urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
23.195.152.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.heraldsun.com.au/
Effective URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Submission: On October 18 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 140 IPs in 13 countries across 121 domains to perform 578 HTTP transactions. The main IP is 23.195.152.111, located in Singapore and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 526345.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 13th 2023. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 68 23.195.152.111 16625 (AKAMAI-AS)
1 13 23.195.152.191 16625 (AKAMAI-AS)
34 23.54.56.214 16625 (AKAMAI-AS)
1 151.101.2.217 54113 (FASTLY)
2 151.101.130.217 54113 (FASTLY)
1 13.33.45.206 16509 (AMAZON-02)
1 17 151.101.193.44 54113 (FASTLY)
3 34.160.169.226 15169 (GOOGLE)
1 199.36.158.100 54113 (FASTLY)
3 23.195.154.245 16625 (AKAMAI-AS)
6 13.33.33.103 16509 (AMAZON-02)
2 54.192.150.7 16509 (AMAZON-02)
1 172.64.102.11 13335 (CLOUDFLAR...)
1 182.161.73.136 55569 (CRITEO-AS...)
2 15 141.226.229.48 200478 (TABOOLA-AS)
2 151.101.129.44 54113 (FASTLY)
1 23.72.45.28 16625 (AKAMAI-AS)
10 52.84.45.108 16509 (AMAZON-02)
1 142.251.12.149 15169 (GOOGLE)
1 23.54.56.167 16625 (AKAMAI-AS)
1 13.33.97.213 16509 (AMAZON-02)
2 157.240.235.1 32934 (FACEBOOK)
1 18.155.68.27 16509 (AMAZON-02)
2 35.169.153.218 14618 (AMAZON-AES)
1 151.101.1.175 54113 (FASTLY)
3 104.22.53.86 13335 (CLOUDFLAR...)
1 23.72.44.233 16625 (AKAMAI-AS)
11 172.217.194.154 15169 (GOOGLE)
3 13.33.77.151 16509 (AMAZON-02)
1 52.84.251.10 16509 (AMAZON-02)
2 104.26.12.18 13335 (CLOUDFLAR...)
5 184.28.235.74 20940 (AKAMAI-ASN1)
2 23.46.16.168 20940 (AKAMAI-ASN1)
2 151.101.1.140 54113 (FASTLY)
3 13.224.250.80 16509 (AMAZON-02)
4 54.192.150.56 16509 (AMAZON-02)
1 52.84.251.86 16509 (AMAZON-02)
8 141.226.231.48 200478 (TABOOLA-AS)
1 151.101.129.229 54113 (FASTLY)
9 14 162.19.138.82 16276 (OVH)
1 34.120.155.137 396982 (GOOGLE-CL...)
10 23.202.130.38 16625 (AKAMAI-AS)
2 54.210.220.158 14618 (AMAZON-AES)
3 172.253.118.156 15169 (GOOGLE)
1 74.125.68.157 15169 (GOOGLE)
11 52.13.17.63 16509 (AMAZON-02)
3 162.19.138.116 16276 (OVH)
3 157.240.235.35 32934 (FACEBOOK)
1 104.69.168.60 16625 (AKAMAI-AS)
1 23.15.147.149 16625 (AKAMAI-AS)
2 18.161.111.107 16509 (AMAZON-02)
1 3.24.70.96 16509 (AMAZON-02)
1 18.155.68.80 16509 (AMAZON-02)
2 13.33.88.119 16509 (AMAZON-02)
1 20.40.202.2 8075 (MICROSOFT...)
1 13.227.254.18 16509 (AMAZON-02)
1 18.138.15.105 16509 (AMAZON-02)
10 18.136.228.74 16509 (AMAZON-02)
8 16 103.43.90.178 29990 (ASN-APPNEX)
1 52.10.212.50 16509 (AMAZON-02)
1 63.140.36.14 16509 (AMAZON-02)
1 1 18.138.79.132 16509 (AMAZON-02)
7 64.233.170.100 15169 (GOOGLE)
2 52.76.99.23 16509 (AMAZON-02)
1 54.192.150.117 16509 (AMAZON-02)
1 1 211.120.53.205 4694 (IDCF IDC ...)
2 2 3.123.157.122 16509 (AMAZON-02)
1 2 23.106.127.53 59253 (LEASEWEB-...)
16 24 69.173.158.64 26667 (RUBICONPR...)
2 6 18.142.123.88 16509 (AMAZON-02)
2 2 35.208.249.213 15169 (GOOGLE)
13 19 74.125.24.154 15169 (GOOGLE)
1 16 67.199.150.86 3257 (GTT-BACKB...)
12 19 35.71.131.137 16509 (AMAZON-02)
1 74.214.196.131 19189 (PULSEPOINT)
2 2 182.161.73.146 55569 (CRITEO-AS...)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
3 4 185.84.60.20 198622 (ADFORM)
2 2 50.57.31.206 19994 (RACKSPACE)
3 4 119.9.108.211 45187 (RACKSPACE...)
3 3 18.140.27.177 16509 (AMAZON-02)
3 3 35.214.232.33 15169 (GOOGLE)
4 6 35.213.12.39 15169 (GOOGLE)
1 1 23.108.103.8 59253 (LEASEWEB-...)
2 2 18.192.43.30 16509 (AMAZON-02)
1 2 52.223.2.229 16509 (AMAZON-02)
2 3 35.244.159.8 15169 (GOOGLE)
1 3.218.40.90 14618 (AMAZON-AES)
1 141.226.224.32 200478 (TABOOLA-AS)
4 13.33.90.128 16509 (AMAZON-02)
1 146.75.112.157 54113 (FASTLY)
2 74.125.24.97 15169 (GOOGLE)
2 23.72.44.183 16625 (AKAMAI-AS)
2 4 74.125.130.148 15169 (GOOGLE)
1 142.251.175.156 15169 (GOOGLE)
4 24 104.18.26.193 13335 (CLOUDFLAR...)
8 142.251.12.94 15169 (GOOGLE)
1 18.155.68.48 16509 (AMAZON-02)
1 13.33.35.24 16509 (AMAZON-02)
3 74.125.130.157 15169 (GOOGLE)
4 51.75.88.190 16276 (OVH)
2 51.75.89.127 16276 (OVH)
2 51.75.95.152 16276 (OVH)
2 51.75.95.112 16276 (OVH)
2 51.75.95.199 16276 (OVH)
2 51.75.92.250 16276 (OVH)
2 51.75.92.187 16276 (OVH)
2 2 50.116.239.135 6336 (TURN-US-ASN)
1 63.140.36.138 16509 (AMAZON-02)
4 23.72.44.196 16625 (AKAMAI-AS)
13 74.125.200.132 15169 (GOOGLE)
2 182.161.73.129 55569 (CRITEO-AS...)
6 6 18.143.106.89 16509 (AMAZON-02)
2 184.28.235.217 20940 (AKAMAI-ASN1)
1 1 34.231.45.30 14618 (AMAZON-AES)
1 54.149.199.105 16509 (AMAZON-02)
1 1 104.69.166.9 16625 (AKAMAI-AS)
8 9 151.101.66.49 54113 (FASTLY)
4 142.251.10.156 15169 (GOOGLE)
5 64.233.170.103 15169 (GOOGLE)
6 142.251.12.101 15169 (GOOGLE)
7 207.65.33.82 62713 (AS-PUBMATIC)
1 74.118.186.107 6336 (TURN-US-ASN)
2 3.72.119.175 16509 (AMAZON-02)
2 142.251.12.156 15169 (GOOGLE)
4 23.195.154.61 16625 (AKAMAI-AS)
2 104.18.25.18 13335 (CLOUDFLAR...)
1 2 34.102.253.54 396982 (GOOGLE-CL...)
3 74.125.200.94 15169 (GOOGLE)
4 67.199.150.81 3257 (GTT-BACKB...)
4 13 52.46.143.56 16509 (AMAZON-02)
1 1 45.137.176.88 60350 (VP)
1 13.107.42.14 8068 (MICROSOFT...)
2 3 67.220.226.232 16509 (AMAZON-02)
3 3 54.65.219.118 16509 (AMAZON-02)
1 131.153.206.103 59210 (PHOENIXNA...)
1 13.227.254.114 16509 (AMAZON-02)
1 54.169.175.61 16509 (AMAZON-02)
1 1 52.54.122.44 14618 (AMAZON-AES)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 2 209.191.163.208 32475 (SINGLEHOP...)
34 54.224.81.152 14618 (AMAZON-AES)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.131 13414 (TWITTER)
1 23.46.16.136 20940 (AKAMAI-ASN1)
2 2 103.229.10.171 16509 (AMAZON-02)
3 4 64.74.236.95 19024 (INTERNAP-...)
2 2 35.213.93.179 15169 (GOOGLE)
1 2 18.139.47.19 16509 (AMAZON-02)
3 3 35.236.220.17 396982 (GOOGLE-CL...)
5 207.65.33.76 62713 (AS-PUBMATIC)
1 1 18.138.18.111 16509 (AMAZON-02)
1 1 52.6.137.171 14618 (AMAZON-AES)
1 1 82.145.213.8 39832 (NO-OPERA)
1 1 139.162.58.205 63949 (AKAMAI-LI...)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
2 2 89.207.22.137 41041 (VCLK-EU-SE)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
3 4 104.18.24.173 13335 (CLOUDFLAR...)
1 13.215.8.194 16509 (AMAZON-02)
1 63.140.36.117 16509 (AMAZON-02)
1 2 35.186.193.173 15169 (GOOGLE)
1 18.182.123.76 16509 (AMAZON-02)
1 1 69.173.151.100 26667 (RUBICONPR...)
2 2 52.74.118.249 16509 (AMAZON-02)
1 195.5.165.20 44968 (IPROM-AS)
1 8.18.47.7 398989 (DEEPINTENT)
2 2 13.228.194.70 16509 (AMAZON-02)
578 140
68    23.195.152.111 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-111.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
content.api.news
mhr.talk.news.com.au
13    23.195.152.191 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-191.deploy.static.akamaitechnologies.com
tags.news.com.au
34    23.54.56.214 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-56-214.deploy.static.akamaitechnologies.com
resourcesssl.newscdn.com.au
1    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
2    151.101.130.217 (United States)

ASN54113 (FASTLY, US)
js.sentry-cdn.com
browser.sentry-cdn.com
1    13.33.45.206 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-45-206.sin2.r.cloudfront.net
d2n6ofw4o746cn.cloudfront.net
17    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
images.taboola.com
match.taboola.com
3    34.160.169.226 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 226.169.160.34.bc.googleusercontent.com
bedsberry.com
1    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
ts2020-indies-client.web.app
3    23.195.154.245 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-154-245.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.heraldsun.com.au
6    13.33.33.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-103.sin2.r.cloudfront.net
tags.tiqcdn.com
2    54.192.150.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-7.sin2.r.cloudfront.net
assets.vidora.com
1    172.64.102.11 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
15    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
pm-widget.taboola.com
pips.taboola.com
1    23.72.45.28 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-45-28.deploy.static.akamaitechnologies.com
players.brightcove.net
10    52.84.45.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-108.mrs52.r.cloudfront.net
static.adsafeprotected.com
1    142.251.12.149 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f149.1e100.net
ad.doubleclick.net
1    23.54.56.167 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-56-167.deploy.static.akamaitechnologies.com
cdn.optimizely.com
1    13.33.97.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-97-213.sin2.r.cloudfront.net
static.chartbeat.com
2    157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net
1    18.155.68.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-27.sin52.r.cloudfront.net
au.tags.newscgp.com
2    35.169.153.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-153-218.compute-1.amazonaws.com
pixel.zprk.io
1    151.101.1.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
3    104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.72.44.233 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-233.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
11    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
securepubads.g.doubleclick.net
3    13.33.77.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-77-151.sin2.r.cloudfront.net
c.amazon-adsystem.com
1    52.84.251.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-10.sin5.r.cloudfront.net
ats-wrapper.privacymanager.io
2    104.26.12.18 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
5    184.28.235.74 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-28-235-74.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    23.46.16.168 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-46-16-168.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
2    151.101.1.140 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
alb.reddit.com
3    13.224.250.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-80.sin52.r.cloudfront.net
cdn-gl.imrworldwide.com
4    54.192.150.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-56.sin2.r.cloudfront.net
au-script.dotmetrics.net
1    52.84.251.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-86.sin5.r.cloudfront.net
cdn.adsafeprotected.com
8    141.226.231.48 (Hong Kong)

ASN200478 (TABOOLA-AS, IL)
hk-trc-events.taboola.com
1    151.101.129.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
14    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
10    23.202.130.38 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-130-38.deploy.static.akamaitechnologies.com
statsapi.foxsports.com.au
2    54.210.220.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-220-158.compute-1.amazonaws.com
ping.chartbeat.net
3    172.253.118.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f156.1e100.net
pagead2.googlesyndication.com
1    74.125.68.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f157.1e100.net
googleads4.g.doubleclick.net
11    52.13.17.63 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-13-17-63.us-west-2.compute.amazonaws.com
dpm.demdex.net
3    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
lb.eu-1-id5-sync.com
3    157.240.235.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com
1    104.69.168.60 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-168-60.deploy.static.akamaitechnologies.com
cdn3.optimizely.com
1    23.15.147.149 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-147-149.deploy.static.akamaitechnologies.com
a20352597942.cdn.optimizely.com
2    18.161.111.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-111-107.mrs52.r.cloudfront.net
geo.privacymanager.io
1    3.24.70.96 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-24-70-96.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
1    18.155.68.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-80.sin52.r.cloudfront.net
ncg.tags.news.com.au
2    13.33.88.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-119.sin2.r.cloudfront.net
au.audience.newscgp.com
1    20.40.202.2 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
1    13.227.254.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-18.sin52.r.cloudfront.net
rm-script.dotmetrics.net
1    18.138.15.105 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-15-105.ap-southeast-1.compute.amazonaws.com
bs.serving-sys.com
10    18.136.228.74 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-228-74.ap-southeast-1.compute.amazonaws.com
pixel.adsafeprotected.com
16    103.43.90.178 (Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    52.10.212.50 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-212-50.us-west-2.compute.amazonaws.com
newscorpau.demdex.net
1    63.140.36.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-14.data.adobedc.net
newscorpau.sc.omtrdc.net
1    18.138.79.132 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-79-132.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
7    64.233.170.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f100.1e100.net
news.google.com
2    52.76.99.23 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-99-23.ap-southeast-1.compute.amazonaws.com
secure-sdk.imrworldwide.com
1    54.192.150.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-117.sin2.r.cloudfront.net
nhavisjcaajtog6v4loaiwbgxhpi21697612042.nuid.imrworldwide.com
1    211.120.53.205 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    3.123.157.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-157-122.eu-central-1.compute.amazonaws.com
ih.adscale.de
2    23.106.127.53 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
24    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
6    18.142.123.88 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-123-88.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
19    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
cm.g.doubleclick.net
16    67.199.150.86 (Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
19    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
4    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
4    119.9.108.211 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipapac.semasio.net
3    18.140.27.177 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-27-177.ap-southeast-1.compute.amazonaws.com
ps.eyeota.net
3    35.214.232.33 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 33.232.214.35.bc.googleusercontent.com
csync.loopme.me
6    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    23.108.103.8 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
inv-nets.admixer.net
2    18.192.43.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-43-30.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    3.218.40.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-40-90.compute-1.amazonaws.com
logx.optimizely.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
4    13.33.90.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-90-128.sin2.r.cloudfront.net
js.adsrvr.org
1    146.75.112.157 (Tokyo, Japan)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net
www.googletagmanager.com
2    23.72.44.183 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-183.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    74.125.130.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f148.1e100.net
8228261.fls.doubleclick.net
1    142.251.175.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f156.1e100.net
www.googleadservices.com
24    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
8    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
www.gstatic.com
1    18.155.68.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-48.sin52.r.cloudfront.net
config.aps.amazon-adsystem.com
1    13.33.35.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-35-24.sin2.r.cloudfront.net
aax.amazon-adsystem.com
3    74.125.130.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f157.1e100.net
googleads.g.doubleclick.net
4    51.75.88.190 (Germany)

ASN16276 (OVH, FR)
c0.eu-3-id5-sync.com
c7.eu-3-id5-sync.com
2    51.75.89.127 (Germany)

ASN16276 (OVH, FR)
c1.eu-3-id5-sync.com
2    51.75.95.152 (Germany)

ASN16276 (OVH, FR)
c2.eu-3-id5-sync.com
2    51.75.95.112 (Germany)

ASN16276 (OVH, FR)
c3.eu-3-id5-sync.com
2    51.75.95.199 (Germany)

ASN16276 (OVH, FR)
c4.eu-3-id5-sync.com
2    51.75.92.250 (Germany)

ASN16276 (OVH, FR)
c5.eu-3-id5-sync.com
2    51.75.92.187 (Germany)

