be3d8aaa8305960f25652d59e4f2a5b7
df51a5301fcae2ec9503d129a2341e80f6d52e9416ff2460c3048947f4f3852a
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4ce52ad6294cfec05864828f5df3325fc1f6627b957919fa931e94cb95453f8
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e745fd04b3660338e575422753f485d606dc732ef86fd366601483f65ab97744
e79e2d89687eff1cde896384ca9c0f2fc72b7bc595caa94dbe801984c8df5cd1
e87455ae95f61cfbc0f7cb6fddf160a4359d212caca78f512ce2fe37dded02e0
e8d91604cef65d7e471320a24095f909f0f178adf89c7a9fc4889c79ba7a5e26
e8e27390a3f66b6511e34535dc56f9210ea24928edbe56ac0a6c007024f0ac85
e9d85de9f99c2af1b8da3f69f46093022f9194b38ee8e11db9da75aed0d22ffa
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
ebcc04211a89c8fe6b15e39e511a820e6d2908eecd25e58a620d633e35e6933e
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec4e9596258110f20801c5d0a1c5956a15c4e8c69d8ca24eb0aac83885ed3007
ecd766a690e0d4d93a1fd5713d744b6ce51963d67b62def74fe37f3747a14a30
ecdc40c675cbe207cc7d075bdfdd8b994ce97f159c3d73d31dfaf24998051b0b
ed5f6cad6327bb10a9daab99892565c78084fb35c1b107891a912493597f54a3
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8ada9cc4c13d8dec0c08d17408e56b08f925ad761589894de2c2a618052fba
ef94f345e1e2e2c839c86239e71064deb6ccb06f673acb4dfee2753a5ff025fc
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f2a50c5b694cb8c9add6c3f64eeaad489f022ba77189193f14dde4da22262978
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55
f6119043c5e00b7e1c5316e5aa030fee8c6a98501427ca196cca517d3cb1763e
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f72e831759b7d920e3848cf5df238e6037b9742e1f5de951aa5edf927ddec3f2
f894bed66dc0a914589adc087f92a5f8a28dcb631c964d669e87e97d5457c1f3
f8d75bc73f8755b06245eb1a5b0df2247bfef548286c4c2dd9eb1427509f306f
f948c330c0e25b79dfcb7a2f039dfa3af4ddacdbea9077cbfe722d438f09f5a4
fa4ba7c88c6d4cfd3cc328b83237b60b28965e41471899527a773442c9a6c7fe
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc619da6340d6c154a59c4858ce1e111bfbfe87c13c38976a80b3c0c7f0b6db1
fc75e0032627fad35171c6bf3cd6f4ae84561c235b1d41da56fb4dd6a6fb5c6a
fd1ce4eff7408ec7bf2cd292912e72029b9a3e293bc641d1275eac09e383876f
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9