ASN16276 (OVH, FR)
c6.eu-3-id5-sync.com
2    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
ad.turn.com
1    63.140.36.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-138.data.adobedc.net
metrics.heraldsun.com.au
4    23.72.44.196 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com
image5.pubmatic.com
ads.pubmatic.com
13    74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net
b55fa654ee3e34c0ed8b9c5d1953e9cf.safeframe.googlesyndication.com
tpc.googlesyndication.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
6    18.143.106.89 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    184.28.235.217 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-28-235-217.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    34.231.45.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-45-30.compute-1.amazonaws.com
usermatch.krxd.net
1    54.149.199.105 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-199-105.us-west-2.compute.amazonaws.com
beacon.krxd.net
1    104.69.166.9 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-166-9.deploy.static.akamaitechnologies.com
tags.bluekai.com
9    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
www.googletagservices.com
5    64.233.170.103 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f103.1e100.net
www.google.com
6    142.251.12.101 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f101.1e100.net
play.google.com
7    207.65.33.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    74.118.186.107 (Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
2    3.72.119.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-119-175.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
2    142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net
adservice.google.com
4    23.195.154.61 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-154-61.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
3    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
www.google.com.au
4    67.199.150.81 (Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
13    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    67.220.226.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    54.65.219.118 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-219-118.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    131.153.206.103 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
1    13.227.254.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-114.sin52.r.cloudfront.net
live.primis.tech
1    54.169.175.61 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-175-61.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    52.54.122.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-122-44.compute-1.amazonaws.com
sync.ipredictive.com
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
2    209.191.163.208 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
34    54.224.81.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-81-152.compute-1.amazonaws.com
dt.adsafeprotected.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    23.46.16.136 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-46-16-136.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
4    64.74.236.95 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
2    18.139.47.19 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-47-19.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
3    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
5    207.65.33.76 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    18.138.18.111 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    52.6.137.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-137-171.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    139.162.58.205 (Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1471-205.members.linode.com
gocm.c.appier.net
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    89.207.22.137 (Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin03-nessy-float1.dotomi.com
pubmatic-match.dotomi.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
4    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    13.215.8.194 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-8-194.ap-southeast-1.compute.amazonaws.com
d.adroll.com
1    63.140.36.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-117.data.adobedc.net
edge.adobedc.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    18.182.123.76 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-123-76.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    52.74.118.249 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-118-249.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    13.228.194.70 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-194-70.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
Apex Domain
Subdomains		 Transfer
55 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 720
cdn.adsafeprotected.com — Cisco Umbrella Rank: 4144
pixel.adsafeprotected.com — Cisco Umbrella Rank: 936
dt.adsafeprotected.com — Cisco Umbrella Rank: 658
425 KB
43 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1126
pm-widget.taboola.com — Cisco Umbrella Rank: 3680
trc.taboola.com — Cisco Umbrella Rank: 680
trc-events.taboola.com — Cisco Umbrella Rank: 2281
hk-trc-events.taboola.com — Cisco Umbrella Rank: 28074
images.taboola.com — Cisco Umbrella Rank: 1964
sync.taboola.com — Cisco Umbrella Rank: 1031
sync-t1.taboola.com — Cisco Umbrella Rank: 1598
match.taboola.com — Cisco Umbrella Rank: 5650
pips.taboola.com — Cisco Umbrella Rank: 1752
cds.taboola.com — Cisco Umbrella Rank: 2153
292 KB
40 api.news
content.api.news — Cisco Umbrella Rank: 76145
553 KB
39 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 173
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 229464
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
218 KB
36 pubmatic.com
hbopenbid.pubmatic.com Failed
simage2.pubmatic.com — Cisco Umbrella Rank: 959
image5.pubmatic.com — Cisco Umbrella Rank: 76059
image2.pubmatic.com — Cisco Umbrella Rank: 1116
ads.pubmatic.com — Cisco Umbrella Rank: 588
image6.pubmatic.com — Cisco Umbrella Rank: 967
image4.pubmatic.com — Cisco Umbrella Rank: 1249
simage4.pubmatic.com — Cisco Umbrella Rank: 1354
42 KB
34 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 125320
707 KB
29 rubiconproject.com
fastlane.rubiconproject.com Failed
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
token.rubiconproject.com — Cisco Umbrella Rank: 504
eus.rubiconproject.com — Cisco Umbrella Rank: 662
prebid-a.rubiconproject.com Failed
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1256
41 KB
28 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 526345
subscriptions.heraldsun.com.au
metrics.heraldsun.com.au
432 KB
24 casalemedia.com
htlb.casalemedia.com Failed
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
ssum.casalemedia.com — Cisco Umbrella Rank: 1490
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum.casalemedia.com — Cisco Umbrella Rank: 1698
18 KB
23 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
js.adsrvr.org — Cisco Umbrella Rank: 1808
insight.adsrvr.org — Cisco Umbrella Rank: 665
17 KB
21 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
aax.amazon-adsystem.com — Cisco Umbrella Rank: 426
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
81 KB
20 google.com
news.google.com — Cisco Umbrella Rank: 6566
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 37
adservice.google.com — Cisco Umbrella Rank: 118
78 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
acdn.adnxs.com — Cisco Umbrella Rank: 663
secure.adnxs.com — Cisco Umbrella Rank: 542
33 KB
17 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1156
id5-sync.com — Cisco Umbrella Rank: 470
106 KB
16 eu-3-id5-sync.com
c0.eu-3-id5-sync.com
c1.eu-3-id5-sync.com
c2.eu-3-id5-sync.com
c3.eu-3-id5-sync.com
c4.eu-3-id5-sync.com
c5.eu-3-id5-sync.com
c6.eu-3-id5-sync.com
c7.eu-3-id5-sync.com
4 KB
16 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
b55fa654ee3e34c0ed8b9c5d1953e9cf.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
241 KB
16 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 109643
mhr.talk.news.com.au — Cisco Umbrella Rank: 851541
ncg.tags.news.com.au — Cisco Umbrella Rank: 202439
293 KB
12 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
5 KB
12 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 242
newscorpau.demdex.net — Cisco Umbrella Rank: 157244
16 KB
10 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1318
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
2 KB
10 foxsports.com.au
statsapi.foxsports.com.au — Cisco Umbrella Rank: 461039
17 KB
8 gstatic.com
www.gstatic.com
159 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
3 KB
6 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1270
uipapac.semasio.net — Cisco Umbrella Rank: 115557
3 KB
6 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2713
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 6612
nhavisjcaajtog6v4loaiwbgxhpi21697612042.nuid.imrworldwide.com
68 KB
6 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1241
29 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 61592
rm-script.dotmetrics.net — Cisco Umbrella Rank: 5897
23 KB
5 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 2960
bs.serving-sys.com — Cisco Umbrella Rank: 1862
lm.serving-sys.com — Cisco Umbrella Rank: 3192
26 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 766
138 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 985
s.tribalfusion.com — Cisco Umbrella Rank: 2451
2 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 637
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
236 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 643
2 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 521
1 KB
4 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1168
check.analytics.rlcdn.com Failed
idsync.rlcdn.com — Cisco Umbrella Rank: 445
1 KB
4 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 170930
au.pixel.newscgp.com — Cisco Umbrella Rank: 191256
au.audience.newscgp.com — Cisco Umbrella Rank: 153270
49 KB
4 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 889
cdn3.optimizely.com — Cisco Umbrella Rank: 6193
a20352597942.cdn.optimizely.com — Cisco Umbrella Rank: 213578
logx.optimizely.com — Cisco Umbrella Rank: 1604
135 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
2 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 624
1 KB
3 google.com.au
www.google.com.au — Cisco Umbrella Rank: 24314
671 B
3 openx.net
u.openx.net — Cisco Umbrella Rank: 739
us-u.openx.net — Cisco Umbrella Rank: 547
940 B
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
755 B
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1189
2 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
910 B
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145
839 B
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3087
collector.brandmetrics.com — Cisco Umbrella Rank: 3514
21 KB
3 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 2886
geo.privacymanager.io — Cisco Umbrella Rank: 2195
53 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
bidder.criteo.com Failed
dis.criteo.com — Cisco Umbrella Rank: 648
1 KB
3 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 264029
24 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1069
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1504
1 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6415
671 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4048
743 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 924
881 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
855 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2841
967 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
1 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1199
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1720
523 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
cdn.indexww.com — Cisco Umbrella Rank: 1795
2 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 2014
beacon.krxd.net — Cisco Umbrella Rank: 903
529 B
2 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 1185
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
60 KB
2 turn.com
d.turn.com — Cisco Umbrella Rank: 1513
ad.turn.com — Cisco Umbrella Rank: 1024
920 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
144 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 434
738 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1204
1 KB
2 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1030
491 B
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 951
199 B
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 3185
633 B
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4613 Failed
754 B
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1445
401 B
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 19437
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
89 KB
2 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 97501
6 KB
2 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 140997
4 KB
2 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 5907
browser.sentry-cdn.com — Cisco Umbrella Rank: 4252
22 KB
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1171
44 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6854
277 B
1 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 17112
38 B
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 4977
801 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1495
181 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1703
424 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 5311
406 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2653
436 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2092
552 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 915
1 KB
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 22275
651 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 620
698 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 869
395 B
1 t.co
t.co — Cisco Umbrella Rank: 614
376 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1089
493 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 621
280 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1985
283 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
449 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 416
516 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1709
680 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
99 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 734
501 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 153
19 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 792
15 KB
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2870
583 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 602
691 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1247
873 B
1 omtrdc.net
newscorpau.sc.omtrdc.net — Cisco Umbrella Rank: 212938
271 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1613
637 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
1 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1380
8 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 12642
20 KB
1 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 5354
971 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1738
24 KB
1 brightcove.net
players.brightcove.net — Cisco Umbrella Rank: 3301
250 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1214
12 KB
1 web.app
ts2020-indies-client.web.app — Cisco Umbrella Rank: 246625
2 KB
1 cloudfront.net
d2n6ofw4o746cn.cloudfront.net
28 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 6902
9 KB
0 ad-m.asia Failed
sync-dsp.ad-m.asia Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 scanscout.com Failed
dt.scanscout.com Failed
0 inskinad.com Failed
mfad.inskinad.com Failed
578 121
Domain Requested by
40 content.api.news www.heraldsun.com.au
34 dt.adsafeprotected.com www.heraldsun.com.au
34 resourcesssl.newscdn.com.au www.heraldsun.com.au
ts2020-indies-client.web.app
resourcesssl.newscdn.com.au
26 www.heraldsun.com.au 2 redirects www.heraldsun.com.au
19 cm.g.doubleclick.net 13 redirects www.heraldsun.com.au
js.adsrvr.org
17 pixel.rubiconproject.com 12 redirects www.heraldsun.com.au
16 dsum-sec.casalemedia.com 2 redirects www.heraldsun.com.au
ssum-sec.casalemedia.com
16 match.adsrvr.org 9 redirects www.heraldsun.com.au
js.adsrvr.org
ssum-sec.casalemedia.com
16 simage2.pubmatic.com 1 redirects www.heraldsun.com.au
ads.pubmatic.com
14 id5-sync.com 9 redirects tags.news.com.au
browser.sentry-cdn.com
13 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
www.heraldsun.com.au
c.amazon-adsystem.com
s.amazon-adsystem.com
ads.pubmatic.com
13 tags.news.com.au 1 redirects www.heraldsun.com.au
resourcesssl.newscdn.com.au
tags.tiqcdn.com
au.tags.newscgp.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
12 ib.adnxs.com 6 redirects browser.sentry-cdn.com
www.heraldsun.com.au
acdn.adnxs.com
11 dpm.demdex.net tags.news.com.au
www.heraldsun.com.au
browser.sentry-cdn.com
ssum-sec.casalemedia.com
11 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
browser.sentry-cdn.com
www.heraldsun.com.au
www.googletagservices.com
11 cdn.taboola.com www.heraldsun.com.au
cdn.taboola.com
10 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
10 statsapi.foxsports.com.au resourcesssl.newscdn.com.au
10 static.adsafeprotected.com resourcesssl.newscdn.com.au
www.heraldsun.com.au
pixel.adsafeprotected.com
9 sync-tm.everesttech.net 8 redirects ads.pubmatic.com
9 sync.taboola.com 2 redirects www.heraldsun.com.au
8 www.gstatic.com news.google.com
www.gstatic.com
8 hk-trc-events.taboola.com cdn.taboola.com
www.heraldsun.com.au
7 image2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
7 token.rubiconproject.com 4 redirects www.heraldsun.com.au
eus.rubiconproject.com
7 news.google.com subscriptions.heraldsun.com.au
news.google.com
browser.sentry-cdn.com
www.heraldsun.com.au
www.gstatic.com
6 play.google.com www.gstatic.com
6 ups.analytics.yahoo.com 6 redirects
6 x.bidswitch.net 4 redirects www.heraldsun.com.au
ads.pubmatic.com
6 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
6 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
5 ssum-sec.casalemedia.com tags.news.com.au
ssum-sec.casalemedia.com
js-sec.indexww.com
s.amazon-adsystem.com
5 www.google.com securepubads.g.doubleclick.net
www.heraldsun.com.au
5 analytics.tiktok.com tags.tiqcdn.com
analytics.tiktok.com
4 simage4.pubmatic.com ads.pubmatic.com
4 b1sync.zemanta.com 3 redirects ads.pubmatic.com
4 image6.pubmatic.com ads.pubmatic.com
4 eus.rubiconproject.com tags.news.com.au
eus.rubiconproject.com
s.amazon-adsystem.com
4 www.googletagservices.com securepubads.g.doubleclick.net
4 secure.adnxs.com 2 redirects www.heraldsun.com.au
4 8228261.fls.doubleclick.net 2 redirects www.heraldsun.com.au
4 js.adsrvr.org secure-ds.serving-sys.com
match.adsrvr.org
4 uipapac.semasio.net 3 redirects ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 pixel.tapad.com 3 redirects ads.pubmatic.com
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 um.simpli.fi 3 redirects
3 match.prod.bidr.io 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects www.heraldsun.com.au
3 www.google.com.au www.heraldsun.com.au
3 ads.pubmatic.com tags.news.com.au
ads.pubmatic.com
s.amazon-adsystem.com
3 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
3 insight.adsrvr.org 3 redirects
3 csync.loopme.me 3 redirects
3 ps.eyeota.net 3 redirects
3 sync-t1.taboola.com www.heraldsun.com.au
3 www.facebook.com www.heraldsun.com.au
3 lb.eu-1-id5-sync.com tags.news.com.au
browser.sentry-cdn.com
3 pagead2.googlesyndication.com ad.doubleclick.net
www.googletagservices.com
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 c.amazon-adsystem.com tags.tiqcdn.com
browser.sentry-cdn.com
3 cdn.id5-sync.com tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
3 trc-events.taboola.com www.heraldsun.com.au
3 trc.taboola.com 1 redirects cdn.taboola.com
3 bedsberry.com www.heraldsun.com.au
bedsberry.com
2 pm.w55c.net 2 redirects
2 cm.adgrx.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 s.tribalfusion.com 1 redirects ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pippio.com 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 a.sportradarserving.com 2 redirects
2 cms.quantserve.com 2 redirects
2 ce.lijit.com 1 redirects www.heraldsun.com.au
2 capi.connatix.com 1 redirects www.heraldsun.com.au
2 adservice.google.com 8228261.fls.doubleclick.net
2 lm.serving-sys.com secure-ds.serving-sys.com
2 hb.yahoo.net js.adsrvr.org
2 static.criteo.net tags.news.com.au
browser.sentry-cdn.com
2 ssum.casalemedia.com 2 redirects
2 c7.eu-3-id5-sync.com browser.sentry-cdn.com
2 c6.eu-3-id5-sync.com browser.sentry-cdn.com
2 c5.eu-3-id5-sync.com browser.sentry-cdn.com
2 c4.eu-3-id5-sync.com browser.sentry-cdn.com
2 c3.eu-3-id5-sync.com browser.sentry-cdn.com
2 c2.eu-3-id5-sync.com browser.sentry-cdn.com
2 c1.eu-3-id5-sync.com browser.sentry-cdn.com
2 c0.eu-3-id5-sync.com browser.sentry-cdn.com
2 acdn.adnxs.com www.heraldsun.com.au
tags.news.com.au
2 www.googletagmanager.com secure-ds.serving-sys.com
2 u.openx.net 2 redirects
2 eb2.3lift.com 1 redirects www.heraldsun.com.au
2 rtb.mfadsrvr.com 2 redirects
2 uipglob.semasio.net 2 redirects
2 dis.criteo.com 2 redirects
2 trace.mediago.io 2 redirects
2 ssbsync.smartadserver.com 1 redirects www.heraldsun.com.au
2 ih.adscale.de 2 redirects
2 secure-sdk.imrworldwide.com www.heraldsun.com.au
2 ads.playground.xyz browser.sentry-cdn.com
www.heraldsun.com.au
2 au.audience.newscgp.com au.tags.newscgp.com
browser.sentry-cdn.com
2 geo.privacymanager.io ats-wrapper.privacymanager.io
2 ping.chartbeat.net www.heraldsun.com.au
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 pixel.zprk.io tags.tiqcdn.com
www.heraldsun.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 assets.vidora.com www.heraldsun.com.au
assets.vidora.com
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
2 mhr.talk.news.com.au www.heraldsun.com.au
resourcesssl.newscdn.com.au
1 match.deepintent.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 edge.adobedc.net cdn1.adoberesources.net
1 d.adroll.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 ad.turn.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 t.adx.opera.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 analytics.twitter.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 sync.ipredictive.com 1 redirects
1 match.sharethrough.com www.heraldsun.com.au
1 live.primis.tech www.heraldsun.com.au
1 prebid.a-mo.net www.heraldsun.com.au
1 px.ads.linkedin.com www.heraldsun.com.au
1 sync.adotmob.com 1 redirects
1 js-sec.indexww.com tags.news.com.au
1 sync.1rx.io www.heraldsun.com.au
1 us-u.openx.net www.heraldsun.com.au
1 tags.bluekai.com 1 redirects
1 beacon.krxd.net www.heraldsun.com.au
1 usermatch.krxd.net 1 redirects
1 b55fa654ee3e34c0ed8b9c5d1953e9cf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 image5.pubmatic.com www.heraldsun.com.au
1 metrics.heraldsun.com.au tags.news.com.au
1 d.turn.com 1 redirects
1 aax.amazon-adsystem.com browser.sentry-cdn.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 www.googleadservices.com secure-ds.serving-sys.com
1 static.ads-twitter.com www.heraldsun.com.au
1 cds.taboola.com browser.sentry-cdn.com
1 pips.taboola.com browser.sentry-cdn.com
1 logx.optimizely.com browser.sentry-cdn.com
1 match.taboola.com www.heraldsun.com.au
1 inv-nets.admixer.net 1 redirects
1 bh.contextweb.com www.heraldsun.com.au
1 tg.socdm.com 1 redirects
1 nhavisjcaajtog6v4loaiwbgxhpi21697612042.nuid.imrworldwide.com www.heraldsun.com.au
1 cm.everesttech.net 1 redirects
1 newscorpau.sc.omtrdc.net browser.sentry-cdn.com
1 newscorpau.demdex.net tags.news.com.au
1 bs.serving-sys.com secure-ds.serving-sys.com
1 rm-script.dotmetrics.net www.heraldsun.com.au
1 collector.brandmetrics.com cdn.brandmetrics.com
1 alb.reddit.com www.heraldsun.com.au
1 ncg.tags.news.com.au au.tags.newscgp.com
1 au.pixel.newscgp.com au.tags.newscgp.com
1 a20352597942.cdn.optimizely.com cdn.optimizely.com
1 cdn3.optimizely.com cdn.optimizely.com
1 browser.sentry-cdn.com js.sentry-cdn.com
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 api.rlcdn.com tags.news.com.au
1 cdn.jsdelivr.net tags.news.com.au
1 images.taboola.com www.heraldsun.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 www.redditstatic.com tags.tiqcdn.com
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 cdn1.adoberesources.net tags.tiqcdn.com
1 nebula-cdn.kampyle.com tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 cdn.optimizely.com tags.tiqcdn.com
1 ad.doubleclick.net tags.tiqcdn.com
1 players.brightcove.net resourcesssl.newscdn.com.au
1 gum.criteo.com cdn.taboola.com
1 use.fontawesome.com cdn.taboola.com
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 d2n6ofw4o746cn.cloudfront.net www.heraldsun.com.au
1 js.sentry-cdn.com www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
0 sync-dsp.ad-m.asia Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 prebid-a.rubiconproject.com Failed browser.sentry-cdn.com
0 check.analytics.rlcdn.com Failed browser.sentry-cdn.com
0 sync.search.spotxchange.com Failed www.heraldsun.com.au
0 dt.scanscout.com Failed www.heraldsun.com.au
0 bidder.criteo.com Failed browser.sentry-cdn.com
0 mfad.inskinad.com Failed browser.sentry-cdn.com
ssum-sec.casalemedia.com
0 fastlane.rubiconproject.com Failed browser.sentry-cdn.com
0 hbopenbid.pubmatic.com Failed browser.sentry-cdn.com
0 htlb.casalemedia.com Failed browser.sentry-cdn.com
578 206
Subject Issuer Validity Valid
news.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-10-16		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-19 -
2024-05-20		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
bedsberry.com
R3		 2023-09-12 -
2023-12-11		 3 months crt.sh
web.app
GTS CA 1D4		 2023-09-11 -
2023-12-10		 3 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
*.vidora.com
Amazon RSA 2048 M02		 2023-02-23 -
2024-02-09		 a year crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
players.brightcove.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-30 -
2024-05-30		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-04		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-27 -
2023-10-25		 3 months crt.sh
au.tags.newscgp.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-01-23		 a year crt.sh
*.zprk.io
Amazon RSA 2048 M03		 2023-09-19 -
2024-10-17		 a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-30 -
2024-09-30		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
brandmetrics.com
GTS CA 1P5		 2023-09-05 -
2023-12-04		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
secure-ds.serving-sys.com
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-25 -
2024-02-21		 6 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh
*.dotmetrics.net
Amazon RSA 2048 M02		 2023-08-23 -
2024-09-20		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
statsapi.foxsports.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-08 -
2024-05-10		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-04		 a year crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2023-02-26 -
2024-02-28		 a year crt.sh
www.newsconnect.com.au
Amazon RSA 2048 M02		 2023-03-10 -
2024-04-07		 a year crt.sh
au.audience.newscgp.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-26		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-02-28		 6 months crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2023-05-10 -
2024-06-10		 a year crt.sh
bs.serving-sys.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-03-08		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.nuid.imrworldwide.com
Amazon RSA 2048 M01		 2023-04-12 -
2024-05-10		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
logx.optimizely.com
Amazon RSA 2048 M01		 2023-06-24 -
2024-07-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.eu-3-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
metrics.heraldsun.com.au
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-19 -
2024-07-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
hb.yahoo.net
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2023-07-18 -
2024-06-28		 a year crt.sh
lm.serving-sys.com
Amazon RSA 2048 M01		 2023-02-14 -
2024-02-15		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.google.com.au
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-03 -
2024-01-03		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-14 -
2024-09-12		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M03		 2023-10-09 -
2024-11-07		 a year crt.sh
edge.adobedc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-19 -
2023-11-19		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-17 -
2024-06-16		 a year crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh

This page contains 75 frames:

Primary Page: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Frame ID: E670275889D5E8BBF78DE05F76ED0776
Requests: 327 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=8izg3QhIXqC5lbGknEPDszwhkn.KMXbZ&nonce=5x3JPh6VPPq8xm7CABbNwLHAS7UH_oF6&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yMi4xIn0%3D
Frame ID: 2B4FCB54212DC90DBDF01CAF0EB603E4
Requests: 5 HTTP requests in this frame

Frame: https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Frame ID: 5E6D01958607A20EFC859D7A1D56BF3A
Requests: 1 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: F2B3C6B8630D7E17F3458456214153B9
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 3EEA524DDB6061C6B65A924D57B9EE51
Requests: 3 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: AB11D51CF969006E5766223D73B736DC
Requests: 22 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZS.BDMCo5ugAAHVdQTgAAAAA
Frame ID: 1A36F85A82E2083FF7B4A155CEB14C8B
Requests: 17 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: AF0A256E850A440ECEAD4E059B96BAEE
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 85DDC04D318E78DA94CC4A082AF20249
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 969C170A52A2FF2F81FCFC31A502DB7D
Requests: 4 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 5D8E7F700B0CA96B9652A5028E985623
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 2D0CC10312093058DA991AC79A22F65A
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIT_vNiB_4EDFfpanQkdTfQAOw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8580403197494.931
Frame ID: B32334EF454AE0CFA0D013971F07D53B
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CP-BvdiB_4EDFR9anQkd7Z0HvQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8253341447765.541
Frame ID: 286B543FB5F409219C99FA605A5C1AC5
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: A3CB2CEA2BB7B7A52B1B8420105620CD
Requests: 4 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: FAA0566EDE5E6EC01F325CEE7C9E788A
Requests: 4 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&expiration=1700204046&gdpr=0&gdpr_consent=
Frame ID: 058C4D1E5E31B7D97C827DAC6B505196
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1697612043925&publicationId=heraldsun.com.au
Frame ID: 32711417290B279A394F80E93F697C64
Requests: 14 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: 5F96460307BB408808CFF6682D8D9DA2
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: EA5DB0E0B683DCB855E6A72B3E84E4F2
Requests: 2 HTTP requests in this frame

Frame: https://b55fa654ee3e34c0ed8b9c5d1953e9cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 47E67FB7AEC725813A528AB5566830B8
Requests: 1 HTTP requests in this frame

Frame: https://hb.yahoo.net/cksync?cs=63&axid_e=eS05VXZfelkxRTJ1RXI2RzRfc3Z4X2RsRjV0LkZ2Llk4UX5B&gdpr=0&ovsid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&dpid=55953
Frame ID: 75FDB06590BD0A6271FC95229217E803
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTY1N2M2ZjktNDBkYy00ZWNiLTk5ZWItNjU5ODYwNWFhN2U0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4
Frame ID: A328C18D8D0454F2B55BBD0FA2C0BA3A
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: A6ED198E4994ABC193591211A4A2AE6D
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTY1N2M2ZjktNDBkYy00ZWNiLTk5ZWItNjU5ODYwNWFhN2U0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4
Frame ID: A870AF982DBB6D775F72B797AB79EDF7
Requests: 1 HTTP requests in this frame

Frame: https://hb.yahoo.net/cksync?cs=63&axid_e=eS05VXZfelkxRTJ1RXI2RzRfc3Z4X2RsRjV0LkZ2Llk4UX5B&gdpr=0&ovsid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&dpid=55953
Frame ID: D1BDA6958472F461EDCDC7E40982FB45
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: BBCF1612E3DDF2281A0E42CB059AAB98
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-gtWAl02kgHSVPBhcxpbT9fkGfMUI8qWGeY1fCZR7hk1B9KcgiN_64YeUjk6I1BtNiFXN29edwMOxj5c4kO3p8o4dIphQnIUacO6D76IACJGo6FvtHA5uKtNPlMoGhlo8K_YD464z9Px7aQ7OPRTd49MHASBhwpkZgTxJbKU2eRp2L0YR_l802rcO6y2rmWgaYxehUqfppTO1rh77bi1mLfLROUeU_F6mbeWh23sEru2GTLjMmBbfxCBGx13qfM5gY1s_h6m5e2XJGvJhs6h6YqzaJLgOhDR1VON-0dVYw6VTzpUp3OvB-cgMeU4URvRnqU57A1xpAx76DXW9GE_iicS9g5XexSa94Q&sai=AMfl-YRObb2oaYfLcrJN8WGphBQo-K1dFx3-GGtbhnp5yJJ68hy-A6O2fw05SkR6EN3pyCfVd_4906M_XGt1lHT_n7pYZuWkjDMcMEvJpeAxvyPN5HyINB4_Sb9Lsqasilg&sig=Cg0ArKJSzBBjprf0b0EcEAE&uach_m=[UACH]&adurl=
Frame ID: F8707A95E82DE27BED014B0A7E35C8CB
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutwo5Yx9AD-g6QcKiSP0ydufvt3tGxvD0vDSWxRbFhqxvw7zGObLycDM8gzWfJcWoc7JPXKUjYITg-tDqNnEleSnsMCoLZtS-z4LjOsNzavTFaPjohwKrWsA3bM-pfR9bKUcAyEFvgPJ2AqRpAG161gaZ7PuDb79iETvOF3S4hoLWyRfeUypimPregva1ols0YSDIwbGYVUvR6haffZZPLSmBMG8VgawXLLfmq0HVmLvIt4hQrfrBxJOEQoaaHVsR-u8vVq3Tk_HpgsgSp3XhUKVbUHweaXt5TFY9cPn81r8s4-vMLH6bQUll4-T5JiL2RwW7PwRrRkvTCnewNPCUXykQhkqoZCex9Dg&sai=AMfl-YTiwYquR6qtPJQqoHZsOkZjdKDhUeLyR9KYfj01tQpipG7qy8Ep1uMCdFLICjA1LbkoQkbQUqbRLNGfA_fVjnaOoKdJx8HMK6kLH9BQ0v0rsY3Z6N6C0ZeuoBQanFQ&sig=Cg0ArKJSzIYcfA1yj-_0EAE&uach_m=[UACH]&adurl=
Frame ID: 48AD05ED94B65EE736FAD9F99EA9B591
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlcF5CUplyUTjw_4GnfihD11OCbDYpLsiam6Y0K81XSQZ8r-aq_vexS3Fn3oZOAv8buRqOcLLrDixv7DiQCFO5tDC5W8SA1HFStcaq3DInZSlaDlr8fhMI40LXMXqtx6iiD5nd9vgvLPQ9Kmw3zd0YdSK1k2iycDZV6kVlxMiOs2z3Xzj509VvxHKxTqYhmTnLREhXBZbnGq897TnHR0aepgZKVsz-Kt1DD-TciTwm0gctru50zOd-8nFJSyrBn7kHCG_WHvy9TGl-o9crTAc3icJnKeDfWmUGflwgRga5cTOQ9zq-__PcBzggZdqv01HDbdrvWguxhGSqzEgs9bW9Q0FQ1DqACFtJ-g&sai=AMfl-YRmp89V5AoTW4l8_7uskt_RSe60dpBGCmbMZdjLDggtzzATW0lTydf1fPEm_VCaFHSyCH7vXvHp_EhW0mDFGaSb7a2Z7WMoBtEU5A1nhXbUb_wGag7SIwgw3WR6nCs&sig=Cg0ArKJSzLChPloddslBEAE&uach_m=[UACH]&adurl=
Frame ID: FFE3610E3F5AFC52FC586216982E6D03
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEBEe6rP7t5z4sFWg2GUpXQ3-vzNtqvGz305dZ4JxyfOllhZAmPovHVRHdvlWMbJ138r7pOYE7RswxbSdcqIYJI2OKX-dy5Yv8ols_X2CXhlFIcVAhGvf6yse2vL2DHHZcU3cMYqotuOsLgUcNia0zM-U7EZlp5va3qgi2N-EwvsPt00tPkcQjXARxAr6I32KhpmJ3d3d1D9gQPcEEOgvi6Bi4LAf08JKxxWrTetCrjhE1CQauhWYfilvplq1v3qfHBtyl-KK_2u6bVqpljzJt-nixaoNDByzKu4r5oHlBiGAO3fpOSyk0IzSNo55JxFY4deHtAhCVCJbiL_LZdJ7JXuPu4qzgEmxZsQ&sai=AMfl-YTSFbah6_P1Q_PMw5W6wBgxlixyOBrBCwPafcBsUPh_-Pcso93dx0gOfVY3Xx54R-wRPjfe_R_mBi_AN3CfT3SfwX7AD65etXzX52-PYc8WBUJ8xmph0JmnzMYGFqw&sig=Cg0ArKJSzMUuoIy2d_Q_EAE&uach_m=[UACH]&adurl=
Frame ID: EDB38EEBE56D0863A5FC679B44FE4208
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|1&pubId=36557831&chanId=171638111&placementId=6394165109&pubCreative=138449289144&pubOrder=3227604870&cb=1929386801&custom=homepage&custom3=168400391&adsafe_par&impId=
Frame ID: 689EB8D4E3804DD9786DC714B28E98EB
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5084295962&pubCreative=138445902048&pubOrder=2553375348&cb=576947098&custom=homepage&custom3=168400391&adsafe_par&impId=
Frame ID: CB4672806A5CC508B5541C8CE1EF6BF8
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=171638111&placementId=5084295962&pubCreative=138445902045&pubOrder=2553375348&cb=597164435&custom=homepage&custom3=168400391&adsafe_par&impId=
Frame ID: A0FF10CA9E3E7CC176970F471A7A0D64
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=36557831&chanId=171638111&placementId=6394165382&pubCreative=138449331125&pubOrder=3227604870&cb=875522713&custom=homepage&custom3=168400391&adsafe_par&impId=
Frame ID: 4EA703D72FE0D21E30A7AAA3A386A97A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: 27B4D3F883DA88D4AFF5E27AB91AE1C0
Requests: 19 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Frame ID: 481CA36D608FEE8EBAE3AFE94F782AB9
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 26FFE9643EDF88B0428BC8AB52D7A0C2
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BEAE8C9B6B1CD9349B9FE0C88C7E8012
Requests: 19 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1FA4A7D8A964CA67BB229FD5C3DEAC9D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 669E50748506DCA26895835C221DE234
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 324D256BBD982472993210C6BFA7FA36
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B2E260BFE753215A8CAADC6B3C8AD281
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 0382BE964963C8D5827B6FF09A679511
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: EAEB38E9D8FFAA2D6680E84BB0308231
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7579792736111074373&gdpr=0&gdpr_consent=
Frame ID: F6B7C47EB0B58A6456D277C120EA23AF
Requests: 1 HTTP requests in this frame

Frame: https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Frame ID: 67AEE60D9493B455BC9A816060FB2E72
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6eaf9315-25d4-47fb-bafe-3b5a62526990&ssp=pubmatic
Frame ID: 660C1527E1E145CE26FF7AAD5F005B68
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KnAq2SR0KYwxd33dLXI123omeooxJC2KL3yKsDua
Frame ID: AC9194F070764D4DABF4D4C29E0ECF30
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=29A16F94-7BA1-4674-9D31-1FF1CE235855&gdpr=0&gdpr_consent=
Frame ID: CE3AE879655298C2EC2963B8E714FA3A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 36CEC4BC3F80C86F0402E01DFF09887A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11zwqob89l9i
Frame ID: 78CCB1CBF210178061395194C336ADF4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: CCF4D496667C6B0992037EBC8C309F42
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xooSPU13Xal4Is_vCu4-mWdrxW0&gdpr=0&gdpr_consent=
Frame ID: 2E92121416C02D77B6592D52FA11FF08
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: AD1D6461E75625F10F0880ED661EF561
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc86d172bdf4646a98a5ff519c05e746a
Frame ID: BF4E792850C58C066C66EAEB3AFB193C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6N14dBUjDG2t1_6PFoEvZQ
Frame ID: 93E546EF2D12299F89E094C97A47E2B8
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd
Frame ID: 8845F8042A87A5E3D817DA3CCCBDE99E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: D909697B15FF6E49AB661367E78585CF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: D3E5EEFF50587A96E1239CA4E479944B
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: C3513D4EFCC8D774E2ECCF0AA9D81B75
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 167A7693D0A14ACE7BE17AA9949F1703
Requests: 6 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 512669250DFC0CCA605EE9130F81545B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7fcf9a97700e47bea06a40e50c123ba5
Frame ID: 2B357C1676E69B76119F4AD829D18422
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 72333862DC5783A78CED248C925DE86D
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=29A16F94-7BA1-4674-9D31-1FF1CE235855
Frame ID: 979BBDFF61F305B4A82EC1D78295591A
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 15A14DF5D5E3157F095A4998FD2DA3FE
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID29A16F94-7BA1-4674-9D31-1FF1CE235855
Frame ID: 9A6B6FB970F4399D05569C3FB58BFFF4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=2c241672-6d83-11ee-b75d-8b289e127539
Frame ID: 2CB8E3E887EFB1F3DBE39C97DF077710
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 559895407FF3B4B7A47C0351C561FD7F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: E3D165D95F5E44A5D37B187CE07FD5B9
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 4A14F71BFD20510C823956119FF73E70
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A706B7BB85134B78A38704BB7CB94A9A&gdpr=0&gdpr_consent=
Frame ID: 9296D98BCAF979946558D3DB8152CC50
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bX7KQSRE1QT0rK5&gdpr=0&gdpr_consent=
Frame ID: D0B3334DA471B3366D0FB1E30A115DBE
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID29A16F94-7BA1-4674-9D31-1FF1CE235855
Frame ID: 4802BA9549FCB642B53A2E99522B6D21
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Herald Sun | Breaking News and Headlines from Melbourne and Victoria | Herald Sun

Page URL History Show full URLs

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&169... HTTP 302
    https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 10%
Detected patterns
  • basket.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

578
Requests

82 %
HTTPS

0 %
IPv6

121
Domains

206
Subdomains

140
IPs

13
Countries

5263 kB
Transfer

15136 kB
Size

207
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16976120331387674990 HTTP 302
    https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 242
  • https://cm.everesttech.net/cm/dd?d_uuid=76156148949135702871259139842975485148 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZS_BDAAAAEfDmQN9
Request Chain 248
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZS.BDMCo5ugAAHVdQTgAAAAA
Request Chain 249
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=d630655c82a6490e9b15ff833fd2cd8e HTTP 302
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=d630655c82a6490e9b15ff833fd2cd8e
Request Chain 251
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LNVEDPLV-1V-6ID3
Request Chain 252
  • https://pr-bh.ybp.yahoo.com/sync/taboola/6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-_zmADxhE2oQLqGTUMYWorbM_89PvcjC9lYRaOA--~A
Request Chain 253
  • https://trace.mediago.io/ju/cs/taboola HTTP 302
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=f85ea035a1d1d50b2kgzqz00lnvedoy8
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEPn4QmIL5z3rKI9InglA6A&google_cver=1
Request Chain 256
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689
Request Chain 257
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
Request Chain 259
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f37b7d12-7473-4718-b579-9cd4215697d8&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 260
  • https://id5-sync.com/s/464/9.gif?puid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&ttl=%%TTL%% HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/5/3.gif?puid=a771e335-d7a0-4f1b-842f-11c04a4508cb&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F4%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F4%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/10/4/4.gif?puid=4904814000705241649&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F3%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipapac.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F3%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipapac.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F3%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/3/5.gif?puid=C6C6D89CDA23006C&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/2/6.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/2/6.gif?puid=7579792736111074373&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F123%2F1%2F7.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/123/1/7.gif?puid=18b41902214-71620000010841c7&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F821%2F0%2F8.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 307
  • https://id5-sync.com/c/464/821/0/8.gif?puid=5a23f133-cda9-4cb2-be77-81b46cba1ab8&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-1dacKInXrSjrtQlxPG3cAxwkfnli08VLyEZkv25Hmg
Request Chain 261
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtaboola%26bsw_param%3Dfa9c87db-9c18-4eeb-ba31-5ce1279365cf%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=e865ebed15714a69ad94befdb90c3b6c&ssp=taboola&bsw_param=fa9c87db-9c18-4eeb-ba31-5ce1279365cf&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fa9c87db-9c18-4eeb-ba31-5ce1279365cf&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 262
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=088b44f7-aef4-4413-b2ca-c2c4db70ea3f HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=088b44f7-aef4-4413-b2ca-c2c4db70ea3f&tbid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&query=taboola_hm%3D088b44f7-aef4-4413-b2ca-c2c4db70ea3f&isDirect=0
Request Chain 263
  • https://eb2.3lift.com/xuid?mid=7772&xuid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 264
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ee9d2417-42df-07c2-28a2-fb92f9d5960d
Request Chain 277
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8580403197494.931 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CIT_vNiB_4EDFfpanQkdTfQAOw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8580403197494.931
Request Chain 278
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8253341447765.541 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CP-BvdiB_4EDFR9anQkd7Z0HvQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8253341447765.541
Request Chain 281
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&expiration=1700204046&gdpr=0&gdpr_consent=
Request Chain 298
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=7579792736111074373
Request Chain 308
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=8848152157402147362
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzYxNTYxNDg5NDkxMzU3MDI4NzEyNTkxMzk4NDI5NzU0ODUxNDg= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBuvWD5mNjVfvrn3gGEUE4w&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 312
  • https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Request Chain 313
  • https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Request Chain 314
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
Request Chain 318
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZS.BEAuIWESwlN3o5bsHWgAA%264721
Request Chain 326
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS05VXZfelkxRTJ1RXI2RzRfc3Z4X2RsRjV0LkZ2Llk4UX5B&gdpr=0&ovsid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&dpid=55953
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YTY1N2M2ZjktNDBkYy00ZWNiLTk5ZWItNjU5ODYwNWFhN2U0&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&google_gid=CAESEJCzLGF1fr7fSVqWrR9Hyj0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTY1N2M2ZjktNDBkYy00ZWNiLTk5ZWItNjU5ODYwNWFhN2U0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4
Request Chain 328
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Request Chain 329
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=76156148949135702871259139842975485148&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=76156148949135702871259139842975485148&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 330
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YTY1N2M2ZjktNDBkYy00ZWNiLTk5ZWItNjU5ODYwNWFhN2U0&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&google_gid=CAESEJCzLGF1fr7fSVqWrR9Hyj0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTY1N2M2ZjktNDBkYy00ZWNiLTk5ZWItNjU5ODYwNWFhN2U0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4
Request Chain 331
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS05VXZfelkxRTJ1RXI2RzRfc3Z4X2RsRjV0LkZ2Llk4UX5B&gdpr=0&ovsid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&dpid=55953
Request Chain 332
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Request Chain 333
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=76156148949135702871259139842975485148 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=76156148949135702871259139842975485148
Request Chain 334
  • https://tags.bluekai.com/site/43981?id=76156148949135702871259139842975485148&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 335
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlNfQkRBQUFBRWZEbVFOOQ==
Request Chain 336
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZS_BDAAAAEfDmQN9&expires=90
Request Chain 339
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZS_BDAAAAEfDmQN9 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZS_BDAAAAEfDmQN9&C=1
Request Chain 340
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=ZS_BDAAAAEfDmQN9
Request Chain 369
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZS_BDAAAAEfDmQN9
Request Chain 379
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZS_BDAAAAEfDmQN9
Request Chain 380
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZS_BDAAAAEfDmQN9&img=1
Request Chain 381
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZS_BDAAAAEfDmQN9&t=2592000&o=0
Request Chain 382
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689
Request Chain 401
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=7579792736111074373
Request Chain 409
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZS.BDpN4lOFe6iY-HdxLsAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIJRojUU6ukP_ZNTPOmS_U8&google_cver=1&google_hm=2
Request Chain 410
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZS-BDpN4lOFe6iY_HdxLsAAAEnYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENzpGLi71q64K9NUUYZpJyY&google_cver=1
Request Chain 411
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS-BDpN4lOFe6iY_HdxLsAAAEnYAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS-BDpN4lOFe6iY_HdxLsAAAEnYAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 413
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4352714729533595304&gdpr=0&gdpr_consent=
Request Chain 414
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 415
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f85ea035a1d1d50b2kgzqz00lnvedoy8
Request Chain 422
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/bnIh30SnHS483KHeb8io0Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kz.dMxhE2oII6e70Y6_7PSLwvePMgOVkijEHUg--~A
Request Chain 423
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=u-L6asPVQLuKySMrMYvYIg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=u-L6asPVQLuKySMrMYvYIg
Request Chain 424
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5WRURQTFYtMVYtNklEMw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDH2xoHKL9XUzF24MTAUlPs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5WRURQTFYtMVYtNklEMw==&google_push=
Request Chain 425
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzlhMmVjOTk1OGFhYzc5Mjc2NDE5OTVhMTRhYmY3MjdlZDM0YTE2MA
Request Chain 426
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNVEDPLV-1V-6ID3
Request Chain 427
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
Request Chain 428
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Wm4r11nYTrSgOponODeLbA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Wm4r11nYTrSgOponODeLbA
Request Chain 429
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEChgQCMGMLN_xqPGQu8AUt0&google_cver=1
Request Chain 430
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADd6U7KXwIAABkS_cz04g&expires=30
Request Chain 431
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LNVEDPLV-1V-6ID3
Request Chain 432
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNVEDPLV-1V-6ID3
Request Chain 433
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNVEDPLV-1V-6ID3
Request Chain 434
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNVEDPLV-1V-6ID3
Request Chain 435
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f294dd42-8dac-4182-81ea-6f24b8e57d9e&expires=30
Request Chain 436
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LNVEDPLV-1V-6ID3&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LNVEDPLV-1V-6ID3&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 437
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LNVEDPLV-1V-6ID3 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LNVEDPLV-1V-6ID3&dnr=1
Request Chain 460
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 462
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENzpGLi71q64K9NUUYZpJyY&google_cver=1
Request Chain 463
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7579792736111074373
Request Chain 464
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB
Request Chain 466
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7579792736111074373
Request Chain 467
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dgaC83gCgaZtAdX3dQad8CYF0aVtUdSkI1XjXK-X
Request Chain 478
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7579792736111074373&gdpr=0&gdpr_consent=
Request Chain 479
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://b1sync.zemanta.com/usersync/pubmatic/?gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s=2 HTTP 302
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s=2?gdpr=0 HTTP 301
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Request Chain 480
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6eaf9315-25d4-47fb-bafe-3b5a62526990&ssp=pubmatic
Request Chain 481
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KnAq2SR0KYwxd33dLXI123omeooxJC2KL3yKsDua
Request Chain 482
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KaFvlHuhRnSdMR_xziNYVQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 483
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=29A16F94-7BA1-4674-9D31-1FF1CE235855 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a771e335-d7a0-4f1b-842f-11c04a4508cb%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&ttd_puid=a771e335-d7a0-4f1b-842f-11c04a4508cb%2C%2C
Request Chain 484
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=29A16F94-7BA1-4674-9D31-1FF1CE235855&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=29A16F94-7BA1-4674-9D31-1FF1CE235855&gdpr=0&gdpr_consent=&ct=y
Request Chain 485
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=29A16F94-7BA1-4674-9D31-1FF1CE235855&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipapac.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=29A16F94-7BA1-4674-9D31-1FF1CE235855&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipapac.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=29A16F94-7BA1-4674-9D31-1FF1CE235855&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 486
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjlBMTZGOTQtN0JBMS00Njc0LTlEMzEtMUZGMUNFMjM1ODU1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 487
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECvElwaEuYw7UFBXpqnJJn8&google_cver=1
Request Chain 488
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A706B7BB85134B78A38704BB7CB94A9A
Request Chain 490
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&gdpr=0&gdpr_consent=
Request Chain 491
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=29A16F94-7BA1-4674-9D31-1FF1CE235855&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ID5z7BpE2uXpXd5Y4b6n2LZhfVhwEek-~A&gdpr=0
Request Chain 509
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11zwqob89l9i
Request Chain 510
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 511
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xooSPU13Xal4Is_vCu4-mWdrxW0&gdpr=0&gdpr_consent=
Request Chain 513
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc86d172bdf4646a98a5ff519c05e746a
Request Chain 514
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6N14dBUjDG2t1_6PFoEvZQ
Request Chain 515
  • https://idsync.rlcdn.com/420486.gif?partner_uid=29A16F94-7BA1-4674-9D31-1FF1CE235855 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDI5QTE2Rjk0LTdCQTEtNDY3NC05RDMxLTFGRjFDRTIzNTg1NRAAGg0Il4K-qQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=b705c2dd5a33685f8e20376b49c430c87a60513ff344d5585c2ab0d100424a7c791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiNzA1YzJkZDVhMzM2ODVmOGUyMDM3NmI0OWM0MzBjODdhNjA1MTNmZjM0NGQ1NTg1YzJhYjBkMTAwNDI0YTdjNzkxNDI2YjU0MTdkY2UyMRAAGgwIl4K-qQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiNzA1YzJkZDVhMzM2ODVmOGUyMDM3NmI0OWM0MzBjODdhNjA1MTNmZjM0NGQ1NTg1YzJhYjBkMTAwNDI0YTdjNzkxNDI2YjU0MTdkY2UyMRAAGgwIl4K-qQYSBAgCEABCAEoA&google_gid=CAESENYTKntXy3Z7xfgToFOBedk&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=4685b813-7e92-4ed1-adc4-cd046ecebde6
Request Chain 516
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4904814000705241649
Request Chain 517
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8848152157402147362&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 518
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=29A16F94-7BA1-4674-9D31-1FF1CE235855&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=155cffc2c6c01fc8&is_secure=true&networkId=17100&version=1&nuid=29A16F94-7BA1-4674-9D31-1FF1CE235855&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL7ZVOylJK2wNQV8YsAAAAAAA&expiration=1697698455&nuid=29A16F94-7BA1-4674-9D31-1FF1CE235855&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 540
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADd6U7KXwIAABkS_cz04g&expiration=1698821660
Request Chain 541
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1713423261&external_user_id=157365b0-d15d-40fd-b761-2f47f1bf7d6a
Request Chain 542
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZS_BDAAAAEfDmQN9
Request Chain 543
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZS.BEAuIWESwlN3o5bsHWgAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZS.BEAuIWESwlN3o5bsHWgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662081564814092
Request Chain 545
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5a23f133-cda9-4cb2-be77-81b46cba1ab8&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 546
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A706B7BB85134B78A38704BB7CB94A9A
Request Chain 559
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7fcf9a97700e47bea06a40e50c123ba5
Request Chain 562
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 564
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7579792736111074373
Request Chain 567
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LNVEDPLV-1V-6ID3 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LNVEDPLV-1V-6ID3&ex=d-rubiconproject.com&status=ok
Request Chain 571
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=2c241672-6d83-11ee-b75d-8b289e127539
Request Chain 573
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 575
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A706B7BB85134B78A38704BB7CB94A9A&gdpr=0&gdpr_consent=
Request Chain 576
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bX7KQSRE1QT0rK5&gdpr=0&gdpr_consent=

578 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heraldsun.com.au/
Redirect Chain
  • http://www.heraldsun.com.au/
  • https://www.heraldsun.com.au/
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16976120331387674990
  • https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
452 KB
79 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
188a54eb995c64efbcb5cc8eb275af03eb3ff18e005a504b63810fb0cccf31a4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Wed, 18 Oct 2023 06:53:59 GMT
expires
Wed, 18 Oct 2023 06:53:59 GMT
host-header
a9130478a60e5f9135f765b23f26593b
pragma
no-cache
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 462644 0 pmb=mTOE,2
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3d4539fe69f634b58ebe902d6108b8f203-1697612034&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=4539fe69f634b58ebe902d6108b8f203
x-content-type-options
nosniff
x-elasticpress-query
true
x-pathqs
TRUE
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
sin1 123 242 443
x-xss-protection
1

Redirect headers

cache-control
max-age=0, no-cache
content-length
154
content-type
text/html
date
Wed, 18 Oct 2023 06:53:54 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1692680720.184261"
expires
Wed, 18 Oct 2023 06:53:54 GMT
location
https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
pragma
no-cache
server
AkamaiGHost
vary
Accept-Encoding
x-akamai-ssl-client-sid
33HBOdLf3Cbay4CE+c+Shw==
x-check-cacheable
NO
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Thu, 09 Mar 2023 05:34:59 GMT
server
AmazonS3
x-amz-request-id
0PDJJ9H0YKBQ9JBF
etag
"c4ced7adf03d84494a6c1da275896d38"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=126866
accept-ranges
bytes
content-length
11472
x-amz-id-2
aeCN9MiFrXTExDkxHHRmJU825jx4JCjKNntK1CRQ71gc0glflTmRwP5wnHmo8ytRCoBwIXHUjKQ=
expires
Thu, 19 Oct 2023 18:08:26 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Thu, 09 Mar 2023 05:35:46 GMT
server
AmazonS3
x-amz-request-id
XNDQ8ASJGNC0HSJ7
etag
"ad24be3fafec705de20c00e56afe05ae"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=209594
accept-ranges
bytes
content-length
12052
x-amz-id-2
668/50DNkKJ+ZYQyikX4VMvenKHxEh2hMF1V1D8Aa3GKfwHjEjR6ElLFRCkkXwUdpdDCrxABefaDEVZxv0Szvg==
expires
Fri, 20 Oct 2023 17:07:14 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
XE608XH2JQPY9M4C
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=333272
accept-ranges
bytes
content-length
12440
x-amz-id-2
xtS5X8zqfRWWlpi1B3sMWw57xMMm9nFysXQEZ0JUxoJkfCtrYy1ppxityt7bve71Sq+vT1Cfeko=
expires
Sun, 22 Oct 2023 03:28:32 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
D5509D0BA22E6447
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=121515
accept-ranges
bytes
content-length
11372
x-amz-id-2
gcjYwkNeKzl/QoYd2RdSCUAMdqlAfsg+6AGakSKNgroTpc7v9Hlkk/IvTe4PnMuy1AZAyHma9WM=
expires
Thu, 19 Oct 2023 16:39:15 GMT
lux.js
cdn.speedcurve.com/js/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
d061194cd57fd9eec74510da3089a900c6b7cecaae63dfcc9f29c4c9a8a59ff8

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Wed, 25 Oct 2023 06:41:13 GMT
date
Wed, 18 Oct 2023 06:54:00 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
766
x-cache
HIT
content-length
8048
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1697611273&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=fUvmR9rQfA7N4zrd42zGoadcJ2twIoj132X0tbKGfdQ%3D
x-served-by
cache-bne12526-BNE
last-modified
Wed, 18 Oct 2023 06:41:13 GMT
server
Apache
x-timer
S1697612040.477714,VS0,VE0
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1697611273&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=fUvmR9rQfA7N4zrd42zGoadcJ2twIoj132X0tbKGfdQ%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
804
519f906c1f4542ddb7a1adc462f9ab28.min.js
js.sentry-cdn.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.sentry-cdn.com/519f906c1f4542ddb7a1adc462f9ab28.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
defb630ec1c4a8511f580e8e7afd685171fe1f86978c4da397c487c76e757c3a
Security Headers
Name Value
Content-Security-Policy style-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com ssl.google-analytics.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; default-src *; font-src * data:; connect-src *; frame-ancestors 'self' *.sentry.io; object-src 'self'; base-uri 'none'; img-src * blob: data:; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=aa8bc2f8bd6d21972b4cbe1441862bfe91299f41
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
style-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com ssl.google-analytics.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; default-src *; font-src * data:; connect-src *; frame-ancestors 'self' *.sentry.io; object-src 'self'; base-uri 'none'; img-src * blob: data:; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=aa8bc2f8bd6d21972b4cbe1441862bfe91299f41
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 18 Oct 2023 06:54:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
age
51
x-envoy-upstream-service-time
28
content-length
1209
x-xss-protection
1; mode=block
x-served-by
getsentry-web-default-common-production-95c7b4649-5znnt, cache-chi-kigq8000026-CHI, cache-bne12525-BNE
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count
1
accept-ranges
bytes
timing-allow-origin
*
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
59ce7295e406f0620824e63571510b4c7deeaa9705021ded61ca640e0f7a961a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 242 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Tue, 10 Oct 2023 23:08:02 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"6525d952-e0d"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1978678
content-length
1486
expires
Fri, 10 Nov 2023 04:31:58 GMT
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
978b2a6f6e3e59f3291ef1c3e7b5ad9ff132761730efd80c0d0a7dbda0260377
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 243 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Tue, 10 Oct 2023 23:08:02 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"6525d952-1fc3"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1978703
content-length
3104
expires
Fri, 10 Nov 2023 04:32:23 GMT
css-metro-desktop-critical-homepage.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		182 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e5cbb1a014b0b4854ac14385db517837bd8a439e4389b604f4e8219a24310464
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 242 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Wed, 18 Oct 2023 04:41:45 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"652f6209-2d8c7"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2584315
content-length
25754
expires
Fri, 17 Nov 2023 04:45:55 GMT
70e3c60a
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/70e3c60a
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ed37b238b690e509ae7dffcd772cb24b8bdaf2c16980186f22102e8273064eda
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
content-encoding
gzip
strict-transport-security
max-age=600 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-pathqs
TRUE
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
x-arrrg4
https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
content-length
8776
pragma
no-cache
last-modified
Wed, 09 Feb 2022 15:12:48 GMT
blaizehappened
true
etag
"1d1bba379b16a1cdcf148c14e5ba706a332f989083c1ae895500b161c74a9edb"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f70e3c60a&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=4539fe69f634b58ebe902d6108b8f203
expires
Wed, 18 Oct 2023 06:54:00 GMT
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 243 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Wed, 18 Oct 2023 03:15:16 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"652f4dc4-2b9b"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2584250
content-length
1532
expires
Fri, 17 Nov 2023 04:44:50 GMT
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 242 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Wed, 18 Oct 2023 03:15:14 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"652f4dc2-7b68"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2584239
content-length
6281
expires
Fri, 17 Nov 2023 04:44:39 GMT
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 242 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Wed, 18 Oct 2023 03:15:14 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"652f4dc2-c14"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2584396
content-length
960
expires
Fri, 17 Nov 2023 04:47:16 GMT
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		41 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
88368ae9b2482d286c5ed652a8b6c94f220d5a4a00cb502e19cd6bda85d39da1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 242 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Tue, 25 Jul 2023 23:34:15 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"64c05bf7-a5cc"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2037247
content-length
16468
expires
Fri, 10 Nov 2023 20:48:07 GMT
3ed5a3f3cc34b18e223d9b4a41c91caf
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3ed5a3f3cc34b18e223d9b4a41c91caf?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
38c2cb9b0d8e8d45e937e85aa2b7d1a8452a902d5e5d1da4f3703f15c00278c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Wed, 18 Oct 2023 05:51:35 GMT
server
Akamai Image Manager
etag
3079f5bfebadd270c5fa9abfad6881a6-3ed5a3f3cc34b18e223d9b4a41c91caf-150
edge-cache-tag
3ed5a3f3cc34b18e223d9b4a41c91caf
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5180233
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3506
expires
Sun, 17 Dec 2023 05:51:13 GMT
bf8abafa8e0400644821edfaac2ec62e
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/bf8abafa8e0400644821edfaac2ec62e?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
da7c580e30c824986cb7ffcf948daf4148b464b264f68fe15456f19bdcfe8875

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Wed, 18 Oct 2023 02:03:26 GMT
server
Akamai Image Manager
etag
7f7c422689a266c9abd68b42c3e64524-bf8abafa8e0400644821edfaac2ec62e-150
edge-cache-tag
bf8abafa8e0400644821edfaac2ec62e
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5166247
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3750
expires
Sun, 17 Dec 2023 01:58:07 GMT
1329a0348c7d35bd9348a5c78747b734
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1329a0348c7d35bd9348a5c78747b734?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
5430692de4b84722b96638ff5ac92b0cda7a64a2ce1b6def6b9774f981712919

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
x-check-cacheable
YES
edge-cache-tag
1329a0348c7d35bd9348a5c78747b734
content-length
3844
last-modified
Wed, 18 Oct 2023 04:58:50 GMT
server
Akamai Image Manager
x-serial
968
etag
870e765ed665eb0fca372267aa6f4914-1329a0348c7d35bd9348a5c78747b734-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5177061
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 17 Dec 2023 04:58:21 GMT
84b0d21ee8b87f0cceaed1e349ab3b2f
content.api.news/v3/images/bin/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/84b0d21ee8b87f0cceaed1e349ab3b2f?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2a694cc83c68e30ede6ad2847f80101cb10d3381b6a4f0932ca7de00afe2b8cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
x-check-cacheable
YES
edge-cache-tag
84b0d21ee8b87f0cceaed1e349ab3b2f
content-length
5317
last-modified
Wed, 18 Oct 2023 04:19:23 GMT
server
Akamai Image Manager
x-serial
932
etag
1c3d2a004fa5368af206396dee52b26f-84b0d21ee8b87f0cceaed1e349ab3b2f-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5174661
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 17 Dec 2023 04:18:21 GMT
a928c80f233fbb5503ba7a53fb926abf
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/a928c80f233fbb5503ba7a53fb926abf?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
91ac695010459a37c6572eff5659c9d51ba2335eb9c49a6e0a558e7f73e86236

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Tue, 17 Oct 2023 08:27:40 GMT
server
Akamai Image Manager
etag
b684d7dcd3c3e2c9ef14ad62c6ac1fd4-a928c80f233fbb5503ba7a53fb926abf-150
edge-cache-tag
a928c80f233fbb5503ba7a53fb926abf
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5103188
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5245
expires
Sat, 16 Dec 2023 08:27:08 GMT
3ce20ed21ef8f4549942451850fb5902
content.api.news/v3/images/bin/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3ce20ed21ef8f4549942451850fb5902?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
dbcdac5068de08ff63d2ae44fc3797fd3b6215cc17a375f48a00503b1cd47d9d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Tue, 17 Oct 2023 09:07:24 GMT
server
Akamai Image Manager
etag
08a697d015879d2208ff1899afbe9d1c-3ce20ed21ef8f4549942451850fb5902-150
edge-cache-tag
3ce20ed21ef8f4549942451850fb5902
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5105529
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5398
expires
Sat, 16 Dec 2023 09:06:09 GMT
3977673ee4d8571e2c2d669de2d770ea
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3977673ee4d8571e2c2d669de2d770ea?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ad3882e871320fbd721f080f0fe59b2aa77c4226bdcc2db64b974d2d273b7bd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
x-check-cacheable
YES
edge-cache-tag
3977673ee4d8571e2c2d669de2d770ea
content-length
3383
last-modified
Wed, 18 Oct 2023 04:42:32 GMT
server
Akamai Image Manager
x-serial
747
etag
b33fbd7a6a1c71980401a90381912b25-3977673ee4d8571e2c2d669de2d770ea-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5170612
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 17 Dec 2023 03:10:52 GMT
37a807eb481207c798a4db58dfbb111f
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/37a807eb481207c798a4db58dfbb111f?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
afaf4a15fedcab011a226f51e644759145a3f1a674b60ec6774ce573d8b4c22f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Wed, 18 Oct 2023 05:17:41 GMT
server
Akamai Image Manager
etag
abb8fa8b3b85d5d83bf1c74256e71adf-37a807eb481207c798a4db58dfbb111f-150
edge-cache-tag
37a807eb481207c798a4db58dfbb111f
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5178195
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3560
expires
Sun, 17 Dec 2023 05:17:15 GMT
3c877921937262064df4ae8f868a4ec9
content.api.news/v3/images/bin/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3c877921937262064df4ae8f868a4ec9?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
961b402cdbb0d3285838dcee0a613125013a2c5b09c4adac2496a81f0b9cb782

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
x-check-cacheable
YES
edge-cache-tag
3c877921937262064df4ae8f868a4ec9
content-length
2254
last-modified
Wed, 18 Oct 2023 04:37:45 GMT
server
Akamai Image Manager
x-serial
1210
etag
e6c7e3df45db93e8f1957b03ce8507fd-3c877921937262064df4ae8f868a4ec9-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5175866
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 17 Dec 2023 04:38:26 GMT
e0731c3c40ff28cda635878f8ed46b45
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e0731c3c40ff28cda635878f8ed46b45?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e20095438598e41559c819a6e7627835df9a9c2f6d490a4ea3a212286a3ba934

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Tue, 17 Oct 2023 05:04:07 GMT
server
Akamai Image Manager
etag
3f97531b108fe794c6693214f38e7d2f-e0731c3c40ff28cda635878f8ed46b45-150
edge-cache-tag
e0731c3c40ff28cda635878f8ed46b45
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5091068
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4256
expires
Sat, 16 Dec 2023 05:05:08 GMT
d2b46f40646574290bd387e415239e91
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/d2b46f40646574290bd387e415239e91?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
71f807974bc8301887caa7e32ceb42d86249926ee6d6c1aed662eb991623bc45

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
x-check-cacheable
YES
edge-cache-tag
d2b46f40646574290bd387e415239e91
content-length
5201
last-modified
Wed, 18 Oct 2023 04:22:31 GMT
server
Akamai Image Manager
x-serial
102
etag
d94c6e85fb5476b26407077ff78dcdac-d2b46f40646574290bd387e415239e91-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5174927
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 17 Dec 2023 04:22:47 GMT
rea-logo.png
d2n6ofw4o746cn.cloudfront.net/bob/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2n6ofw4o746cn.cloudfront.net/bob/images/rea-logo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.45.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-45-206.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 07:02:29 GMT
x-amz-version-id
fJFk.rSD7m0my1Uc67iV0dc4uKOxz4yR
via
1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
last-modified
Thu, 09 Sep 2021 21:17:00 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
11058692
etag
"731035d55715734eff2f2a0f9afb31e7"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
28648
x-amz-cf-id
BwF5CR-JR0bI9IOVkO-1yp17B9HDickRZwf7YXY0gKHMHX4Xa9p8nA==
adblock.js
tags.news.com.au/prod/adblock/ 		102 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
application/x-javascript
date
Wed, 18 Oct 2023 06:54:00 GMT
cache-control
max-age=75522
server
AkamaiNetStorage
etag
"bebf5f8dc74222b04669a0854d13b696:1686179714.642139"
content-length
102
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 		264 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54658f011aceb45705e19dc398fb1006bd498bee77370402133e67e68663385b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
cSOZDFK3mQlR3SzzJbnoZrMMZx.OQ3P2
content-encoding
gzip
via
1.1 varnish
date
Wed, 18 Oct 2023 06:54:00 GMT
x-amz-request-id
5JKM5600D3QJC6A3
age
52
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
56860
x-amz-id-2
g4gqe0T2gsREzCdG7ZvnZ1PJqT3TIWmhuenzNCkm9fzKAnGWwUX36PrZ7wKNXMxrPA47O+c/PaM=
x-served-by
cache-bne12527-BNE
last-modified
Tue, 17 Oct 2023 09:31:05 GMT
server
AmazonS3
x-timer
S1697612040.475551,VS0,VE0
etag
"b31fcb3cf4d0846147491806372cad98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
73
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
6
escape.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/escape.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
41a368a7669db0c9d808b694ff30deb13af0da9233a84f1da9d69995615354f9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 242 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Mon, 05 Dec 2022 05:49:32 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"638d866c-919"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=171166
content-length
1066
expires
Fri, 20 Oct 2023 06:26:46 GMT
kidspot.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/kidspot.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4c0e900d88a4d79acc98c18901c221ff93418f92cfb8e3b10f5030b5d026071a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 243 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Thu, 03 Aug 2023 07:35:49 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"64cb58d5-10b5"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1053031
content-length
1678
expires
Mon, 30 Oct 2023 11:24:31 GMT
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
8CFC5CF20FCCF0E0
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=388904
accept-ranges
bytes
content-length
16112
x-amz-id-2
AX9xKzvyw8F7URJ4HsRau/7gUlz9ldHtflgeH4seCCuG/IAZ+XqRAnV+hWm9j5KML9DAp3P3UaA=
expires
Sun, 22 Oct 2023 18:55:44 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
1J7K2R2S5W0QCG3W
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=562081
accept-ranges
bytes
content-length
15948
x-amz-id-2
nruS5wshl+Z53oSxuJC5+gzpa8OsRlwVDWEf/z6xyogyoJwFPbDOW+3prnciPYrDNF71xlrPNUg=
expires
Tue, 24 Oct 2023 19:02:01 GMT
d2fb819eeed936700b9675cbda646ea9
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/d2fb819eeed936700b9675cbda646ea9?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
71b1e6a532cfe9d1ae00078364d802514836b26b36a271ed78233d334043da1f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
x-check-cacheable
YES
edge-cache-tag
d2fb819eeed936700b9675cbda646ea9
content-length
4807
last-modified
Wed, 18 Oct 2023 04:53:41 GMT
server
Akamai Image Manager
x-serial
972
etag
5f4eed3951a63217fa9a50a1ac4c6f8b-d2fb819eeed936700b9675cbda646ea9-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5176811
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 17 Dec 2023 04:54:11 GMT
9d05731ca3058b28791cecffdc0b58a9
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/9d05731ca3058b28791cecffdc0b58a9?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
484f88512382babcd732c0d5404f8555a99856057e143b6b1f709e1fb9e6e6e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Wed, 18 Oct 2023 06:14:06 GMT
server
Akamai Image Manager
etag
7799de6b4bbc51a71e9e1edbb07a301f-9d05731ca3058b28791cecffdc0b58a9-150
edge-cache-tag
9d05731ca3058b28791cecffdc0b58a9
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5181593
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3715
expires
Sun, 17 Dec 2023 06:13:53 GMT
f2e0eee0adbd8072d13cb4829d5bd1e6
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f2e0eee0adbd8072d13cb4829d5bd1e6?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a7befdc71549e05429b2f39beede1835f6d011fff0a1b52df13868535cef3033

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
x-check-cacheable
YES
edge-cache-tag
f2e0eee0adbd8072d13cb4829d5bd1e6
content-length
3782
last-modified
Wed, 18 Oct 2023 06:16:45 GMT
server
Akamai Image Manager
x-serial
1038
etag
ba6d1e291b3d85e15a07da62d7aeb351-f2e0eee0adbd8072d13cb4829d5bd1e6-150
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5181739
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 17 Dec 2023 06:16:19 GMT
f42cb9905e4e241e930503f319f4d9b8
content.api.news/v3/images/bin/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f42cb9905e4e241e930503f319f4d9b8?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
408096e36a0c32e02344efb63f4ecf2cafecc6040e329bad4616e6de67e6fe1c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
last-modified
Wed, 18 Oct 2023 05:04:12 GMT
server
Akamai Image Manager
etag
de258b967df276cf23ed0e8aa7c4f1b2-f42cb9905e4e241e930503f319f4d9b8-150
edge-cache-tag
f42cb9905e4e241e930503f319f4d9b8
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5177315
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
7138
expires
Sun, 17 Dec 2023 05:02:36 GMT
fa3fa6ccb67c5cf3fea23612d16e067e
content.api.news/v3/images/bin/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/fa3fa6ccb67c5cf3fea23612d16e067e?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
70dafd1c95afbc06a6484529213debecb69b166131ad8b4bfcd0d7f44af6810e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
x-check-cacheable
YES
edge-cache-tag
fa3fa6ccb67c5cf3fea23612d16e067e
content-length
2663
last-modified
Wed, 18 Oct 2023 04:23:44 GMT
server
Akamai Image Manager
x-serial
486
etag
a7c722ff26089708750085d092d3318f-fa3fa6ccb67c5cf3fea23612d16e067e-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5174912
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 17 Dec 2023 04:22:32 GMT
ff0b94defaff8b47245f6b51c5802af5
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ff0b94defaff8b47245f6b51c5802af5?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
dfd8847c59437eff94ab40b9dbe9591678c061587a5c2e3926b0e4ceeb7d2f45

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Tue, 17 Oct 2023 00:40:11 GMT
server
Akamai Image Manager
etag
b45a9edb5cc49acf285ea607f659fdab-ff0b94defaff8b47245f6b51c5802af5-150
edge-cache-tag
ff0b94defaff8b47245f6b51c5802af5
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5075181
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4534
expires
Sat, 16 Dec 2023 00:40:21 GMT
cae44f72ee11e59341de920ca7af4cbe
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/cae44f72ee11e59341de920ca7af4cbe?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
39e309c10e89cae85bee7a62fb7324b355456a33a970c1210cda818c296aa7a4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Tue, 17 Oct 2023 12:35:05 GMT
server
Akamai Image Manager
etag
0e6ab69f107db74d7b6d2a479d98ebb5-cae44f72ee11e59341de920ca7af4cbe-150
edge-cache-tag
cae44f72ee11e59341de920ca7af4cbe
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5118018
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
6154
expires
Sat, 16 Dec 2023 12:34:18 GMT
0f6fe23be8a6d1d064811ccad18c9d41
content.api.news/v3/images/bin/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/0f6fe23be8a6d1d064811ccad18c9d41?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
fb6e3f6098ff5934b49b7034b0ff9d48ed6bca2eb1f97fb37129bc6dfca523c0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Tue, 17 Oct 2023 21:58:57 GMT
server
Akamai Image Manager
etag
4846af2eef60f7c2d52f60068c335a28-0f6fe23be8a6d1d064811ccad18c9d41-150
edge-cache-tag
0f6fe23be8a6d1d064811ccad18c9d41
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5151970
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
7045
expires
Sat, 16 Dec 2023 22:00:10 GMT
ab587bac66695a7b9a91c01928383c28
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ab587bac66695a7b9a91c01928383c28?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
867b4bfa91946a56c99248907f9b3dae405069d6be42edb8c2272828c32d6918

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Tue, 17 Oct 2023 23:34:23 GMT
server
Akamai Image Manager
etag
63b57422e989178de2275335e438a699-ab587bac66695a7b9a91c01928383c28-150
edge-cache-tag
ab587bac66695a7b9a91c01928383c28
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5157519
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5799
expires
Sat, 16 Dec 2023 23:32:39 GMT
e60f2a399622a8ce45dfb304176fb9bc
content.api.news/v3/images/bin/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e60f2a399622a8ce45dfb304176fb9bc?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
06779e61ca7cf460a9be9fd0d67de26946e06775dda5fc2dc871b4ef74d2ea71

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
x-check-cacheable
YES
edge-cache-tag
e60f2a399622a8ce45dfb304176fb9bc
content-length
6374
last-modified
Tue, 17 Oct 2023 20:42:50 GMT
server
Akamai Image Manager
x-serial
1705
etag
b28488866787334e91e1821bbeb8ceb6-e60f2a399622a8ce45dfb304176fb9bc-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5147413
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 16 Dec 2023 20:44:13 GMT
3fb884c4882531aafecdb4157ec3b583
content.api.news/v3/images/bin/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3fb884c4882531aafecdb4157ec3b583?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
47d0d5aa7762ddfba8248dd8c8fafeda106e656f8b8a931407ec17cc5460dfd8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
last-modified
Tue, 17 Oct 2023 21:58:54 GMT
server
Akamai Image Manager
etag
2a360a0659ab0432db9eaa1ca99541eb-3fb884c4882531aafecdb4157ec3b583-150
edge-cache-tag
3fb884c4882531aafecdb4157ec3b583
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5151790
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
8052
expires
Sat, 16 Dec 2023 21:57:11 GMT
005f9f1f1fede2180deef6e1fd744411
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/005f9f1f1fede2180deef6e1fd744411?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6ccf10fd96234495c81502e28ee7d4b85d6326f57874ecea11f4ec7ea22ceae6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
last-modified
Tue, 17 Oct 2023 19:01:00 GMT
server
Akamai Image Manager
etag
9b4e797dbdf2bf200e0303356da9c7f5-005f9f1f1fede2180deef6e1fd744411-150
edge-cache-tag
005f9f1f1fede2180deef6e1fd744411
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5141130
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5038
expires
Sat, 16 Dec 2023 18:59:31 GMT
d0c2f3e9758b124b961bdd30c03f304b
content.api.news/v3/images/bin/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/d0c2f3e9758b124b961bdd30c03f304b?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2a3c406081ea961d2862beeb61e9e6df7f8c289d7fe3bb19db3cfe0dd2bf6fac

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
last-modified
Wed, 18 Oct 2023 05:08:07 GMT
server
Akamai Image Manager
etag
0451147c83dc0a0f13c4b65cb0924eb8-d0c2f3e9758b124b961bdd30c03f304b-150
edge-cache-tag
d0c2f3e9758b124b961bdd30c03f304b
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5177513
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
2549
expires
Sun, 17 Dec 2023 05:05:54 GMT
bodyandsoul.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/bodyandsoul.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ccb31b1542aaee2eb3ce785ccc2b5ab2b009461292d220cd329c2112da343826
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 242 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Thu, 05 Oct 2023 05:06:00 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"651e4438-18b7"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1774188
content-length
2357
expires
Tue, 07 Nov 2023 19:43:48 GMT
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
7D7951CE58958EA3
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=520800
accept-ranges
bytes
content-length
540
x-amz-id-2
c9QV5xkLqZA3aeUA+058OxiQN9SbPZxH29WSoy5e4h/svbFFRtWq6gzsRBj8GficGxoExGdKPks=
expires
Tue, 24 Oct 2023 07:34:00 GMT
quote.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/icons/quote.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
603fc565806e291180062d072e5a4ea084fc69a2b916975026ea7e94ebe04a3b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Tue, 05 Sep 2023 05:26:57 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"64f6bc21-539"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1096080
content-length
656
expires
Mon, 30 Oct 2023 23:22:00 GMT
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
d013bb3c53bf5602f7ef0b6941c24d900877e0009894a3a9554e18d4ad946622
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Wed, 18 Oct 2023 06:54:00 GMT
x-datacenter
gce-asia-east1
etag
"ccd7c88775a0f756ae46d91ad684b7a77ede87d5bae27f2f290cfef14d62f390"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-test-vdsz
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1033761249
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
0CFAD35F585CD25F
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=185825
accept-ranges
bytes
content-length
535
x-amz-id-2
/dMDWimqjNaN3Tcwf330wcepiHJ85rowGvlxWAI4XFDCzqgpfSqU6umPtJ3+EDdM8Cd02euf6XA=
expires
Fri, 20 Oct 2023 10:31:05 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
HBSM65NXW692RVP6
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=469406
accept-ranges
bytes
content-length
586
x-amz-id-2
u7f7Gi68iGJY0DiRegO0fNtiPTUOatAsJ44BUTin/3jhqu4YfC+TUH48SPBNhy8NBinMhmKQtr4=
expires
Mon, 23 Oct 2023 17:17:26 GMT
d2fb819eeed936700b9675cbda646ea9
content.api.news/v3/images/bin/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/d2fb819eeed936700b9675cbda646ea9?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2667ade0f68fa53801e686d823bd3b346b6db404406c2ee359628ed265ab89ee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
x-check-cacheable
YES
edge-cache-tag
d2fb819eeed936700b9675cbda646ea9
content-length
49381
last-modified
Wed, 18 Oct 2023 04:53:12 GMT
server
Akamai Image Manager
x-serial
1168
etag
5f4eed3951a63217fa9a50a1ac4c6f8b-d2fb819eeed936700b9675cbda646ea9-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5176810
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 17 Dec 2023 04:54:11 GMT
9d05731ca3058b28791cecffdc0b58a9
content.api.news/v3/images/bin/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/9d05731ca3058b28791cecffdc0b58a9?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
05dc9361756871c5b3e46098aa895fe1c9f182d5fc549f7644096a05ef08a58a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
last-modified
Wed, 18 Oct 2023 06:11:55 GMT
server
Akamai Image Manager
etag
7799de6b4bbc51a71e9e1edbb07a301f-9d05731ca3058b28791cecffdc0b58a9-320
edge-cache-tag
9d05731ca3058b28791cecffdc0b58a9
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5181388
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
10747
expires
Sun, 17 Dec 2023 06:10:29 GMT
f2e0eee0adbd8072d13cb4829d5bd1e6
content.api.news/v3/images/bin/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f2e0eee0adbd8072d13cb4829d5bd1e6?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
241c99424ffb0a10103882c9ba09cfc58a3f577c1fbaa95009b5d6c396266e3d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
last-modified
Wed, 18 Oct 2023 06:16:47 GMT
server
Akamai Image Manager
etag
ba6d1e291b3d85e15a07da62d7aeb351-f2e0eee0adbd8072d13cb4829d5bd1e6-650
edge-cache-tag
f2e0eee0adbd8072d13cb4829d5bd1e6
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5181794
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
23836
expires
Sun, 17 Dec 2023 06:17:15 GMT
f42cb9905e4e241e930503f319f4d9b8
content.api.news/v3/images/bin/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f42cb9905e4e241e930503f319f4d9b8?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7477c6f8e88d363e804cc07dfabcba4994b82b1f9738b6792deee049ecc232c2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
last-modified
Wed, 18 Oct 2023 05:04:13 GMT
server
Akamai Image Manager
etag
de258b967df276cf23ed0e8aa7c4f1b2-f42cb9905e4e241e930503f319f4d9b8-650
edge-cache-tag
f42cb9905e4e241e930503f319f4d9b8
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5177408
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
90054
expires
Sun, 17 Dec 2023 05:04:09 GMT
fa3fa6ccb67c5cf3fea23612d16e067e
content.api.news/v3/images/bin/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/fa3fa6ccb67c5cf3fea23612d16e067e?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
5b3bce54670dc4b7b293e3d2d99f303bf354047a47129e788ad452eee92f8c4b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
x-check-cacheable
YES
edge-cache-tag
fa3fa6ccb67c5cf3fea23612d16e067e
content-length
6830
last-modified
Wed, 18 Oct 2023 04:23:45 GMT
server
Akamai Image Manager
x-serial
400
etag
a7c722ff26089708750085d092d3318f-fa3fa6ccb67c5cf3fea23612d16e067e-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5175048
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 17 Dec 2023 04:24:49 GMT
ff0b94defaff8b47245f6b51c5802af5
content.api.news/v3/images/bin/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ff0b94defaff8b47245f6b51c5802af5?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6b8025bbab910b8c683df2791b71cb93234e64a4c70bdc8d9556538d9ffc061c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
last-modified
Thu, 12 Oct 2023 00:21:13 GMT
server
Akamai Image Manager
etag
b45a9edb5cc49acf285ea607f659fdab-ff0b94defaff8b47245f6b51c5802af5-320
edge-cache-tag
ff0b94defaff8b47245f6b51c5802af5
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4642149
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
17535
expires
Mon, 11 Dec 2023 00:23:10 GMT
cae44f72ee11e59341de920ca7af4cbe
content.api.news/v3/images/bin/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/cae44f72ee11e59341de920ca7af4cbe?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c8ccc14c406c6f81ae0f851c5203912dda934541223fc6d5d9b361d20b9b9a18

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
x-check-cacheable
YES
edge-cache-tag
cae44f72ee11e59341de920ca7af4cbe
content-length
18386
last-modified
Tue, 17 Oct 2023 12:35:04 GMT
server
Akamai Image Manager
x-serial
594
etag
0e6ab69f107db74d7b6d2a479d98ebb5-cae44f72ee11e59341de920ca7af4cbe-320
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5118083
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 16 Dec 2023 12:35:24 GMT
0f6fe23be8a6d1d064811ccad18c9d41
content.api.news/v3/images/bin/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/0f6fe23be8a6d1d064811ccad18c9d41?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d7a065d2addacd77c99edb847d7ca7f63d7cc6e26f2c77b4ee26af42a70b1d53

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
last-modified
Tue, 17 Oct 2023 21:58:56 GMT
server
Akamai Image Manager
etag
4846af2eef60f7c2d52f60068c335a28-0f6fe23be8a6d1d064811ccad18c9d41-320
edge-cache-tag
0f6fe23be8a6d1d064811ccad18c9d41
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5151854
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
11639
expires
Sat, 16 Dec 2023 21:58:15 GMT
ab587bac66695a7b9a91c01928383c28
content.api.news/v3/images/bin/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ab587bac66695a7b9a91c01928383c28?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6bde81b260875ab77e5687f72d4896d25a60810a18db9549c2bc08c1f2d31333

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
x-check-cacheable
YES
edge-cache-tag
ab587bac66695a7b9a91c01928383c28
content-length
9359
last-modified
Tue, 17 Oct 2023 23:34:25 GMT
server
Akamai Image Manager
x-serial
591
etag
63b57422e989178de2275335e438a699-ab587bac66695a7b9a91c01928383c28-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5157592
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 16 Dec 2023 23:33:53 GMT
e60f2a399622a8ce45dfb304176fb9bc
content.api.news/v3/images/bin/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e60f2a399622a8ce45dfb304176fb9bc?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c4295d30256e4e955b1584236f687a5bd4ce30cfe10282b7a0c9e921727205bd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
x-check-cacheable
YES
edge-cache-tag
e60f2a399622a8ce45dfb304176fb9bc
content-length
10034
last-modified
Tue, 17 Oct 2023 20:42:52 GMT
server
Akamai Image Manager
x-serial
412
etag
b28488866787334e91e1821bbeb8ceb6-e60f2a399622a8ce45dfb304176fb9bc-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5147276
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 16 Dec 2023 20:41:57 GMT
3fb884c4882531aafecdb4157ec3b583
content.api.news/v3/images/bin/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3fb884c4882531aafecdb4157ec3b583?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0a78abc02f9359cdec3b153e8608448216573101000634b558222a03df5df9f4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
x-check-cacheable
YES
edge-cache-tag
3fb884c4882531aafecdb4157ec3b583
content-length
12658
last-modified
Tue, 17 Oct 2023 21:58:56 GMT
server
Akamai Image Manager
x-serial
70
etag
2a360a0659ab0432db9eaa1ca99541eb-3fb884c4882531aafecdb4157ec3b583-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5151871
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 16 Dec 2023 21:58:32 GMT
005f9f1f1fede2180deef6e1fd744411
content.api.news/v3/images/bin/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/005f9f1f1fede2180deef6e1fd744411?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
368b7752738a376fe08388d1719cb245bf28aa39a8a67f608a9f2ced2b7c8adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
last-modified
Tue, 17 Oct 2023 19:01:45 GMT
server
Akamai Image Manager
etag
9b4e797dbdf2bf200e0303356da9c7f5-005f9f1f1fede2180deef6e1fd744411-650
edge-cache-tag
005f9f1f1fede2180deef6e1fd744411
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5141188
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
57668
expires
Sat, 16 Dec 2023 19:00:29 GMT
d0c2f3e9758b124b961bdd30c03f304b
content.api.news/v3/images/bin/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/d0c2f3e9758b124b961bdd30c03f304b?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b4cc31798597f72fc5373ca3c238437615270d993fcd022ea34544b1d1a49d18

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
x-check-cacheable
YES
edge-cache-tag
d0c2f3e9758b124b961bdd30c03f304b
content-length
18363
last-modified
Wed, 18 Oct 2023 06:12:11 GMT
server
Akamai Image Manager
x-serial
531
etag
0451147c83dc0a0f13c4b65cb0924eb8-d0c2f3e9758b124b961bdd30c03f304b-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5181468
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 17 Dec 2023 06:11:49 GMT
3c877921937262064df4ae8f868a4ec9
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3c877921937262064df4ae8f868a4ec9?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
fbb53392ea2d4f9b972eb848ca5b74ba5914888f2f697a9d5ab5a43a5d2c2a16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
x-check-cacheable
YES
edge-cache-tag
3c877921937262064df4ae8f868a4ec9
content-length
6100
last-modified
Wed, 18 Oct 2023 04:44:02 GMT
server
Akamai Image Manager
x-serial
622
etag
e6c7e3df45db93e8f1957b03ce8507fd-3c877921937262064df4ae8f868a4ec9-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5175936
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 17 Dec 2023 04:39:36 GMT
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 242 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Wed, 18 Oct 2023 04:41:45 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
"652f6209-37"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2584345
accept-ranges
bytes
content-length
74
expires
Fri, 17 Nov 2023 04:46:25 GMT
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		291 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c0c4ab2cb337f29a585f658d65b8e2f01d643dfe273503b3d79766ae0cae0230
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security
max-age=600 ; includeSubDomains
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
server
AkamaiNetStorage
etag
"63c16a277b40eda0348d8506936735c8:1696678131.720507"
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=1291
expires
Wed, 18 Oct 2023 07:15:31 GMT
indies-loader.js
ts2020-indies-client.web.app/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a48dae046278fe3a04f2a5e6106c47e40592575714014ffed14a38da1d403435
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by
cache-bne12529-BNE
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Mon, 04 Sep 2023 05:50:06 GMT
x-timer
S1697612041.630330,VS0,VE0
etag
"6b48f5e28d619ea7f5b4d8e58b33ccb21e3cdd1249eacb8f7730290813e3e264-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1614
x-cache-hits
1590194
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b59e15d5894b17c2997abb27ce068d118003dbd13479ce522260b1d96d1ca871
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 242 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Mon, 09 Oct 2023 04:59:01 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65238895-17fe5"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1873818
content-length
28498
expires
Wed, 08 Nov 2023 23:24:18 GMT
player.js
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/ 		616 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
06b37c36ff9b6334e218ea02b694b81afc75833a3c216b4e9e3d3c42ad3042c4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
content-encoding
gzip
x-amz-request-id
N0QEHY5EK7K0K9EB
x-amz-server-side-encryption
AES256
content-length
159008
x-amz-id-2
HWgGsZvegeYE26zv7Koud4q/7L4UjPtnJ8U9HYezVuyefCwcHjWGtQUHBX2mL+xBGMSeUyqgeoQ=
last-modified
Thu, 05 Oct 2023 02:12:12 GMT
server
AmazonS3
etag
"8f5a37fd578764d1de93fe6a84d91bbe"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1328
accept-ranges
bytes
expires
Wed, 18 Oct 2023 07:16:08 GMT
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css?ck=X+S56+ucicjCZDWsW5BYrQlE/T4=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
475f9b9e50c213ab87b0d034da76de7ebc7e2eb9cd1fe856c7f21769e856bbcc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 243 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Wed, 18 Oct 2023 03:15:16 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"652f4dc4-2b9b"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2584250
content-length
1532
expires
Fri, 17 Nov 2023 04:44:50 GMT
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4a527795b18674e33b58a1f4e6d9b4c2f96f73cf9c20c70fcb9f56ed4b94a2a3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 243 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Mon, 09 Oct 2023 04:59:01 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65238895-197f"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1873869
content-length
2213
expires
Wed, 08 Nov 2023 23:25:09 GMT
js-mosaics-helper.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-mosaics-helper.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f111061fbec61ae1f65532b5dba01d03f9a62600b8cf8d9c53a2ba3dc51d3aa4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 243 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Mon, 09 Oct 2023 23:22:05 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65248b1d-2824"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1873824
content-length
3247
expires
Wed, 08 Nov 2023 23:24:24 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
comments-count
mhr.talk.news.com.au/api/v1/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=c7e6cee07fb3bf7eb40155e62e9c2247,75ea0a617d1d4888cfdcbae4547edcc6,07d50af8e5cc0953570b95c4b2edfbf8,ef8575cde263fe1d113791882a1c31d4,744e80c2e6de51c1248275806adf1976,5e0eec0e565a0d5b0cb8219df8d2a54b,291db41ab4a03d5f9c6885fe06dbfc5a,e1db4eb1d2b122e37dd33e85cd6e320b,aa101ccce8a50183495193b09a0e5b81,3b33ece4ed8317ff77105c01606e61e9,d73b1d50e14e42e086d7d3a2843e682f,0ec8e2ef0a7795c7306d50ee833531ac,62ca236c385f10278d9212bc6fa0c533,2cc9c7b7b1c6d4e3a9b520079a03bb1a,0e9779dcde2637ed7c9987dcad4e8fc8,15db1bc9db026cbb663de4653dcc073c,f1c3f6dd29985cfaeda4965476b52fb8,6b009b5e5af4a6c79740fe1030cabddc,759d8d6eec79ef851fac41b21363b0ff,7bcf730e273ab3ecc53be60b4a0ae9c9,266cf3d789aa39ac1098b16c3cbe09a0,4cbf57d98c3b9609c7d42b25580db7c6,bc381990be17317e0f272cad715004c6,5b375c1acccbb4675c829bad2bdda311,3a243c854e9bc9e13652f4b100208558,3517065020588bb67ed88849ca291a41,26ab87da21b1c7e1b0a0ba64cdece609,9cf501c6b74c36496c9ac0e38932e00c,c2dca081e920941d9adef393130a4c02,6e14129c7d7a9172b5f6e925e9f630a9,a73c93889581981ea59374a4a04ab7df,a29f8e85c5569acaf73296cb9048e442,2f0f3aad8dd4d4b6509d62f782ad8f20,1fdebae6b14c3b58e2f8d27ac234d252,93170b4e016195dde256584cd52f66e1,ab1e4ceaa27e1e9dd87b98c856fb5c75,544b9acb32b13e41d92029c20db32150,c53090768301c8d24bab70da770a8628,1c7634ff731a8d8548d2eccc0bf04df1,6408413484bccc9be8b61750ed2fd066
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
d1face7aa9a24e4e735172eb4675071c2be639d7f3579ccfe2b368d7407d34ef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 18 Oct 2023 06:54:00 GMT
server
nginx/1.20.1
etag
W/"5dd-Xcf3Cz5H4+aVYadST2XQcI4T5+I"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
d96d0240-6d82-11ee-a9bf-113df761a69a
content-length
852
x-xss-protection
1; mode=block
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
674cecc33d701773b57481266baf1762bbda8be4ea1ab91edbce5c25d03bd76f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-length
728
x-rq
sin1 123 243 443
server
nginx
allow
GET
vary
User-Agent
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
expires
Wed, 18 Oct 2023 06:55:00 GMT
1401f7003e97953fe31d5ea219f8963b
content.api.news/v3/images/bin/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1401f7003e97953fe31d5ea219f8963b?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
46f9dcd2e18ab82c3a57b6cc54b0a8ac34241d1fd3af99189840d8a022c97dc7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
last-modified
Wed, 18 Oct 2023 04:01:57 GMT
server
Akamai Image Manager
etag
eebf840a26bacecfa617c679b093f8ad-1401f7003e97953fe31d5ea219f8963b-650
edge-cache-tag
1401f7003e97953fe31d5ea219f8963b
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5173633
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
81754
expires
Sun, 17 Dec 2023 04:01:14 GMT
33e8546ce3c52975d7bd13423e22bf1a
content.api.news/v3/images/bin/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/33e8546ce3c52975d7bd13423e22bf1a?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a4e47950213a9ebc54c04b1c20fedb4559811c8f349627d8ab877aade5ff2f42

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
x-check-cacheable
YES
edge-cache-tag
33e8546ce3c52975d7bd13423e22bf1a
content-length
14348
last-modified
Wed, 18 Oct 2023 00:55:20 GMT
server
Akamai Image Manager
x-serial
1322
etag
877a0946359eabd7f3e9731f6e7dc41c-33e8546ce3c52975d7bd13423e22bf1a-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5162291
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 17 Dec 2023 00:52:12 GMT
authorize
login.newscorpaustralia.com/ Frame 2B4F 		2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=8izg3QhIXqC5lbGknEPDszwhkn.KMXbZ&nonce=5x3JPh6VPPq8xm7CABbNwLHAS7UH_oF6&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yMi4xIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.154.245 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-154-245.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
c442a9080d41d33294a3983461847b6e73a295164963c8429fd818f2f733a3f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
817ede185c5f40d0-SIN
content-encoding
gzip
content-length
933
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Wed, 18 Oct 2023 06:54:01 GMT
expires
Wed, 18 Oct 2023 06:54:01 GMT
ot-baggage-auth0-request-id
817ede185c5f40d0
ot-tracer-sampled
true
ot-tracer-spanid
73614bbe5d12bb40
ot-tracer-traceid
23e0a3d47118506d
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
traceparent
00-000000000000000023e0a3d47118506d-73614bbe5d12bb40-01
tracestate
auth0-request-id=817ede185c5f40d0,auth0=true
vary
Accept-Encoding
x-akamai-transformed
9 537 0 pmb=mTOE,4
x-auth0-requestid
62033d66aaf0f3201c4d
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1697612042
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-103.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e45125ba57a40658c96c55007f0548387e8c67183ea00eff5766502655206bd3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
zE4FuKIruKfRhB0DSLMMqyrZTLjija9K
content-encoding
br
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Tue, 03 Oct 2023 00:40:09 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
21
x-amz-server-side-encryption
AES256
etag
W/"bec81fee94f6b889e5535aa79c02e902"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
1C59K9IH1i_10ZKI8mjfH_bl3pHGNBX8jQ9cej1wjbthmfoO2-tm3w==
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		85 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-103.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9639b41a6a00da2469a17dc078dacca8f00e8f71a998dce01781e816e5a96473

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
kPmS0ZOwXLSVLJHYT81fZp8f9CibnUdS
content-encoding
br
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
date
Wed, 18 Oct 2023 06:50:28 GMT
last-modified
Tue, 03 Oct 2023 00:40:09 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
213
x-amz-server-side-encryption
AES256
etag
W/"f1a970aafb71b6fa7cc712479244444b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
eQVsiil5S7ncDLxqFY6wmLx-mxsjUef9uJbIhr2KqdTVbTGq7uLqXQ==
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		227 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4300429d75b6111aaab9037915cb4653f310453781cb012330faaede3fd030bc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 243 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Tue, 10 Oct 2023 23:08:02 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"6525d952-38dab"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1978662
content-length
54773
expires
Fri, 10 Nov 2023 04:31:42 GMT
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7e066e40e0b0551b9c64ad28f35429a82e9b3878b8cfe150e1743804da51e484
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-rq
sin1 123 243 443
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:00 GMT
last-modified
Mon, 09 Oct 2023 04:59:01 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65238895-22a8"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1873920
content-length
3545
expires
Wed, 08 Nov 2023 23:26:00 GMT
load.js
pm-widget.taboola.com/newscorpau-aud-heraldsun/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/newscorpau-aud-heraldsun/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35ee40cb57caff6c6e1659481d420449cdd872706b1b850e0095a7f57d622e83

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
ndYIq6FAtxGKKzPoRwRLLqVwXwqDA0WD
content-encoding
gzip
via
1.1 varnish
date
Wed, 18 Oct 2023 06:54:00 GMT
x-amz-request-id
PKEKAH9QKBEDDWT0
age
3130
x-cache
HIT
content-length
1138
x-amz-id-2
iCTPWCJYdrZfm2QK5E+rdnA+GXk6c8C0wcH1Tqu+Jd8d+POmFtRBMA32uKOMtzcrbxbbkjSF0qA=
x-served-by
cache-bne12527-BNE
last-modified
Wed, 04 Oct 2023 05:26:01 GMT
server
AmazonS3
x-timer
S1697612041.752677,VS0,VE0
etag
"bc62213a237794bfc15cb79b0061524c"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
165
impl.20231017-7-RELEASE.js
cdn.taboola.com/libtrc/ 		813 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
73b4424d2202e9f35bc51ef07a84e4f2ca17e5c73fb20a25869eb92ae379e2b3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
kWTGf8NvWbb5LFVDeZErjvUZoExbKdv8
content-encoding
br
via
1.1 varnish
date
Wed, 18 Oct 2023 06:54:00 GMT
x-amz-request-id
TG0CS2R40QEN4S9T
age
20904
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
172298
x-amz-id-2
DI7+fhytHzYou+IGvcmI2ASDA+xrEmwpUEfKWkG0JyJ2cSXWTgrH+fY1RpV1B2NQLjjtLE07Log=
x-served-by
cache-bne12527-BNE
last-modified
Tue, 17 Oct 2023 09:04:04 GMT
server
AmazonS3-br
x-timer
S1697612041.750824,VS0,VE0
etag
"3bda92b29c116dc4e083c00e4076691d"
vary
Accept-Encoding
content-type
application/javascript
abp
7
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
55900
campaigns
resourcesssl.newscdn.com.au/indiestudio/api/public/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indiestudio/api/public/campaigns?userType=anonymous&pageType=homepage&site=heraldsun.com.au&section=/home&device=desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,x-amz-date,x-amz-security-token,x-amz-user-agent,x-amzn-trace-id,x-api-key
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
apigw-requestid
M_EZbh4bywMEMsQ=
cache-control
max-age=1784
content-length
0
date
Wed, 18 Oct 2023 06:54:00 GMT
expires
Wed, 18 Oct 2023 07:23:44 GMT
campaigns
resourcesssl.newscdn.com.au/indiestudio/api/public/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indiestudio/api/public/campaigns?userType=anonymous&pageType=homepage&site=heraldsun.com.au&section=/home&device=desktop
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ff6ae9abf2f38f35b3c07f4b9bddc4adf55307259d9e685bdc78b55f36ddd638

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
content-length
1343
apigw-requestid
M_EZdgQnSwMEM9Q=
expires
Wed, 18 Oct 2023 06:54:01 GMT
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-7.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 25a6a41477f0a4b161961d1300fb0714.cloudfront.net (CloudFront)
date
Wed, 18 Oct 2023 01:52:44 GMT
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
18078
x-amz-server-side-encryption
AES256
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
0sWugDOTsLqJ0GABLClsuqYSHP3nKVEgLSFIFapz0Ey2aMC4BnBMqw==
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.102.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Y8WN5PZ5RGBXEAQ9
age
2342358
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wg9Iq2abg7xBwMx/Tgo4Db4dOSzwiDcns6/p72dPeldJWOZRZhsbnNnk0u0arFzlnHV2SxXvgSs=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6B50AudIZ8hFyhD5hWMDdLAOS47%2BIqybo11c63acDLhE0Mom3y8F%2FanIXqCOMXgV9x5j0p0y92mtfo%2Bsf66gB6iGani4k5QQjIHsSIY2KNV0Dj5kevDoE78PXwH%2F1a0IIDQl4PR7"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
817ede198fe53e62-SIN
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
268324
expires
60
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=14%3A54%3A01.023&lti=deflated&data=%7B%22id%22%3A958%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1697535063617%2C%22vi%22%3A1697612040971%2C%22cv%22%3A%2220231017-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A14987%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-stream-midrail-new-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A2937.515625%2C%22mw%22%3A912%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-stream-midrail-new-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6b7425c73352077b530408a016e970b6ab1254500d0897fc8bd33c83101b95a5

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
251
date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.6991666666666667
x-fastly-to-nlb-rtt
231844
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-bne12527-BNE
x-log-content-encoding
gzip
server
nginx
x-timer
S1697612041.082075,VS0,VE251
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=14%3A54%3A00.962&type=info&msg=https%3A%2F%2Fwww.heraldsun.com.au%2F&llvl=2&id=1053&cv=20231017-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
46669
debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=14%3A54%3A00.964&type=info&msg=%7B%22mode%22%3A%22thumbnails-stream-midrail-new-native%22%2C%22container%22%3A%22taboola-desktop-mid-rail-home-native%22%2C%22placement%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=158&cv=20231017-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
46669
debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=14%3A54%3A01.021&type=info&msg=Desktop%20Mid%20Rail%20Home%20Native%20thumbnails-stream-midrail-new-native&llvl=2&id=9089&cv=20231017-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
46669
pmk-20220605.6.js
pm-widget.taboola.com/newscorpau-aud-heraldsun/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/newscorpau-aud-heraldsun/pmk-20220605.6.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/newscorpau-aud-heraldsun/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5bfeec706adc7683becefcd84345ebea5a5e66a5a1c6d7dd43f61acda78a4081

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
ZEmoAQ3keE2jgLCOjK4b0iLCSNlOaG3L
content-encoding
gzip
via
1.1 varnish
date
Wed, 18 Oct 2023 06:54:01 GMT
x-amz-request-id
ZAGVEBQNHH608KDC
age
1213222
x-cache
HIT
content-length
28798
x-amz-id-2
nzu+iTJiVci7Se3PHXzHX3sgz0zrB9gxAzPk4otlEZHP8vD7/4jRNK0e1F0LqmiC/YF4wVe+2sE=
x-served-by
cache-bne12528-BNE
last-modified
Wed, 04 Oct 2023 05:26:00 GMT
server
AmazonS3
x-timer
S1697612042.528337,VS0,VE0
etag
"efb031baac4072b52b08dc730d695c2d"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
29481
pixel_70e3c60a
www.heraldsun.com.au/akam/13/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_70e3c60a
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/70e3c60a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security
max-age=600 ; includeSubDomains
date
Wed, 18 Oct 2023 06:54:01 GMT
blaizehappened
true
x-pathqs
TRUE
vary
User-Agent
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_70e3c60a&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=4539fe69f634b58ebe902d6108b8f203
x-arrrg4
https://www.heraldsun.com.au/
content-length
0
player.css
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/ 		295 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.css
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fb43cca1676fe6b5d16921f2f16d3cf0ec445308ee4ec81b724e4a7b36f2171f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
x-amz-request-id
031CT5HWN8NCGHMJ
x-amz-server-side-encryption
AES256
content-length
51279
x-amz-id-2
l3rY8mRQf+fjVpeBjtY9acN754tC99hCqXcxNo2zZYqwdYW6yj+X7bKkpduhWtNgQIOxcwhBzNQ=
last-modified
Thu, 05 Oct 2023 02:12:12 GMT
server
AmazonS3
etag
"a58683e25a646e75cbcaff8f20385ad6"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=859
accept-ranges
bytes
expires
Wed, 18 Oct 2023 07:08:20 GMT
index.min.js
players.brightcove.net/5348771529001/938M1Zecs_default/ 		931 KB
250 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.28 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
714f6738376a61459e39558628b73496acaabd5b90516c8bff2b44b7b36609a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
PeOMqIIQk0AX.dt12S5B9WegUKTCIoLY
Content-Encoding
gzip
Date
Wed, 18 Oct 2023 06:54:01 GMT
x-amz-request-id
BNYT67S3K41QQM9M
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
255199
x-amz-id-2
Or5n+kmdF9+GaSe1rNR8SQvJrFTBs6T4qV/Q/21q8uLf6rm/TpFR0CTdQFSNkJSBhx7KVbirDFU=
X-BCOV-Response-Mode
1
X-Served-By
cache-qpg1270-QPG
Last-Modified
Mon, 18 Jul 2022 05:27:06 GMT
Server
AmazonS3
X-Timer
S1670896582.128212,VS0,VE1
ETag
"ee60f1c90237e0fc32d8071fe73d0e86"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=131
Accept-Ranges
bytes
X-Cache-Hits
1
MediaSDK.min.js
tags.news.com.au/prod/heartbeat/v2.2.0/ 		175 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"c347a09f51bb895d757c5e600ad18d57:1565826404"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=23092
content-length
35262
vans-adapter-google-ima.js
static.adsafeprotected.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-108.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
content-encoding
gzip
via
1.1 ce698fda3f892ed6ad58fa176c04a520.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 12:07:15 GMT
x-amz-cf-pop
MRS52-P1
age
413207
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jul 2021 19:25:58 GMT
server
AmazonS3
etag
W/"8ec0c211dda60907ae57f46e621bc794"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
DZKT6nGT0VZ8f-ssHti8zZrdSIHULovdSl0Pm4sksdYIdamlZx69lA==
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_8380478
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-108.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
date
Tue, 19 Sep 2023 01:30:23 GMT
via
1.1 ce698fda3f892ed6ad58fa176c04a520.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
2898519
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
uqEZUJQrjE1lVRKM--Tcgq2NVCXyDSiqQcu-aH_5niTQDdHX-9NSlg==
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16976120410790.5660540170301156
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5dacb52e983b6f9301230d96402d32b656bae0eea12e182b952727d355fb0304

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
830
expires
Wed, 18 Oct 2023 06:54:01 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
application/x-javascript
date
Wed, 18 Oct 2023 06:54:01 GMT
cache-control
max-age=36508
server
AkamaiNetStorage
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=985957851105.8802
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=985957851105.8802?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
cafe /
Resource Hash
1802acd7b797f6d02ac46b64abf82f6c55c2ab6ff0222a07f98278f16467fedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14655
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
20352597942.js
cdn.optimizely.com/js/ 		451 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/20352597942.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.54.56.167 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-167.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f6d2196c88067bce2c076d4033031b94b97a03015a4a8664e746daa26c2e207f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
HSgXC_Ty_hY8Y9FBhGTlOhhGIHJAKfGY
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:02 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
HA6TGD8MQ6DF4KHV
x-amz-server-side-encryption
AES256
x-amz-meta-revision
3189
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=5, origin; dur=243, cdn;desc="AkamaiION";dur=0,rtt;desc="46";dur=0,cdnip;desc="23.54.56.167";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1697612041850_389358031_285367692_24743_2124_46_97_146";dur=1
content-length
135029
x-amz-id-2
GKZIElY1awH0AnVzXkRm51tIRvCi0bmmE+8TTTxir5aO6TZzVh85vGklQaczsoD5Alc9tCkNTj0=
last-modified
Wed, 18 Oct 2023 06:26:23 GMT
server
AmazonS3
etag
"527eb81abf6741e37598b7d19a5c3f55"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=0
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.97.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-97-213.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:25:47 GMT
content-encoding
gzip
via
1.1 3c5649f7d49e8f5b916e18a72b919074.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:52:49 GMT
server
nginx
x-amz-cf-pop
SIN2-P2
age
70094
etag
W/"64d2e361-1197e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
jTSDrjkFCGDtyOnBBQsyMu-nF8ggoBmZwIWCjPQgwBvxxwD4GBlU3g==
expires
Wed, 18 Oct 2023 11:25:47 GMT
metrics.vendors.bundle.js
tags.news.com.au/prod/metrics/v2/ 		153 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/v2/metrics.vendors.bundle.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b828e919c2ff55a336488d2ac02c554c1b69b0b662e2e0e6cb230f0e47cd4b6d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"e236ed52e7bb1e63b0dcc1b88d05734d:1695255509.320122"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=70620
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
875e2dbb46ed3ac5de6ffb948be3670674574c75bf0c963ad68edb8832f06d44

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"fb68340e5f23d55e9dd6f9e882195c13:1695883768.293004"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=83322
content-length
9944
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Oct 2023 06:54:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
2Gr4BQD/IeQ/9nM8PMIKkxgkKozBR6sutQAvVEzZ8rwOtUBtCVZAO4sdJZz9z1mKLIXgyX1lIMC8rb0OErNs6Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-27.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 06:27:32 GMT
Content-Encoding
gzip
Via
1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SIN52-P1
Age
1591
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 May 2023 02:16:02 GMT
Server
AmazonS3
ETag
W/"d9de38d1900dec018a46f90cc70a48b7"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
X-Amz-Cf-Id
l_6H0nSBm8xhKAXnUJNmkrDUtaAhC_tCK3GdhxbQTbMRNfDLjMqnaA==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2023-10-18T06%3A54%3A01.113Z&country=au&newsconnectId=&fpid=4539fe69f634b58ebe902d6108b8f203
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.153.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-153-218.compute-1.amazonaws.com
Software
/
Resource Hash
91fcaddfc37eef91ea05818d0b192fbe33b1112ce52f1a31a1d858250c7ff42d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2862
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3dd748c4adbc0db25e393e90d7acc8d6e0b23cffff10aa5ebdd2454fcc6bf79
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
XqBJsbgzexSycwLrCmu1GD9ULfdQRYYt
content-encoding
gzip
via
1.1 varnish
date
Wed, 18 Oct 2023 06:54:02 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
KHY4KZWYWJPB03QN
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
520
x-amz-id-2
ipFzGZ5wWe2rZ/HvLsK9eGGIwWWW+FPnOkCm3i16nqFCY0RUF2XMHqqy6pXBH+iT+1+HSEagkg0=
x-served-by
cache-bne12529-BNE
last-modified
Wed, 11 Oct 2023 06:05:41 GMT
server
AmazonS3
x-timer
S1697612042.065369,VS0,VE0
etag
"2b403eb3957ea02ad77a24e80151ae98"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
2263696
id5-api.js
cdn.id5-sync.com/api/1.0/ 		138 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a9b728cbc4ea20ef9c0934035ba3300049c50682dcc0e58452c40749b6d853
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Oct 2023 11:34:12 GMT
server
cloudflare
x-amz-request-id
59TWKM0E92R53QPW
age
595
etag
W/"cc062d3a08ec5f94b7d1ab377b1e95bd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
817ede1f3c545c10-SYD
x-amz-id-2
h0RJitqRZDVIV59DdKMKhRfWLO/R4JoPDFaB8auTefhfWSkn3rcGGjIMqHT5bfU3wnGYl0xw91E=
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.44.233 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-233.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Fri, 18 Mar 2022 11:22:12 GMT
server
Akamai Resource Optimizer
x-akamai-ew-subworker
8096267
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
20617
expires
Wed, 18 Oct 2023 07:54:02 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
550f31172d6616dd65b986ffed33b0d9400f220195367f15a980caa963349c75

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a274dbe4a9a49f23e9a2822ac546709e:1673918295.329898"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=24554
content-length
2302
tad.js
tags.news.com.au/prod/tad/ 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ed7877193ea3a97b0116dd05aa9330b8cca37e4eb13d84e5665217657618c41d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"35042f07b387b8f3f535900c43cac024:1695611276.836358"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=72259
content-length
35432
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
af67202111e120f7578eeabad37b9d3b8e68925db083a70bd152800bf9270c41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29211
x-xss-protection
0
server
cafe
etag
320 / 19648 / m202310120101 / config-hash: 14883833089962685804
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 06:54:02 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		263 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.77.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-77-151.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
209807b4a945eb3978b50de85596e82a78af6ec6cf2d8757abadf90ef182a687

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:04 GMT
content-encoding
gzip
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront), 1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
last-modified
Tue, 17 Oct 2023 19:57:29 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2, SIN2-P2
x-amz-server-side-encryption
AES256
etag
W/"e715d530f804a6faeb76dbd12252e8fc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
PPsHKIZeaNV_jkprzy1nAAOie31DdS5WK4BWJxKYTS63DEAUYgGrKA==
prebid.js
tags.news.com.au/prod/prebid/ 		372 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
58b602816271b450fea24127d7d4bdeb9bd29455091cd5fab2b90bd15cb38719

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"62e661d9655f8f05339a6bd26cdd8ca1:1688955190.212207"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=68277
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-10.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9eab27c634b2201cb52d5a94c4bdec71726e1ca54039494147e92d35c5a0ce4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
L2trWbReOiYig5BAhnQn6C4nJ2iFltj6
content-encoding
gzip
via
1.1 dcb42c70bda10759ea456b517bba08fa.cloudfront.net (CloudFront)
date
Wed, 18 Oct 2023 06:36:28 GMT
last-modified
Wed, 04 Oct 2023 09:49:03 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
1054
x-amz-server-side-encryption
AES256
etag
W/"6faed4962ecca75dadefb64e59a801fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
K57dAYDBx2bCmpa6otcx6SMxumEZd24fFdSEaI4E1sJ7M9y236woAA==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c23adf862a75c69d2f83978c3cc4094269b66ad63654966d9893bc5773a30ad0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"46ba3a32f62698b2964efb48de285304:1689742096.334413"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=84624
content-length
6320
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4c4034f2522166c0aa6e8c23cd7f3d90b09568a1b97e0b1520dc54e4bbc3a09

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 18 Oct 2023 06:14:38 GMT
server
cloudflare
age
2364
cf-polished
origSize=5842
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9VpStX5GADigW2HC06tmj8AaAIexij7DzQsA3EQqAHX7avUrg4R8N3y4CIlmHZ5OiqaBXZVjsxoEBFThSnVZviofvWCXOjt13Jo45UI0gsO%2BFOM5Te17Sm2oA9KOWJGCrF68i%2BY"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
817ede20cd231f69-MEL
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.202309110217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-103.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d0e6380f435ab9edb2a011bd5b56d835902b81fee441fb769355f07fbc468c0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
2K2CMZMtWj8jHtsvPcW4ZcXCaIczFXiw
content-encoding
br
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
date
Wed, 18 Oct 2023 06:51:05 GMT
last-modified
Tue, 03 Oct 2023 00:40:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
177
x-amz-server-side-encryption
AES256
etag
W/"2c48420bfc010239d6478d682010420c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
thPCTHqe6blTkC_-BwQnietCglED0_oMIxrTWENOORTMdQR1_4Fq7Q==
utag.1200.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1200.js?utv=ut4.46.202309110217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-103.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0e31167602681c63e7b18ddf16b94159599c3fac3d338d004289a6a77a23fb8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
sip0BUMct7UeFy8LaTBU6RC_SL0ZiOO_
content-encoding
br
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
date
Wed, 18 Oct 2023 06:51:05 GMT
last-modified
Tue, 03 Oct 2023 00:40:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
177
x-amz-server-side-encryption
AES256
etag
W/"fbebdb9f4867bc4a4ffa60a78d76b04b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
Wvw-NqkZbvNtKw6wyt4y83DetMI4Ahf1EqnEAxO2oSN63cXup3EhwA==
utag.1205.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1205.js?utv=ut4.46.202309110217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-103.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab1437e8b7c26c45fecb3a842cac98e9354ba4e7059f3908430190d20c7837c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
pMh31Kiwa.aO5y_EpQpotPSoA_I7r5Y_
content-encoding
br
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
date
Wed, 18 Oct 2023 06:51:06 GMT
last-modified
Tue, 03 Oct 2023 00:40:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
176
x-amz-server-side-encryption
AES256
etag
W/"4c7d8cc4a5d98a26cae6d3760a088413"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
va6-YwSOohseCmbHq0eOHk6fuAlxxdcqpqbB3RNCxxrUsiHjoztS0w==
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/ 		1 KB
849 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bbd29deca68f9639a9456faedcb3c18abc0af0b4bd8336b49a82b61c34296bfe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
HK0RbzeDAVCW84s.1dGrLRZdbS9WZNnG
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:01 GMT
x-amz-request-id
MVSGHY9TTR477E1T
x-amz-server-side-encryption
AES256
content-length
482
x-amz-id-2
u+4E1M5zEXN72a0NOFIejb5RAUSbHflytfr+kJ8ryhzDksvmf/cFd9moccWPowDKbM+Y2wMMDgA=
last-modified
Sun, 15 Oct 2023 23:33:17 GMT
server
AmazonS3
etag
"36ca8df1b51aa7fd5e82601bc8ea150e"
x-i
true
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=985
accept-ranges
bytes
expires
Wed, 18 Oct 2023 07:10:26 GMT
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/ 		29 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/main.js
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f0ef50bf45765ae087cc01984ebe59f10ff50a76af8b0677dda5b436347ee9dc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
mpe1UcBA_L3SfWWbf5Lea9eFE_zvHP_Y
date
Wed, 18 Oct 2023 06:54:01 GMT
last-modified
Sun, 15 Oct 2023 23:33:17 GMT
server
AmazonS3
x-amz-request-id
E5XSN2A9YD7J5QE5
etag
"464d07cc240e49c3763eb7b00e119a07"
x-amz-server-side-encryption
AES256
x-i
true
content-type
text/javascript
cache-control
max-age=719
accept-ranges
bytes
content-length
29465
x-amz-id-2
xm/6ftN7+U0+sofTAHj8OYpS+TDfGMeX2Hj8O0fU0J66igPKeoLqNZkBD8K2iNS5w8FvKqRpDxBWgDzutQ0fHg==
expires
Wed, 18 Oct 2023 07:06:00 GMT
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9fcb56796431615752f0184552946e295a703918e343a26904a0fae4bd449fce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
.gNb4abY.7rl7XhpKeW8t0rrJ5Ge.nTv
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:01 GMT
x-amz-request-id
NPT5B90RTSJXV19C
x-amz-server-side-encryption
AES256
content-length
2968
x-amz-id-2
zUlPNXqCrZNCeUGzrSo9hRnYeUFfPpDlU/S/7GqeyyL5/gQmkE/1FksCVC8+KFGyKl8NLdnOo/4=
last-modified
Wed, 18 Oct 2023 02:31:42 GMT
server
AmazonS3
etag
"fb21dbd086649300a77d7160f339d3ff"
x-i
true
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=807
accept-ranges
bytes
expires
Wed, 18 Oct 2023 07:07:28 GMT
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/ 		261 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
171d746b396dc5efdf864c0f5631ee8fede3b710a07bdd6a2c9ecd2c3a382990

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
9l6P5ZYbQukuVB9CiHr1pt1YVkJJqwNL
date
Wed, 18 Oct 2023 06:54:01 GMT
last-modified
Wed, 18 Oct 2023 02:31:42 GMT
server
AmazonS3
x-amz-request-id
YAZYP53ZAFA2YKP5
etag
"0274259ca54fd6bc8c8ff3542a1ec73c"
x-amz-server-side-encryption
AES256
x-i
true
content-type
text/javascript
cache-control
max-age=804
accept-ranges
bytes
content-length
267389
x-amz-id-2
ch5LyZTefBvSYc0QG8n9kyjlIvF93IE0eAXafiApvqpPEa/BfFlYX3UOcpFuSclrVO27QVp2LxI=
expires
Wed, 18 Oct 2023 07:07:25 GMT
title-arrow-blue.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		168 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-blue.svg
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
462de0cf99e5a07877be62391df469f48b1fb508b31d01ceab53b0a7bf1a73ce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
last-modified
Wed, 14 Sep 2022 05:11:08 GMT
server
AmazonS3
x-amz-request-id
4S5JTGWCSWBHNB03
etag
"66be3d1dd6a8e48ce691f235e6119f50"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=171263
accept-ranges
bytes
content-length
168
x-amz-id-2
gUzQxo5Wray7qrMjMwq/E8acfAtIb4VU4TBORDtft/eIL3V+hPswuKg/TvVi+AQMB8zhK8aUyo4=
expires
Fri, 20 Oct 2023 06:28:24 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CH8A5OBC77UEFTNV5O50&lib=ttq
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1200.js?utv=ut4.46.202309110217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.235.74 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-235-74.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ec4bc303ff4d9a749721d252b11b947441f8196e3806f3a2d616a6fd1a45a436

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id
e2d43bed.e2cf211
date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-28-235-70.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time
223,184.28.235.70
server-timing
cdn-cache; desc=MISS, edge; dur=218, origin; dur=6, inner; dur=3
content-length
1312
pragma
no-cache
server
nginx
x-tt-logid
20231018065402453EC1D6E04AEA62D1CB
x-cache-remote
TCP_MISS from a23-222-0-201.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
6,23.222.0.201
x-tt-trace-host
015cb514834b804badc73d964a00b03807c68bc25afc96155784527dd1c4b183246d5d93030afcbacadb6d786536ff9dd415dac4f5dd959a3ca2bdfc044eee32411323dc6a9857a26d9144d1c8a0d21888711d7912476782253a6a593bde91e9c055a23baa29785b204f750b32785f9774
expires
Wed, 18 Oct 2023 06:54:02 GMT
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.16.168 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-46-16-168.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4c2e03d0e2d3f21d25a50ac39491f5124a03d778da219ccb65801c522201a370

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
x-amz-request-id
XKGND0NZ509CX06F
x-amz-cf-pop
ATL56-P2
x-amz-server-side-encryption
AES256
content-length
21820
x-amz-id-2
vaHbI0o5FSMYgdPdaFYbOMSEAv6uHVsMSKgAyNtzcRFgrLIzvgo67PGjaYRJfk9obKt+U8vCrDU=
last-modified
Wed, 06 Sep 2023 14:35:36 GMT
server
AmazonS3
etag
"220840acac0b72605c541d1c968febe3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=373
accept-ranges
bytes
x-amz-cf-id
hca-17inFhrDhEHESrmINPGBV7ufa5XP4ONnOzH01FCtESc_rbD2yw==
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Jun 2023 20:49:59 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7409
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202310030038&cb=1697612041300
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-103.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Wed, 18 Oct 2023 06:48:19 GMT
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
343
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
GZ_5B8BEkLksi-1iVKfzqE8kbgCXgFAtagal7LvI4CVQWkqrE-qjwA==
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-80.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c337e54e0db2702dfd0df4760fe30ee8079d1f679e5d58133aeceab24eb2b168

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
72s5fXcTwyVlzJ.pw7NJQ6sj_H1R1Z5g
content-encoding
gzip
via
1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront)
date
Wed, 18 Oct 2023 06:49:53 GMT
last-modified
Tue, 17 Oct 2023 13:19:55 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
age
250
x-amz-server-side-encryption
AES256
etag
W/"67824edfb5c0b4e35f16a6d48d609f26"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
DZ6SEpFa6SfW3RYUzVv5u462BOQfINXZs2RrdXytcVIOXplPK6Z70Q==
door.js
au-script.dotmetrics.net/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13062
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-56.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
d607b6ea663791ba493d51dff702ced971121c531f826d15086a0ef672f42f4c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
br
via
1.1 0676a5fe6935c768360b164abce6620e.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
etag
"13062...239.2023101806"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
DhMj2eKfJa-Wdt71eWb8fWPbvrk0ow6Vhfn47eHLbxNvBfWEFohwuQ==
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-86.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 06:05:13 GMT
Content-Encoding
gzip
Via
1.1 80a9a66193c3e6350d12faf1c397c974.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
434930
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
AoXt49iQzdHsImXk4mLOVZ84ifG__TP-1IDTx_whdXpzb7-sqWWU0A==
arrow_left_black.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/icon/ 		295 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/icon/arrow_left_black.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d6a2262db41d6daa01a55bff2ad51439054c6b051f070f0b2c3ecb7a3c482489

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
last-modified
Wed, 15 Mar 2023 00:11:28 GMT
server
AmazonS3
x-amz-request-id
022ZK4D9MJSGE1H3
etag
"f55d1ae7b7bc941af883ba0e4179a13a"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=231335
accept-ranges
bytes
content-length
295
x-amz-id-2
Clx1aF+xJ26DPw2e1kWqU8ZEtx3GmoBZq4Ypolli614mV1a0WIl8y3+x/CIHsoqJsHV060Olp0E=
expires
Fri, 20 Oct 2023 23:09:36 GMT
arrow_right_black.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/icon/ 		294 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/icon/arrow_right_black.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0ec76d4b6ed8c436113f06a582c476855e784f3226de982d3df06453a35eae3e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
last-modified
Wed, 15 Mar 2023 00:11:28 GMT
server
AmazonS3
x-amz-request-id
V3G0C4QEZ9KVCETQ
etag
"0213d7039af05f02cbd9551d0dec8d53"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=580236
accept-ranges
bytes
content-length
294
x-amz-id-2
cwzpMAnoYeZKgoL5w6Vn5E4ghPNWQtI3Yjkg96KCqAzb8kezeMu9YSx+rWeEKQrbEXg0pw9cF9c=
expires
Wed, 25 Oct 2023 00:04:37 GMT
query
www.heraldsun.com.au/sitesearch/1/indexes/prod_plnn_content_bylatest/ 		31 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/sitesearch/1/indexes/prod_plnn_content_bylatest/query?x-algolia-agent=Algolia%20for%20JavaScript%20(4.16.0)%3B%20Browser%20(lite)&x-algolia-api-key=&x-algolia-application-id=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
919403d0541af2e6be939ac4ffe1fb341038d048ac32b3e4a69d6d9ce980ccb1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security
max-age=600 ; includeSubDomains
x-content-type-options
nosniff
date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-disposition
inline; filename=a.txt
content-length
4873
pragma
no-cache
x-alg-pt
7
server
nginx
vary
User-Agent, Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
expires
Wed, 18 Oct 2023 06:54:01 GMT
userx.20231017-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231017-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a021c4118a8ed18c55e33971fc9eba7bdc07a6c07b43f0c9f421577bf5620acd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
WGw.cqU9XESTIrIy9Qw_PcF13f4pGvDF
content-encoding
gzip
via
1.1 varnish
date
Wed, 18 Oct 2023 06:54:01 GMT
x-amz-request-id
B8VF71401WP99DBF
age
10195
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
4JtG04tNWspdRlmfAOsdKpfSkFotk38/XNEe0Myv0RZDREQ/dv8HwBmeEhJGFRwSTcZ4bhz6WMg=
x-served-by
cache-bne12527-BNE
last-modified
Wed, 18 Oct 2023 04:04:05 GMT
server
AmazonS3
x-timer
S1697612041.491410,VS0,VE0
etag
"dea341f076963e9a101c869bf34924ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
34
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6068
distance-from-article.20231017-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231017-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14b27f6996322cc01899e1645fe0d308e474faab17f1936e1340753110d40eb9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
N2Oho29wojfPQr55p0GUIapS.dC.w07m
content-encoding
gzip
via
1.1 varnish
date
Wed, 18 Oct 2023 06:54:01 GMT
x-amz-request-id
WZKJ9M8RZBQ8FE8N
age
10229
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
nCfMmWxeZGzNsOzODex2dR6RYG/Jr5P3B++Z8/woA+D2ma8rFMxcc5V3AsyuBeYbFLtW3lHclkU=
x-served-by
cache-bne12527-BNE
last-modified
Wed, 18 Oct 2023 04:03:32 GMT
server
AmazonS3
x-timer
S1697612041.492523,VS0,VE0
etag
"ad4975a2ba820377c220f5aaf40ac255"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
1
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
18572
article-detection.20231017-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231017-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c96c896d339ecd2412561b1cc04a750ddbb798fe446c7d9c7fa1f44cbec81ee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
q3CKhbgIexLnL8_ofXuX4MgaM30tWW9l
content-encoding
gzip
via
1.1 varnish
date
Wed, 18 Oct 2023 06:54:01 GMT
x-amz-request-id
37W9K4R67SG9P5MF
age
10236
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
5d7r8dZa4fH5bsc4T79WOIrRpMJM0z+BfbWggpU0iUbpS+ffUq7P3rz6BOG47YkSPIRNqU897Bw=
x-served-by
cache-bne12527-BNE
last-modified
Wed, 18 Oct 2023 04:03:25 GMT
server
AmazonS3
x-timer
S1697612041.492705,VS0,VE0
etag
"3ab8def42c462057a94a7aa8f711817c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
95
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
18558
article-and-feed-area-scanner.20231017-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20231017-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ff68089be6aec9004c46e509907ce39e1fa0621d7d02eb05613a85dbcdd8e58

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
4CuR5DNhTKvyneVVY6HZImg19VwTVUfh
content-encoding
gzip
via
1.1 varnish
date
Wed, 18 Oct 2023 06:54:01 GMT
x-amz-request-id
K6VYK243F2SJA9MG
age
10237
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1148
x-amz-id-2
7B6U0jLWnkKZcK0Y+bl7t7q8896UQ0tvEFjnz4qqznjTFeQfwT2nTtaFgtWQ2t9LOHOAE+W2rc8=
x-served-by
cache-bne12527-BNE
last-modified
Wed, 18 Oct 2023 04:03:24 GMT
server
AmazonS3
x-timer
S1697612041.492801,VS0,VE0
etag
"03cd34f000c60a26d7e5cef449a130bb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
80
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
7926
abtests
hk-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
526 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://hk-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/abtests?route=HK:HK:V&tvi48=10143&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1697612041440%7D&tim=14%3A54%3A01.440&id=3982&llvl=2&ri=d13e06f22e952569aa0bb796ff3c0f6c&sd=v2_ba6e694676ce172c720459b907fde6d8_6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689_1697612041_1697612041_CIi3jgYQgPNHGIuWwIy0MSABKAEwEDiu_QZA9oUQSIf08QNQ____________AVgAYABooKCVq-PzhYw8cAE&ui=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&pi=/&wi=873729681997272865&pt=home&vi=1697612040971&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
pragma
no-cache
date
Wed, 18 Oct 2023 06:54:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
hk-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=14%3A54%3A01.427&type=info&msg=Start%20Rendering%20Desktop%20Mid%20Rail%20Home%20Native&llvl=2&id=7884&cv=20231017-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
78173
abtests
hk-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/abtests?route=HK:HK:V&tvi48=10143&lti=deflated&ri=d13e06f22e952569aa0bb796ff3c0f6c&sd=v2_ba6e694676ce172c720459b907fde6d8_6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689_1697612041_1697612041_CIi3jgYQgPNHGIuWwIy0MSABKAEwEDiu_QZA9oUQSIf08QNQ____________AVgAYABooKCVq-PzhYw8cAE&ui=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&pi=/&wi=873729681997272865&pt=home&vi=1697612040971&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1697612041430%7D&tim=14%3A54%3A01.431&id=5071&llvl=2&cv=20231017-7-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 18 Oct 2023 06:54:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
hk-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=14%3A54%3A01.436&type=info&msg=Finish%20Rendering%20Desktop%20Mid%20Rail%20Home%20Native&llvl=2&id=8581&cv=20231017-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
78173
output-onlinepngtools.png
cdn.taboola.com/static/impl/png/ 		433 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/impl/png/output-onlinepngtools.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
AAyhRafOuktzn.f74Q8OqW.nPL5_HaO.
date
Wed, 18 Oct 2023 06:54:01 GMT
via
1.1 varnish
x-amz-request-id
2EPQZVFJX5B44QSR
age
8481
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
433
x-amz-id-2
vLjqtx6J2as8HW7BWXUUhP88pDYp4V3quigzlxX7mIS1wBdM5kGwsROGLgJKfaqY4ormwpBraZo=
x-served-by
cache-bne12527-BNE
last-modified
Mon, 15 Feb 2021 03:14:25 GMT
server
AmazonS3
x-timer
S1697612042.500375,VS0,VE0
etag
"85ce6ba53f1b4531a8d6ea8389d13cf7"
content-type
image/png
abp
18
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
305
metrics.main.bundle.js
tags.news.com.au/prod/metrics/v2/ 		94 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/v2/metrics.main.bundle.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c135d0d86a4220f247efa2c51dd813f6ee57c919092844adc5542d8d94f84f8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"06809ae23c81af6786c47359e848ad7f:1695255507.401537"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=84421
content-length
24913
debug
hk-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=14%3A54%3A01.478&type=info&msg=Finish%20Rendering%20Desktop%20Mid%20Rail%20Home%20Native&llvl=2&id=7719&cv=20231017-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
78173
Creative-sheet-thumbnail_3-3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2023/10/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2023/10/Creative-sheet-thumbnail_3-3.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8b25afd4c3a5616558c4d6734afcdd19c265c3b26c9af154ed4f594bbdc45756

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 18 Oct 2023 06:54:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2023/10/Creative-sheet-thumbnail_3-3.png
age
92106
edge-cache-tag
629915351547435918278204556224830902147,592336278956653605079917559716628193806,29ecf9b93bbf306179626feeda1fab70
cache-tag
629915351547435918278204556224830902147,592336278956653605079917559716628193806,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1331
req-referer
https://www.adelaidenow.com.au/
content-length
4210
x-request-id
2b5154de5d493cd4ea4660a07ee260e2
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200043-IAD, cache-iad-kcgs7200034-IAD, cache-sna10728-LGB, cache-iad-kiad7000062-IAD, cache-bne12527-BNE
last-modified
Tue, 17 Oct 2023 05:16:21 GMT
server
nginx
surrogate-reporting
width=180,height=135,bytes=6155,owidth=1200,oheight=700,obytes=1365840
x-timer
S1697612043.696038,VS0,VE0
etag
"7e1215ea840df284bfa49fc723c7b4b2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3, 73
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231018
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8eeb1635a65d8bf0fd57b195c3c3ec1fc05584505c44661285676cb4d1fdac58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 18 Oct 2023 06:54:01 GMT
x-content-type-options
nosniff
content-encoding
br
age
10392
x-jsd-version
1.0.1846
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
839
x-served-by
cache-fra-eddf8230103-FRA, cache-bne12520-BNE
x-jsd-version-type
version
etag
W/"63d-mf6Jq3pq5Pep+IG9QS9yw9aK9Xk"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
prebid
id5-sync.com/api/config/ 		135 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
3cbb17ce946796035eb3a1d9bf9f23b21b343f0e2e6b4445802c06388bba2e3b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Wed, 18 Oct 2023 06:54:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/basketball/series/9/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/basketball/series/9/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.130.38 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-130-38.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
99ce3d5b954b596a1cb1e361f0797c5685dfff608149f320f37184ca2467f68f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
12962582 13576171
access-control-allow-origin
*
cache-control
max-age=3037
accept-ranges
bytes
content-length
751
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/afl/series/4/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/afl/series/4/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.130.38 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-130-38.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
b24ddc19918b1011f103eae417ebe93752b13a2b8fb4f272e9cd368edc4bae05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
3139292 13864310
access-control-allow-origin
*
cache-control
max-age=1997
accept-ranges
bytes
content-length
893
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/cricket/series/1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/cricket/series/1/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.130.38 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-130-38.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
4921188c7f782540b7f9a2f628947515674747308fe3d51e4dab57b307340f60

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
5458187 5586567
access-control-allow-origin
*
cache-control
max-age=1
accept-ranges
bytes
content-length
532
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/football/series/1/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/football/series/1/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.130.38 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-130-38.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
42c52f665b11b8b9dcd311d985d7fea6a83a12c2cb0a3b1164ed31cd983334bd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
14847163 14491644
access-control-allow-origin
*
cache-control
max-age=1190
accept-ranges
bytes
content-length
796
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/football/series/9/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/football/series/9/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.130.38 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-130-38.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
9dd71f141cda66fe6e76baec04d4f8e2bc478dc5f250a4cdb2c2485608cba166

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:01 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
6177759
access-control-allow-origin
*
cache-control
max-age=1951
accept-ranges
bytes
content-length
773
csp-reports
login.newscorpaustralia.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/csp-reports
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.154.245 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-154-245.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/csp-report

Response headers
28cfef03
login.newscorpaustralia.com/akam/13/ Frame 2B4F 		0
0
VQcC
login.newscorpaustralia.com/5iYtFDHB/D_P/GF-/n3RC_e97K5/7t3iNctNzcJ1zE/MmxYFhMB/JzIyUEpq/ Frame 2B4F 		0
0
sec-4-0.css
login.newscorpaustralia.com/_sec/cp_challenge/ Frame 2B4F 		0
0
sec-cpt-4-0.js
login.newscorpaustralia.com/_sec/cp_challenge/ Frame 2B4F 		0
0
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		295 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=DOog3XtiRyOXk/GUgpfzFPv25+A=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.154.245 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-154-245.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d30b444a315cff1289e954a6a286d6224e9f8896488849b072e57e45a9e4f980
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
strict-transport-security
max-age=600
last-modified
Mon, 14 Aug 2023 03:43:22 GMT
x-amz-cf-pop
AKL50-C1
etag
"865a09f834a00fc528ae61fdd59b24de"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=11
accept-ranges
bytes
x-amz-cf-id
cIEOhheN31g1hVSSKvVVMz1oJu6p95bQFFSUaq2pUyxyZUUIU16tIA==
content-length
82230
supply-feature
hk-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/supply-feature?route=HK:HK:V&tvi48=10143&lti=deflated&ri=d13e06f22e952569aa0bb796ff3c0f6c&sd=v2_ba6e694676ce172c720459b907fde6d8_6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689_1697612041_1697612041_CIi3jgYQgPNHGIuWwIy0MSABKAEwEDiu_QZA9oUQSIf08QNQ____________AVgAYABooKCVq-PzhYw8cAE&ui=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&pi=/&wi=873729681997272865&pt=home&vi=1697612040971&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%220.1875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A54%3A01.617&id=2100&llvl=2&cv=20231017-7-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 18 Oct 2023 06:54:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
social
hk-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=HK:HK:V&tvi48=10143&lti=deflated&ri=d13e06f22e952569aa0bb796ff3c0f6c&sd=v2_ba6e694676ce172c720459b907fde6d8_6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689_1697612041_1697612041_CIi3jgYQgPNHGIuWwIy0MSABKAEwEDiu_QZA9oUQSIf08QNQ____________AVgAYABooKCVq-PzhYw8cAE&ui=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&pi=/&wi=873729681997272865&pt=home&vi=1697612040971&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2Fwp-content%2Fthemes%2Fnewscorpau-news-dna%2Fdist%2Fimages%2Fapple-touch-icons%2Fheraldsun-apple-touch-icon.png%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=14%3A54%3A01.682&id=8356&llvl=2&cv=20231017-7-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 18 Oct 2023 06:54:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
comments-count
mhr.talk.news.com.au/api/v1/ 		114 B
408 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=3263c099699702e590780dac3a0e7a7a,%20f4c9c9f4ed4a78971c6586c9f8fc33a3,%2030d6da23d0a3d18d1a4dbca0c8e24bf9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
952ff5cd031265cc71263d3aaa97efce52950505dac22a4f11769de28a1c661a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 18 Oct 2023 06:54:01 GMT
server
nginx/1.20.1
etag
W/"72-S9LZnLGg/LzP09g11SR5Mwr1UlI"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
eae18100-6d81-11ee-96df-c3d93c924561
content-length
105
x-xss-protection
1; mode=block
5b4847c92b02a618d808e3ee0a769ceb70bdcc3597a8
bedsberry.com/54930e94/ 		284 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/54930e94/5b4847c92b02a618d808e3ee0a769ceb70bdcc3597a8
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
240380d6d8a4d144299dbc440998abc87b6cac8f7b4e2f3f676c56bca9910e1d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 18 Oct 2023 06:54:02 GMT
via
1.1 google
x-buildnumber
1033761249
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-test-vdsz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Wed, 18 Oct 2023 06:54:01 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=Bsfu7NCNd2tnBhEDf0&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=15537&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2F&b=8683&t=D-aVoCok7OEBre-dhYJDi-Ciy2Sj&V=141&i=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=-480&_acct=anon&sn=1&sv=o4pYQBgJeNpBrZH14zJHbfCbHn6&sd=1&im=067b0ff2&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.220.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-220-158.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 18 Oct 2023 06:54:03 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=985957851105.8802?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 10:46:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
72468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 10:46:15 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrrgbMteqiVD3wTab0c43z5OfAQkrtHrouxQxvcnP_ivwpxBICvbGzKs2UswevNzp2z4qKWekC82zM01IQlZaBpLXDV7LWwOQ7cI0tbXfVcCwqpeQHao0Am3IyDIHST-SCc0Xm1OTqeYHVOkFMrmiu2F8&sai=AMfl-YRpraYKlZSupLBNHCB1AKWirWcDXrd44-n_S9O4Ppf_c_I8G_-TT3TVQkpIKoa4FyHznAY-bPp9RrmsWa0&sig=Cg0ArKJSzNPGQyPC3BlLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20231011.67972&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=985957851105.8802?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 18 Oct 2023 06:54:02 GMT
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1697612042169
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/v2/metrics.vendors.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.13.17.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-17-63.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
af02115ba04348eec87006efd98181d9ecf9c6a584bd5983c6dd517d9e908929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v048-0c60d363a.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
dwas1h0HSd0=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1557
Expires
Thu, 01 Jan 1970 00:00:00 UTC
bundle.min.js
browser.sentry-cdn.com/5.30.0/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Requested by
Host: js.sentry-cdn.com
URL: https://js.sentry-cdn.com/519f906c1f4542ddb7a1adc462f9ab28.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
419fd4b1560b1de01564ef05fea5d689bf3e9881c4ecd923c41ef8a417588cfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 13 Jan 2021 11:56:10 GMT
server
Fastly
age
31271352
etag
"04b019bffe49eb67f99f006a2571cc0e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20120
expires
Wed, 08 Jun 2022 09:57:34 GMT
384959879014125
connect.facebook.net/signals/config/ 		138 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/384959879014125?v=2.9.134&r=stable&domain=www.heraldsun.com.au
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
10121f3de73f9a1f64ae2569f72f54f3edf62acf3d9a072e5b7a881c4d0cea6f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Oct 2023 06:54:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36574
x-xss-protection
0
pragma
public
x-fb-debug
RqAzlao46kzz3tpXDGDa8JvXMp9n96e1D/6byubZo5I1cxIqhP0SmHQppbkgDAN1V+Xlh77F+WtShXONJwtTCA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		64 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
6c7c0f2be8f7acb79c13f762e2e682d6bfd0eda5ea61a787503f517b0e95cb58

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:02 GMT
server
AkamaiGHost
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=0, no-cache
content-length
64
mime-version
1.0
expires
Wed, 18 Oct 2023 06:54:02 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
b7631a27c26edb85d615ec2a08a342f22ac458a2a54505babaa7eb448c87c3dd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Wed, 18 Oct 2023 06:54:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=ViewContent&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1697612042339&sw=1600&sh=1200&v=2.9.134&r=stable&ec=1&o=30&fbp=fb.2.1697612042335.226121314&cs_est=true&est_source=2353117768323382&ler=empty&it=1697612042209&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 18 Oct 2023 06:54:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1697612042340&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.2.1697612042335.226121314&cs_est=true&ler=empty&it=1697612042209&coo=false&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 18 Oct 2023 06:54:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
fixturesandresults.json;from=2023-10-15;to=2023-10-25
statsapi.foxsports.com.au/3.0/api/sports/basketball/series/9/seasons/63/ 		11 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/basketball/series/9/seasons/63/fixturesandresults.json;from=2023-10-15;to=2023-10-25?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.130.38 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-130-38.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
ff773f94fcb1b41b92e26bebeb6952f4be8cec12fbcd1e1dfcbaed1262684816

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
3669839 13380112
access-control-allow-origin
*
cache-control
max-age=2
accept-ranges
bytes
content-length
1263
fixturesandresults.json;from=2023-10-15;to=2023-10-25
statsapi.foxsports.com.au/3.0/api/sports/afl/series/4/seasons/128/ 		16 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/afl/series/4/seasons/128/fixturesandresults.json;from=2023-10-15;to=2023-10-25?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.130.38 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-130-38.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
da59296d163a649e5c68a3a0e46036887ba9becafd08ae618b02e6f064d54655

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
13036940 14499042
access-control-allow-origin
*
cache-control
max-age=0
accept-ranges
bytes
content-length
1775
fixturesandresults.json;from=2023-10-15;to=2023-10-25
statsapi.foxsports.com.au/3.0/api/sports/cricket/series/1/seasons/295/ 		20 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/cricket/series/1/seasons/295/fixturesandresults.json;from=2023-10-15;to=2023-10-25?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.130.38 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-130-38.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
2fbf272e16d26dff99cb3eeeec27495c4d6b52068337eeb3967122dea7dc7ce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
14461598 14397311
access-control-allow-origin
*
cache-control
max-age=1
accept-ranges
bytes
content-length
1673
fixturesandresults.json;from=2023-10-15;to=2023-10-25
statsapi.foxsports.com.au/3.0/api/sports/football/series/1/seasons/138/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/football/series/1/seasons/138/fixturesandresults.json;from=2023-10-15;to=2023-10-25?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.130.38 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-130-38.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
1ad0fc40a2a697471e389304424760c5f7afcb565bfdc41e1e228b85a4f76d1d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
13552724 14174828
access-control-allow-origin
*
cache-control
max-age=0
accept-ranges
bytes
content-length
1040
fixturesandresults.json;from=2023-10-15;to=2023-10-25
statsapi.foxsports.com.au/3.0/api/sports/football/series/9/seasons/138/ 		11 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/football/series/9/seasons/138/fixturesandresults.json;from=2023-10-15;to=2023-10-25?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.130.38 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-130-38.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
4fddb9d642477918f2e9ac7daf14342fac8bff5ba59a81bf95820a564ca05ad6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
3669837 12402950
access-control-allow-origin
*
cache-control
max-age=2
accept-ranges
bytes
content-length
1369
geo4.js
cdn3.optimizely.com/js/ 		308 B
790 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.optimizely.com/js/geo4.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.69.168.60 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-168-60.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0fa983167775a01cf77abe9b27e11c3c6e56b08b5925e6fa591f46735836f493

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
Date
Wed, 18 Oct 2023 06:54:03 GMT
Server
AmazonS3
x-amz-request-id
BGANAMBQYA77GZEQ
x-amz-server-side-encryption
AES256
ETag
"8777c006589ecabfa3d63a6b5bf24393"
Content-Type
application/javascript
Cache-Control
max-age=74689
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
308
x-amz-id-2
Ja38zxcLwBv+trFwUFPkLtGU4+/pNVQpmD9OUby1kaoCdeRTc5C8IziovMj2iWjUuKd+Jxe3Zxs=
a20352597942.html
a20352597942.cdn.optimizely.com/client_storage/ Frame 5E6D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.15.147.149 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-147-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3549b815d9719a19ca8d18b6589b4cfc3c211d3fd08cc1524d16434668bcb240
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
913
content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 06:54:02 GMT
etag
"659018750bdc6cd9a39eadf0de835bf3"
last-modified
Wed, 18 Oct 2023 06:26:11 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="47";dur=0,cdnip;desc="23.15.147.149";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1697612042688_3092707975_673476789_35_1615_47_99_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
wfkNyDPcx4lw/YRdnPB8bZc6XvgsQ2e8Jq8KHSzq62ZP9g6i8Uho9CDYMSMkyF+qQk9hzqddIAI=
x-amz-meta-pci_enabled
False
x-amz-replication-status
PENDING
x-amz-request-id
GBJTFVT8EPBR06D4
x-amz-server-side-encryption
AES256
x-amz-version-id
phj0VmokT.KFx2hC3QXmi.k7BHFSrcOh
bulk
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?tvi48=10143&route=HK%3AHK%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
245
date
Wed, 18 Oct 2023 06:54:02 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
239961
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-bne12527-BNE
pragma
no-cache
server
nginx
x-timer
S1697612043.572503,VS0,VE245
content-type
image/gif
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
017a6942f7ddbc31e6e8cb41c1b7ca5a9077bc53adc790a84c02dc45591c8215

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 18 Oct 2023 06:14:38 GMT
server
cloudflare
age
2364
cf-polished
origSize=59302
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLSkEWlJfy6srPoi3i4Uiyougy2DNAwO5wgpSOO5ahsSmkImYUi4gRy4IVKokMAIB3NbIcOLY4FZIV8OxR6lwGGtVMoPMwTfRcdlDjqZPBE8YLInJoF2KPHF8sFTWBM%2FjTpI01Gi"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
817ede220e551f69-MEL
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
/
geo.privacymanager.io/ 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-107.mrs52.r.cloudfront.net
Software
/
Resource Hash
52024c00d02e08cceb375c074033497d177dc505d8f051268705ce6c41a25ed7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 01:11:50 GMT
via
1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront), 1.1 13aef3f55bc3a4a368fbb7587180bcb4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, MRS52-P4
age
20533
x-amzn-requestid
6ed588d1-b1c0-4a70-bff6-374d21eb0539
x-amzn-trace-id
Root=1-652f30d6-722f05cc78876ca43f14fc9b;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
M-SRjFmcjoEECVw=
content-length
30
x-amz-cf-id
AJdBAY40H_kHOcKzqofcfNM9UV9j6sOKMahrZ1fkoADu0PhxW3fqoA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.16.168 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-46-16-168.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f5647c47fb1b581202f34328775140b59a860d678f541caf98adf2e3d48900f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
k64MDc8HRylngpIIqmLPVTrZUF7Q9tKd
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:02 GMT
last-modified
Mon, 31 Jul 2023 02:13:44 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P4
etag
"1cace6cc49d6432004661d16654e37f7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=264
accept-ranges
bytes
x-amz-cf-id
kMKy1xW1MWLPLyQmhlCOIq6llkwqlfqWP8Egk91Z-OFzWzutO6UzrA==
content-length
1278
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/ 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 04:51:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
7369
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134870
x-xss-protection
0
server
cafe
etag
11169537383484699631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 04:51:13 GMT
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.24.70.96 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-24-70-96.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Wed, 18 Oct 2023 06:54:02 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		0
0
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame F2B3 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-80.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3b029951e626e7d3123a1f25886db28f5ea4f32d1e80491a3b8c8c51f13f5c9

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
3193
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 18 Oct 2023 06:00:51 GMT
ETag
W/"fbee957879301d939e1c5ea8e01d09a8"
Last-Modified
Tue, 16 May 2023 02:16:02 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 5e28bc713b3439ab2d031400bb99f2a0.cloudfront.net (CloudFront)
X-Amz-Cf-Id
zkCwQvI0xup2hUx8iPl1_tKS1lOTEBoL6NPy3xKhSvV1pE9OsUyGHQ==
X-Amz-Cf-Pop
SIN52-P1
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256
lookuplist
au.audience.newscgp.com/ 		108 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=4539fe69f634b58ebe902d6108b8f203&&bust=16976120425890.15492283298635012&errors-in-body=1
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-119.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
befbb0a49033380440ad4e70e1450ae1a902b23a87dcc2580ed224cc88561b35

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:03 GMT
via
1.1 f6a003d0ac39dd4960506f9ca113dde8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
108
x-amz-cf-id
-ghuxvyZq_wDpsk7QKPleEY3quVGF8c91sylFabALmSsCtpwGWcJpw==
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1697612042601&id=t2_vrvmwxuz&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=1ec80833-10f7-4f8d-b886-54500767cf7c&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:03 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
336e6b5d8ca91a4fd32917d886b0ff8c140a5b1600dd8
bedsberry.com/2d304ce/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/2d304ce/336e6b5d8ca91a4fd32917d886b0ff8c140a5b1600dd8
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 18 Oct 2023 06:54:02 GMT
via
1.1 google
x-buildnumber
1033761249
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-test-vdsz
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 18 Oct 2023 06:54:02 GMT
via
1.1 varnish
x-amz-request-id
YR1J89C6THQTF3AP
age
24641
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
DFDldYcdbEV3W8F7plyf09jBgKGCufD6ANDL0vJ4dDRB8D7H65O2Hnkh2yORrSHIXYk5WxZWYx8=
x-served-by
cache-bne12527-BNE
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1697612043.669563,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
4
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
12309
c.js
collector.brandmetrics.com/ 		0
188 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au&rnd=6839025
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Request-Context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Date
Wed, 18 Oct 2023 06:54:03 GMT
Content-Length
0
Content-Type
text/javascript;charset=utf-8
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=c2a33047d9df4c36208e779bbe573bad&timewithTz=2023-10-18T06:54:01.113Z&country=au&newsconnectId=&fpid=4539fe69f634b58ebe902d6108b8f203
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.153.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-153-218.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		199 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-80.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
Aabpvbg3ktgBmwIqp1b4kZ3V88L5QhMx
content-encoding
gzip
via
1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront)
date
Wed, 18 Oct 2023 06:04:39 GMT
x-amz-cf-pop
SIN52-C2
age
2964
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 06 Sep 2023 13:04:53 GMT
server
AmazonS3
etag
W/"2be1fe7a43ef5ba626afab2ceddfc177"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
q7RABXbEeq2f0OJy86RWrkIfVJL22nwLyTMDzMhGlk-nBc7lsytX5Q==
alw.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/alw.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ba97fdb79551ec612f180093a000ae30f31ac9b2e82304a771ea5b502aa09352

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
last-modified
Tue, 17 Oct 2023 00:03:34 GMT
server
AmazonS3
x-amz-request-id
G79AJJNXRRWN94F6
etag
"d71494b494b70d4354daafc27389780c"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=592147
accept-ranges
bytes
content-length
25676
x-amz-id-2
F5db3xJePejWYAnPAwg+js9sWEfB/PQHKlJn2GQZEm8rJYiqY2xvalSW3U3oOe7ZF6njFLH4jBk=
expires
Wed, 25 Oct 2023 03:23:09 GMT
afl.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/afl.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b5d354f1ff2b84dc02b7f1679bab76c7f7424a3b78948785e1ef5580fd379ad9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
last-modified
Wed, 04 Oct 2023 03:59:12 GMT
server
AmazonS3
x-amz-request-id
RVFWDXM3P58D6G9S
etag
"0ce93965d72d3a303c54b0987e4f8fea"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=473647
accept-ranges
bytes
content-length
31470
x-amz-id-2
XGL5xRVbkwDRvqZ5tRK13FztSAPaD3sf6ydjzPmAv6qJR6rsab7aH5CF1jdytgBZDY9kaKLRmW8=
expires
Mon, 23 Oct 2023 18:28:09 GMT
nbl.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/nbl.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1c21be9db4a5aa36ef2488085f60682b852099e863f6b9d87647f17761cf9e3a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
last-modified
Thu, 05 Oct 2023 03:17:45 GMT
server
AmazonS3
x-amz-request-id
0BDC0P5HNE46D4QS
etag
"801ad54b871f51617ce7c6016ea8f2f1"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=557675
accept-ranges
bytes
content-length
27842
x-amz-id-2
5y0sl2ljq1Dqk+1+4MWkzvH6Z9W/OfdeeyAHnp0ms2YGewHi+OdmgJ9VZV6nVQxcyae7dAz0eFI=
expires
Tue, 24 Oct 2023 17:48:37 GMT
national-flag-eng.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/ 		1 KB
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/national-flag-eng.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7f4ca846fafb32edc5a2ad4f21a03313523b9693071fa849429b10de5002abb4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
x-amz-request-id
J5MMTB96ZC4Z3RRF
x-amz-server-side-encryption
AES256
content-length
519
x-amz-id-2
Kkia//cPnXotT4RMipHCrtkFh09PKE+XN68cSyEDPih9v28xfMUt0HxkbaSFgjrUwZPvhx0QSXk=
last-modified
Wed, 15 Mar 2023 00:26:21 GMT
server
AmazonS3
etag
"eae3949bd8c28a63b53e11c05045f853"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=183854
accept-ranges
bytes
expires
Fri, 20 Oct 2023 09:58:16 GMT
national-flag-afg.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/national-flag-afg.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0a16fc1fe8cf0f316d5227da439b24fe68b42f09efbe67def46df8cefd644e69

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
x-amz-request-id
3BE57WC5SBPBHWHP
x-amz-server-side-encryption
AES256
content-length
677
x-amz-id-2
u0LaXSh1ZSyNHQ8T6y8SwIK2XCHEY9SW88U20SI1gNYMfAdzEnXeboasYCfNvW3oZh32YFr84yU=
last-modified
Wed, 15 Mar 2023 00:26:39 GMT
server
AmazonS3
etag
"e287a0c3aa41b0a7ea3a9ed4f42139a8"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=201094
accept-ranges
bytes
expires
Fri, 20 Oct 2023 14:45:36 GMT
national-flag-aus.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/national-flag-aus.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a03fac118f9129a069b48741907b495ae22df0be7d2434fa5b8b65e07323d71a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
x-amz-request-id
J5MWH7T793KNZ1EE
x-amz-server-side-encryption
AES256
content-length
1269
x-amz-id-2
38GOdsW4H0IMxFLAvXJl4TFrgzLx0YNjj4/ieApV8KnH9HPkk5mLDOJDh79J5EBqG/KYCjd4e7k=
last-modified
Wed, 15 Mar 2023 00:26:40 GMT
server
AmazonS3
etag
"b35a142d7a9bbaef9c797cc7f4715d2d"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=331348
accept-ranges
bytes
expires
Sun, 22 Oct 2023 02:56:30 GMT
national-flag-sri.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/national-flag-sri.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e620105de5910d31b2e7e1576c15461f328c5eb21952be34ba82840d94dba99c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
x-amz-request-id
1ZEX7H2CTS6Z381Z
x-amz-server-side-encryption
AES256
content-length
861
x-amz-id-2
X4rycuK5iaHkSPEGnEzsFrNb7swn53DHoudalT0mfNSL5qwnLeOhIEy02be30R9awYgfqfeAZe0=
last-modified
Wed, 15 Mar 2023 00:26:05 GMT
server
AmazonS3
etag
"0cbb81606721087a6055f4a2b576583b"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=323755
accept-ranges
bytes
expires
Sun, 22 Oct 2023 00:49:57 GMT
national-flag-rsa.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/national-flag-rsa.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a5d1f2f1cc530b57aa799d659c6347a6b12963f2c0f61319a3230dc6e092e29e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
x-amz-request-id
J5MSCREFVF5CYTF3
x-amz-server-side-encryption
AES256
content-length
744
x-amz-id-2
EakyZk6hHNzM8MQLt3dNVk1gI5dXNghpXZvOKdaVE2670BjgSSLjGm3q9cws1UTNdKxoBZqBNt8=
last-modified
Wed, 15 Mar 2023 00:26:02 GMT
server
AmazonS3
etag
"8dc488566a008ebb949ee6a1d7cbf8ca"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=412963
accept-ranges
bytes
expires
Mon, 23 Oct 2023 01:36:45 GMT
national-flag-ned.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/ 		801 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/national-flag-ned.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
06d25f63ebc6840c2a733d79a5737727daaeac1ee374dd408e59deafbf84df15

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
last-modified
Wed, 15 Mar 2023 00:26:09 GMT
server
AmazonS3
x-amz-request-id
XDSCEZNJN1KEG8CG
etag
"ebcd669e6540a2f9500d9af1847d37f2"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=408749
accept-ranges
bytes
content-length
801
x-amz-id-2
YAv8MjCzqeE6rB2wPtWsEnOhHPwL4B497frEeiC15YmN6T5ako96DsOhFbspyqxdD8xfsYOP+VI5pDHWuWPAoQ==
expires
Mon, 23 Oct 2023 00:26:31 GMT
national-flag-nzl.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/national-flag-nzl.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
828a33592bfbae32fbbd33b9fa7b0055aece56f5b4f079bd94f15844207a191f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
x-amz-request-id
J5MPGPMFM617WFYP
x-amz-server-side-encryption
AES256
content-length
971
x-amz-id-2
Wc2XTpJn7Ea2TrrS0M0PsnbwIuYfl6V6ZEcf1wTglJ06PkpW/fDHhRxbLZlwXVgTXjYDcgjemtU=
last-modified
Wed, 15 Mar 2023 00:26:11 GMT
server
AmazonS3
etag
"262bdd4f75de613838ce6d03877d08dc"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=265419
accept-ranges
bytes
expires
Sat, 21 Oct 2023 08:37:41 GMT
national-flag-ind.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/ 		1 KB
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/national-flag-ind.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d0dbbc7229e0686fdf3dbe9c02c01eacf97d939d84f8eb6d37cbd1648bad9e43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
x-amz-request-id
J5MGAERGP9A8B3MM
x-amz-server-side-encryption
AES256
content-length
546
x-amz-id-2
/z+4lEBkwk6jLtvtVPtGVF5hTWwNUDp2EFk5H32DWMD0JxPeicLYzcbuY+DBXULEfnH3Bow1l58=
last-modified
Wed, 15 Mar 2023 00:26:25 GMT
server
AmazonS3
etag
"16fcb0a65275b629acee04b56a7279b4"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=412977
accept-ranges
bytes
expires
Mon, 23 Oct 2023 01:36:59 GMT
national-flag-ban.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/ 		620 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/national-flag-ban.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
57a7b2d3d6bb99ce228a6ebb8738c6eb7195fd54a64d2002139bdc6153eba687

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
last-modified
Wed, 15 Mar 2023 00:26:28 GMT
server
AmazonS3
x-amz-request-id
Q2FVH1VW73S4GT2T
etag
"32e1ddfaf1bfcbbf3a2a9d1d0984e391"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=544625
accept-ranges
bytes
content-length
620
x-amz-id-2
npg8cNja7QWog1cDJ/Uys7bVbplChqou4kJCYK6gc6lBVnj2Kc7cKdWhP6KtX3z3y6B05dKt/pA=
expires
Tue, 24 Oct 2023 14:11:07 GMT
national-flag-pak.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag/national/national-flag-pak.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1a2f3549b56ae7a38c3ebe16e9dd1184c81d549695e6c563f8e0eeb31e2ec64c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
x-amz-request-id
KSKAHZVZRJ3X3SF9
x-amz-server-side-encryption
AES256
content-length
783
x-amz-id-2
kLd1UfX7r9F1y/TY6inbuSClCYNKd1YEWqejaWln20FBnqvb0Q7HGBd9NpiifFoKYGHdYXRCuq4=
last-modified
Wed, 15 Mar 2023 00:26:12 GMT
server
AmazonS3
etag
"e5c8018001f52dd85d12c70f4eefb635"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=334662
accept-ranges
bytes
expires
Sun, 22 Oct 2023 03:51:44 GMT
alm.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/alm.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
12a3170ec516303dd7108508ec6c5b44d8fc14f906a72e03fa65771199e37b5d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
last-modified
Wed, 04 Oct 2023 23:49:51 GMT
server
AmazonS3
x-amz-request-id
HXCMWRAQJ5ZXMCPJ
etag
"e5db01249e0c1fafb663e0c9bd8fc134"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=534604
accept-ranges
bytes
content-length
25554
x-amz-id-2
IOHo8eO98kBPLaFI4+ACgx9Dtw5lUMYAm8jnUrgl/qEsf9u9OB++ptBwD6hDl+vI3bqVp1ajh4g=
expires
Tue, 24 Oct 2023 11:24:06 GMT
main.MTEyYzFhMzhjMA.js
analytics.tiktok.com/i18n/pixel/static/ 		370 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CH8A5OBC77UEFTNV5O50&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.235.74 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-235-74.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
49b93c833617a437b5b14a4e3ac687b49b6920d126dfd7be76bacf546fe63d78

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id
e2cf389
date
Wed, 18 Oct 2023 06:54:02 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231017111609F33A72057228BABB9AB6
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a184-28-235-70.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01498aa187a0f8501f66c60e36058bf1bfd09cd0596dcaf411504f650d87735e50446ca9cb462776161d7d0bede27f1deb805aaf2556dd94065700dbff4294c7a2218314c554d6b143e5844c7c1a62bf31a428a0d0f5e63bd5ce73bfef7a34f23c
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
100733
hit.gif
au-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1697612042834&pvs=1&pvid=12716c3f-d6ba-457b-9f6a-c13163a4a59f&c=true&tzOffset=-480&doorUrl=http%3a%2f%2fau-script.dotmetrics.net%2fdoor.js%3fid%3d13062
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-56.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:02 GMT
dotmetrics-hit-status
01 OK
via
1.1 0676a5fe6935c768360b164abce6620e.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
CiueZz8RsiabCItsFDDX1kc_DZyGk7YyY3I5B63e18XML8UuYKkuPQ==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1697612042834&pvs=1&pvid=12716c3f-d6ba-457b-9f6a-c13163a4a59f&c=true&tzOffset=-480
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-18.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 21:25:22 GMT
via
1.1 e947961d46d4aa161784258339d7564e.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 12:25:02 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
34122
x-amz-server-side-encryption
AES256
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
tLJjdxkcrxi1iH7YXTfUj8k4TvidAuxDtxo2o5UxzG3CipIJUNDlbg==
Serving
bs.serving-sys.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=2764211096598103482&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D1713754711273826621$$&ns=0&rnd=7539205291&uinadv=%7B%7D&ccpastatus=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.15.105 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-15-105.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
83e6ca60b046d39bf2bd8e9a4ba1c5e3a005b0f5c3d1f0aeacf8a5b747d28d1a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:03 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
2120
expires
Sun, 05-Jun-2005 22:00:00 GMT
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 3EEA 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-80.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1276
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Wed, 18 Oct 2023 06:32:46 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 06 Sep 2023 13:04:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront)
x-amz-cf-id
Yy02xK8S-5Shn1APqLcXEB6J0eJ_RtfAiOzkVv_HLJ5x5bkVTpzBrQ==
x-amz-cf-pop
SIN52-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
CTbRZ.5UlARhD4XceMUpZU1V6DSHtB37
x-cache
Hit from cloudfront
/
geo.privacymanager.io/ 		30 B
612 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-107.mrs52.r.cloudfront.net
Software
/
Resource Hash
52024c00d02e08cceb375c074033497d177dc505d8f051268705ce6c41a25ed7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 01:11:50 GMT
via
1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront), 1.1 13aef3f55bc3a4a368fbb7587180bcb4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, MRS52-P4
age
20533
x-amzn-requestid
6ed588d1-b1c0-4a70-bff6-374d21eb0539
x-amzn-trace-id
Root=1-652f30d6-722f05cc78876ca43f14fc9b;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
M-SRjFmcjoEECVw=
content-length
30
x-amz-cf-id
NLC3CxlTL_OeY57XPJfXHo7hN_Pl5RCsPi6MNQkOzvGXeOJ_V4WZKQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
script.js
au-script.dotmetrics.net/Scripts/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=239
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13062
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-56.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
7424e70124580f63f1a7cf513fb39a23265dccf61c7de2e062ed8e197cfd9455

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:03 GMT
content-encoding
br
via
1.1 0676a5fe6935c768360b164abce6620e.cloudfront.net (CloudFront)
last-modified
Tue, 17 Oct 2023 12:23:24 GMT
server
Kestrel
x-amz-cf-pop
SIN2-C1
etag
"1da00f4b93390bd"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
RQzPGM7EwBzlpH85BfABmuH9alFYNVcyZBjwG54JNG1UEobmqED4Sw==
pub
pixel.adsafeprotected.com/services/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.90%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600,160.600,120.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x90-1,ss:%5B300.90,315.90%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=d204036d-b8c8-b11b-01e9-45cbe8b3b5f7&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.228.74 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-228-74.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b35725d4ad3cb0e0c6b51c1954687211b2bcd9205b2422f90e5244faa18ef6a1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:18 GMT
server
nginx
x-server-name
app06.sg.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/ 		139 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfea5e5db4c526a9c86debd0154807b4eaddf36281a55cb3f622e441e5054dc1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Oct 2023 11:34:12 GMT
server
cloudflare
x-amz-request-id
FFMPA01A7NCJS1TQ
age
2095
etag
W/"e5bbc80dac7ff8597f5b639831f48d87"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
817ede254bc15c10-SYD
x-amz-id-2
WWRjdobWV5QGLQ2OhvTtwe352i5XLavqbs72wIgkOAnrEE+t7AZB+St/TK53Rf16BqzqQSnYKZc=
701.json
id5-sync.com/g/v2/ 		635 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
89081edf3192c54afbbdc32b320a1b0c5edab477d9d12d07e4a3f9146bbeff9f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Wed, 18 Oct 2023 06:54:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
validate
assets.vidora.com/v1/ 		0
299 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-7.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 18 Oct 2023 06:54:03 GMT
via
1.1 25a6a41477f0a4b161961d1300fb0714.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
egYdFlGQlKcH62v9EwSrxPt55mMPWTxZbNtjhfbA3M3sos2bX-FjUg==
expires
Wed, 18 Oct 2023 06:54:02 GMT
identify_6291e.js
analytics.tiktok.com/i18n/pixel/static/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_6291e.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.235.74 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-235-74.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
92e48936531fc7dd51fa4799d53b25be293b2a198bee7b434d269bb2518d709f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id
e2cf482
date
Wed, 18 Oct 2023 06:54:03 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231017075426546CD91E526973FB1345
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a184-28-235-70.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01dd13440f5c030fe52421bcdc73a124bdec2d254f09c7cd63d41a4267bc2bd8de9c0a6c15877a3b2467ba40511b230574cb0e3bc8820363bc30e7ecb77a11d48a132cbe181e59f202745fc19d7dcd73c9c0d1ffc5b7fbcb98bb1d0f9ca9aebbf6
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=4
content-length
36102
pixel
analytics.tiktok.com/api/v2/ 		0
788 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.235.74 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-235-74.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
b66c7a6e.e2cf4c7
date
Wed, 18 Oct 2023 06:54:03 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-28-235-70.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time
253,184.28.235.70
server-timing
cdn-cache; desc=MISS, edge; dur=225, origin; dur=33, inner; dur=31
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023101806540384C5F2D71CD27773158B
x-cache-remote
TCP_MISS from a23-222-0-218.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
34,23.222.0.218
x-tt-trace-host
015cb514834b804badc73d964a00b03807c68bc25afc96155784527dd1c4b1832439d0a883117a186dd0b1eb61d312b1f5141e3d6deec4d45ab032d9192981816f500233f453d65911cd159b35b5636f021e52f812403cc2001c2b3ac81074cde6a9259ed9d78da03f21b7e4ae81cde9b4
access-control-allow-headers
Authorization,*
expires
Wed, 18 Oct 2023 06:54:03 GMT
prebid
ads.playground.xyz/host-config/ 		0
0
pbjs
htlb.casalemedia.com/openrtb/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		478 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
60493bfd3fc6b0926963fee86b9dbd4621e753cd1bc556c8bb27be4c7787b985
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:04 GMT
an-x-request-uuid
4b57604a-c9a4-4a8f-ba7e-51fbc5ec13af
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
103.107.197.109; 103.107.197.109; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
478
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
v2
mfad.inskinad.com/api/ 		0
0
cdb
bidder.criteo.com/ 		0
0
dest5.html
newscorpau.demdex.net/ Frame AB11 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/v2/metrics.vendors.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.212.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-212-50.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-1-v048-09009098e.edge-usw2.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ygZK5fv9Qh8=
content-encoding
gzip
date
Wed, 18 Oct 2023 06:54:04 GMT
last-modified
Mon, 9 Oct 2023 09:24:08 GMT
transfer-encoding
chunked
vary
accept-encoding
id
newscorpau.sc.omtrdc.net/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newscorpau.sc.omtrdc.net/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=76180016419598553491257014746410589638&ts=1697612043274
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-14.data.adobedc.net
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 18 Oct 2023 06:54:04 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZS_BDAAAAEfDmQN9
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=76156148949135702871259139842975485148
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZS_BDAAAAEfDmQN9
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZS_BDAAAAEfDmQN9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.13.17.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-17-63.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v048-06440873d.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
sU596EbtTp0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZS_BDAAAAEfDmQN9
Date
Wed, 18 Oct 2023 06:54:04 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
swg.js
news.google.com/swg/js/v1/ 		206 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f100.1e100.net
Software
sffe /
Resource Hash
97ca050a8ef7d59aa49f6be7a75e2c9fdf593d7fa856d2e91d13b16bd9057fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60691
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 19:27:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 07:02:41 GMT
increment
id5-sync.com/api/esp/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Wed, 18 Oct 2023 06:54:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 3EEA 		44 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=nhavisjcaajtog6v4loaiwbgxhpi21697612042&c16=sdkv,bj.6.0.0&uoo=&fp_id=nwkc66kcjubvjlns6jjjs6tpiy5nn1697612042&fp_cr_tm=1697612042923&fp_acc_tm=1697612042923&fp_emm_tm=1697612042923&ve_id=&c30=bldv,6.0.0.673&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.99.23 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-99-23.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:03 GMT
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
nhavisjcaajtog6v4loaiwbgxhpi21697612042.nuid.imrworldwide.com/ Frame 3EEA 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nhavisjcaajtog6v4loaiwbgxhpi21697612042.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-117.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 22:20:03 GMT
via
1.1 a84eb604396158af577c875ac569048a.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
30842
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
U1SEGaDp6PLTZp_0x3VWVV1f026vg85x13hArjcdnjlI5Uh_v7Jk5w==
act
analytics.tiktok.com/api/v2/pixel/ 		0
789 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.235.74 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-235-74.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
a5b3eccd.e2cf5cb
date
Wed, 18 Oct 2023 06:54:03 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-28-235-70.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time
359,184.28.235.70
server-timing
cdn-cache; desc=MISS, edge; dur=226, origin; dur=141, inner; dur=138
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231018065403D8418E3B732CF36DA57A
x-cache-remote
TCP_MISS from a23-222-0-208.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
141,23.222.0.208
x-tt-trace-host
015cb514834b804badc73d964a00b03807c68bc25afc96155784527dd1c4b18324df3f0ea273d2a92124a254a8915abf467b04115d73dffa5d2215618c859d415e4cf6768035b9783fec8eccc1e022c90204db78d9af565edffa317d5221b9a828f02dd21638e60e01457a37f45036edef
access-control-allow-headers
Authorization,*
expires
Wed, 18 Oct 2023 06:54:03 GMT
rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 1A36
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZS.BDMCo5ugAAHVdQTgAAAAA
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZS.BDMCo5ugAAHVdQTgAAAAA
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
46657

Redirect headers

X-SO-Cluster-ID
0
Date
Wed, 18 Oct 2023 06:54:04 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"103.107.197.109","key":"ZS.BDMCo5ugAAHVdQTgAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40094"}
X-SO-Key
ZS.BDMCo5ugAAHVdQTgAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40094
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZS.BDMCo5ugAAHVdQTgAAAAA
Cache-Control
private
X-SO-HostName
a-ad40094.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
8
Content-Length
0
X-SO-LB-Hostname
a-tgng40017.dc2p.scaleout.jp
X-SO-IP
103.107.197.109
/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame 1A36
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=d630655c82a6490e9b...
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=d630655c82a6490e9b15ff833fd2cd8e
0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=d630655c82a6490e9b15ff833fd2cd8e
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
50545

Redirect headers

location
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=d630655c82a6490e9b15ff833fd2cd8e
date
Wed, 18 Oct 2023 06:54:19 GMT
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 1A36 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 1A36
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LNVEDPLV-1V-6ID3
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LNVEDPLV-1V-6ID3
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:05 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
46661

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LNVEDPLV-1V-6ID3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Expires
0
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 1A36
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-_zmADxhE2oQLqGTUMYWorbM_89PvcjC9lYRaOA--~A
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-_zmADxhE2oQLqGTUMYWorbM_89PvcjC9lYRaOA--~A
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
46656

Redirect headers

date
Wed, 18 Oct 2023 06:54:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-_zmADxhE2oQLqGTUMYWorbM_89PvcjC9lYRaOA--~A
content-length
0
/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame 1A36
Redirect Chain
  • https://trace.mediago.io/ju/cs/taboola
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=f85ea035a1d1d50b2kgzqz00lnvedoy8
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=f85ea035a1d1d50b2kgzqz00lnvedoy8
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
46666

Redirect headers

date
Wed, 18 Oct 2023 06:54:04 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=f85ea035a1d1d50b2kgzqz00lnvedoy8
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
sync.taboola.com/sg/google-network/1/rtb-h/ Frame 1A36
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEPn4QmIL5z3rKI9InglA6A&google_cver=1
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEPn4QmIL5z3rKI9InglA6A&google_cver=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:05 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
46664

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEPn4QmIL5z3rKI9InglA6A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1A36 		42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689:$UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:54:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 1A36
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689
date
Wed, 18 Oct 2023 06:54:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
46656
generic
match.adsrvr.org/track/cmb/ Frame 1A36
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
70 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:05 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
date
Wed, 18 Oct 2023 06:54:05 GMT
server
Kestrel
content-length
167
rtset
bh.contextweb.com/bh/ Frame 1A36 		49 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-AU
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5556fd6f8-9pnc4
expires
-1
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1A36
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%...
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f37b7d12-7473-4718-b579-9cd4215697d8&gdpr=0&gdpr_consent=&us_privacy=
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f37b7d12-7473-4718-b579-9cd4215697d8&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:06 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
46660

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:05 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f37b7d12-7473-4718-b579-9cd4215697d8&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
778669
content-length
0
expires
Wed, 18 Oct 2023 00:00:00 GMT
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 1A36
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&gdpr=0&gdpr_consent=&us_privacy=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&ttl=%%TTL%%
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
  • https://id5-sync.com/c/464/108/5/3.gif?puid=a771e335-d7a0-4f1b-842f-11c04a4508cb&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F4%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F4%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/10/4/4.gif?puid=4904814000705241649&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F3%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipapac.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F3%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipapac.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F3%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/3/5.gif?puid=C6C6D89CDA23006C&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/2/6.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/2/6.gif?puid=7579792736111074373&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F123%2F1%2F7.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/123/1/7.gif?puid=18b41902214-71620000010841c7&gdpr=0&gdpr_consent=
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F821%2F0%2F8.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/821/0/8.gif?puid=5a23f133-cda9-4cb2-be77-81b46cba1ab8&gdpr=0&gdpr_consent=
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-1dacKInXrSjrtQlxPG3cAxwkfnli08VLyEZkv25Hmg
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-1dacKInXrSjrtQlxPG3cAxwkfnli08VLyEZkv25Hmg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
51101

Redirect headers

location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-1dacKInXrSjrtQlxPG3cAxwkfnli08VLyEZkv25Hmg
date
Wed, 18 Oct 2023 06:54:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 1A36
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtabo...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=e865ebed15714a69ad94befdb90c3b6c&ssp=taboola&bsw_param=fa9c87db-9c18-4eeb-ba31-5ce1279365cf&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fa9c87db-9c18-4eeb-ba31-5ce1279365cf&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fa9c87db-9c18-4eeb-ba31-5ce1279365cf&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:07 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
52463

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fa9c87db-9c18-4eeb-ba31-5ce1279365cf&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Wed, 18 Oct 2023 06:54:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 1A36
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=088b44f7-aef4-4413-b2ca-c2c4db70ea3f
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=088b44f7-aef4-4413-b2ca-c2c4db70ea3f&tbid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&query=taboola_hm%3D088b44f7-aef4-...
0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=088b44f7-aef4-4413-b2ca-c2c4db70ea3f&tbid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&query=taboola_hm%3D088b44f7-aef4-4413-b2ca-c2c4db70ea3f&isDirect=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 18 Oct 2023 06:54:09 GMT
via
1.1 varnish
server
nginx
x-timer
S1697612050.583863,VS0,VE105
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-bne12527-BNE

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=088b44f7-aef4-4413-b2ca-c2c4db70ea3f&tbid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&query=taboola_hm%3D088b44f7-aef4-4413-b2ca-c2c4db70ea3f&isDirect=0
date
Wed, 18 Oct 2023 06:54:09 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
51738
xuid
eb2.3lift.com/ Frame 1A36
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy=
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 18 Oct 2023 06:54:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Wed, 18 Oct 2023 06:54:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 1A36
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ee9d2417-42df-07c2-28a2-fb92f9d5960d
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ee9d2417-42df-07c2-28a2-fb92f9d5960d
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:06 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
46661

Redirect headers

date
Wed, 18 Oct 2023 06:54:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ee9d2417-42df-07c2-28a2-fb92f9d5960d
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Wed, 18 Oct 2023 06:54:03 GMT
x-amz-request-id
9KJAWKP6HDQEPCXN
age
3549
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
AEusG8Ohkkd4H7ZEA/l4Qf5kSFuCrldHOMuaczHJJyNc3YOJPBsMu/EDdcryjK3IZmVfg/t9TuI=
x-served-by
cache-bne12527-BNE
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1697612044.517555,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
83
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
3450498
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Wed, 18 Oct 2023 06:54:03 GMT
x-amz-request-id
83T0YP9VJ3QVCZZA
age
22383
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
lt7tR7BIqPPLNxkZwreWd11LlcBEss/o4OGwRAkwqosPthQa397l9awTYTsC9HWwtN43urn7NQc=
x-served-by
cache-bne12527-BNE
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1697612044.517812,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
33
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
185315
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Wed, 18 Oct 2023 06:54:03 GMT
x-amz-request-id
D44MRMZFPCQ9K1XE
age
13235
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
1wp23VXufffgUe6gGhjgZBseD/xKCyMEum9OdPj++1SUUoC4bF7woyWykXaFAm2tHyFXHq1/lss=
x-served-by
cache-bne12527-BNE
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1697612044.517794,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
85
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
50089
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMwNjIsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS8iLCJydXJsIjoiIiwicHZpZCI6IjEyNzE2YzNmLWQ2YmEtNDU3Yi05ZjZhLWMxMzE2M2E0YTU5ZiIsInR6T2Zmc2V0IjotNDgwLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1697612043496
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-56.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
475cc6bd2e4a0658886f527f2420fbcfb869d098cc789914e77c554559f330ac

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:03 GMT
content-encoding
br
via
1.1 0676a5fe6935c768360b164abce6620e.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
vY4FOsAPqhKENUlvo9EwS-2dJ1Iwbx_zQ1z9c4Fci4OdDRMs8rqSHQ==
events
logx.optimizely.com/v1/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.218.40.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-40-90.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 18 Oct 2023 06:54:05 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
da635175-4ecc-4d37-8bc6-44f96610e2f0
/
pips.taboola.com/ 		4 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by
cache-bne12528-BNE
date
Wed, 18 Oct 2023 06:54:03 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689&mbl=ZmFsc2U=
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 18 Oct 2023 06:54:07 GMT
cache-control
no-store
server
nginx
up_loader.1.1.0.js
js.adsrvr.org/ Frame AF0A 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.90.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-90-128.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 00:46:59 GMT
Content-Encoding
gzip
Via
1.1 f6a003d0ac39dd4960506f9ca113dde8.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Aug 2023 20:10:44 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-P2
Age
22025
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
oumnX2TkTFsFOwBEAaebEgOopab4dv348m8Iqje4v3uX31NgzMB87A==
uwt.js
static.ads-twitter.com/ Frame 85DD 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.112.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:09 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 15:55:14 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100040-IAD, cache-nrt-rjtf7700043-NRT
js
www.googletagmanager.com/gtag/ Frame 969C 		192 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
de362ce389744f40e46bf5fae8255a6b0419be273e565ed161c3eeb0dcbaad26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71496
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 18 Oct 2023 06:54:06 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 5D8E 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.90.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-90-128.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 00:46:59 GMT
Content-Encoding
gzip
Via
1.1 f6a003d0ac39dd4960506f9ca113dde8.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Aug 2023 20:10:44 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-P2
Age
22025
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
hlfSQbBiyRYYY1KqxhwWPiY9tKERlCqFBNTOErHh_y3RfpFJQayl4A==
pixie.js
acdn.adnxs.com/dmp/up/ Frame 2D0C 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.183 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-183.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 06:54:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.13.10
X-Akamai-EW-Subworker
8096267
ETag
"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
3340
Expires
Thu, 19 Oct 2023 06:54:09 GMT
activityi;dc_pre=CIT_vNiB_4EDFfpanQkdTfQAOw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8580403197494.931
8228261.fls.doubleclick.net/ Frame B323
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8580403197494.931?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CIT_vNiB_4EDFfpanQkdTfQAOw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=858040319749...
402 B
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIT_vNiB_4EDFfpanQkdTfQAOw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8580403197494.931?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f148.1e100.net
Software
cafe /
Resource Hash
e2412193337a8af2d62f6203b7373e77bb8933d8cee1f5a80953258ba65ddc6b
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
224
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 06:54:07 GMT
expires
Wed, 18 Oct 2023 06:54:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 06:54:07 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIT_vNiB_4EDFfpanQkdTfQAOw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8580403197494.931?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CP-BvdiB_4EDFR9anQkd7Z0HvQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8253341447765.541
8228261.fls.doubleclick.net/ Frame 286B
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8253341447765.541?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CP-BvdiB_4EDFR9anQkd7Z0HvQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=825334144776...
402 B
295 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CP-BvdiB_4EDFR9anQkd7Z0HvQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8253341447765.541?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f148.1e100.net
Software
cafe /
Resource Hash
f3bb6bd707578d2cf3875bc8c31bdc3cea289fad82329be8a452450db41f5758
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
226
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 06:54:07 GMT
expires
Wed, 18 Oct 2023 06:54:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 06:54:07 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CP-BvdiB_4EDFR9anQkd7Z0HvQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8253341447765.541?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame A3CB 		205 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
db6c45790dc4ac5191ffde4001b492e90d53b88671009507106f646eac996fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75334
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 18 Oct 2023 06:54:06 GMT
conversion.js
www.googleadservices.com/pagead/ Frame FAA0 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
cafe /
Resource Hash
811fb3e1699642a4d9a1e61faff7b36984bbd53652fecf4cb4b7aa6cad0d7b4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18646
x-xss-protection
0
server
cafe
etag
8381188637092831176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 06:54:04 GMT
rum
dsum-sec.casalemedia.com/ Frame 058C
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&r=https%3A%2F%2Fmatch.adsrvr.org%2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&expiration=1700204046&gdpr=0&gdpr_consent=
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&expiration=1700204046&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPucOSs5LTX1uIhGEH08SYvfgA6KF8ED1uIehyOm8CxFUkjYiQxW3oTVOztFk5OfDQELUJJyeuUp%2B%2B5l0N6ca1BfAzOc6XY1Zx4Cy7Ns7xC8pOjkbz2OXyuW5HvEuWJsPu9A%2FIgHNm0mYg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede3b19698acd-PER
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&expiration=1700204046&gdpr=0&gdpr_consent=
date
Wed, 18 Oct 2023 06:54:06 GMT
server
Kestrel
content-length
323
px
secure.adnxs.com/ 		0
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:06 GMT
an-x-request-uuid
a45db32e-1279-438f-8403-76ba0dfd8ef4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
103.107.197.109; 103.107.197.109; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:06 GMT
an-x-request-uuid
4482aefe-5160-4afc-83e2-597fbc8eefb3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
103.107.197.109; 103.107.197.109; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f100.1e100.net
Software
sffe /
Resource Hash
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6456
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 21:11:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 07:08:40 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f100.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:39:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
862
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 07:29:42 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame 3271 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=1697612043925&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f100.1e100.net
Software
ESF /
Resource Hash
d63c263b9982cbc03642d6436dd33168ea2c8b2e13f9f0f24ab154016daafa7f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-FxRmKh93Uxl_og8XIkSx7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-FxRmKh93Uxl_og8XIkSx7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Wed, 18 Oct 2023 06:54:04 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
article
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/ 		484 B
693 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/article
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f100.1e100.net
Software
ESF /
Resource Hash
20d3baeeccf48b8aa9138a552f6d3311a710a1049c4e41a0fb6dd4e653dc09fb
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=serviceiframeview,_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1.O/am=AEMa/d=1/ed=1/rs=ABXTjI7c-RgRs4ktXvMoRD4qzdElf55SuA/ Frame 3271 		745 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1.O/am=AEMa/d=1/ed=1/rs=ABXTjI7c-RgRs4ktXvMoRD4qzdElf55SuA/m=serviceiframeview,_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1697612043925&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 04:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 04:56:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/css; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 04:51:32 GMT
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 3271 		0
205 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-oiGf9S3FUgueC8v5dQq_pA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 18 Oct 2023 06:54:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-oiGf9S3FUgueC8v5dQq_pA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AB... Frame 3271 		197 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5ZeaDyvzSW6Y3bpYa_-5VQXHEqAA/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1697612043925&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
18821b3d7d361f9fe83c1a4903572d69cec2013570fe26bf462dc151b4fc772b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 17:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70892
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 02:53:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 17:14:58 GMT
5119
config.aps.amazon-adsystem.com/configs/ 		505 B
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/5119
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-48.sin52.r.cloudfront.net
Software
CloudFront /
Resource Hash
dbf2b38491d95ca0fad4cd2951d8c8eb29ceaee6243f915eb3ec7013b22a0482

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:10:49 GMT
via
1.1 38f7a6091a95b3808d7a0f553df4fd56.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN52-P1
age
2598
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
z693nLFCH2CntGIV2Z_UDUUTO8vwUr3vKOxqKiSdvA1duixpIwOTeg==
config
c.amazon-adsystem.com/cdn/prod/ 		636 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.77.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-77-151.sin2.r.cloudfront.net
Software
Server /
Resource Hash
0e53454a6a3599c9e3c46ed4eb2132a19bd03b72d6be5282a2d4fb093249751f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:45:03 GMT
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
age
541
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
636
x-amz-cf-id
ei6MbaOBMV2PMEgdUu5D40khejugasbFB5afEGSd35S7TCHYeR65QA==
bid
aax.amazon-adsystem.com/e/dtb/ 		113 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&pid=l6ltTPRa5jDpw&cb=0&ws=1600x1200&v=23.1010.1530&t=2000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%2C%221000x150%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-2%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-2%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.35.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-35-24.sin2.r.cloudfront.net
Software
Server /
Resource Hash
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:19 GMT
via
1.1 bdcb0966d6e5d28eb31a406298268896.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
113
x-amz-cf-id
qaqaiefHx1XdnbpT43MsF2kDfOcb55k6SgR_c3zcfRvdZc4b7_1Ofw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.77.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-77-151.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 f6a003d0ac39dd4960506f9ca113dde8.cloudfront.net (CloudFront)
date
Wed, 18 Oct 2023 04:53:35 GMT
x-amz-cf-pop
SIN2-P2
age
7230
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
cuG8EnlxQcfXb4TWgSzF4pd7m4LoqbwBa5L0D5rbV8fYg-7g3rQxJQ==
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=76180016419598553491257014746410589638&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=newsnkidcookie%014539fe69f634b58ebe902d6108b8f203%011&ts=1697612044331
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.13.17.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-17-63.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
3bc5311c4702041d67c632224e29a9bfbaa88e74ac969d261501924fa4a6ae29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-2-v048-0f15330fd.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
pf8F9Lv0SPM=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1558
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame FAA0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1697612044357&cv=9&fst=1697612044357&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
82aaf9f39efa4dff4ed7f5c8e060bff5bfd9fbe9c830ddc539705d9d76bf96ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1372
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		138 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a9b728cbc4ea20ef9c0934035ba3300049c50682dcc0e58452c40749b6d853
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Oct 2023 11:34:12 GMT
server
cloudflare
x-amz-request-id
59TWKM0E92R53QPW
age
597
etag
W/"cc062d3a08ec5f94b7d1ab377b1e95bd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
817ede2dac325c10-SYD
x-amz-id-2
h0RJitqRZDVIV59DdKMKhRfWLO/R4JoPDFaB8auTefhfWSkn3rcGGjIMqHT5bfU3wnGYl0xw91E=
ibs:dpid=358&dpuuid=7579792736111074373
dpm.demdex.net/ Frame AB11
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=7579792736111074373
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7579792736111074373
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.13.17.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-17-63.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v048-0fff12ca1.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
UkDHBRbNTOQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:04 GMT
an-x-request-uuid
8aa9839c-9c79-4c37-8188-c1eb4dda25e6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7579792736111074373
x-proxy-origin
103.107.197.109; 103.107.197.109; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
279 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
b7631a27c26edb85d615ec2a08a342f22ac458a2a54505babaa7eb448c87c3dd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Wed, 18 Oct 2023 06:54:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
c0.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c0.eu-3-id5-sync.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.88.190 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c1.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c1.eu-3-id5-sync.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.127 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c2.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2.eu-3-id5-sync.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.152 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c3.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c3.eu-3-id5-sync.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.112 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c4.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c4.eu-3-id5-sync.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.199 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c5.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c5.eu-3-id5-sync.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.250 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c6.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c6.eu-3-id5-sync.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.187 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c7.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c7.eu-3-id5-sync.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.88.190 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
ibs:dpid=470&dpuuid=8848152157402147362
dpm.demdex.net/ Frame AB11
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=8848152157402147362
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8848152157402147362
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.13.17.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-17-63.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v048-0733cfb84.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
2t65SaueRkw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8848152157402147362
pragma
no-cache
date
Wed, 18 Oct 2023 06:54:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
s67334512380850
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/s67334512380850?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=18%2F9%2F2023%2014%3A54%3A4%203%20-480&cid.&newsnkidcookie.&id=4539fe69f634b58ebe902d6108b8f203&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=4539fe69f634b58ebe902d6108b8f203&mid=76180016419598553491257014746410589638&aamlh=9&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPercentPageViewed=5.0.1&getPreviousValue=3.0&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D8%2Cevent18%2Cevent63%3D87&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Ccustom%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=5%3A54%20PM%7CWednesday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=87&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cwa%7Cperth%7C-31.93%7C115.83%7Cgmt%2B8%7Cunknown&v79=au&v80=4539fe69f634b58ebe902d6108b8f203-00000000000000000000000000000000-1697612041304-190055&v110=2023-10-18%2014%3A53%3A54&v111=0&v199=en-US%2Cen&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/v2/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-138.data.adobedc.net
Software
jag /
Resource Hash
d23e580436caed27eb6af9adefc3b1269f9b1644aad3b75286baf0eb01480dfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-aam-tid
BIpv+nrOTbE=
date
Wed, 18 Oct 2023 06:54:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
4969
x-xss-protection
1; mode=block
dcs
dcs-prod-usw2-1-v048-06440873d.edge-usw2.demdex.com 5 ms
pragma
no-cache
last-modified
Thu, 19 Oct 2023 06:54:09 GMT
server
jag
etag
3645594117126553600-4617841307961036986
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 17 Oct 2023 06:54:09 GMT
token
token.rubiconproject.com/ Frame AB11 		0
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=6404&puid=76156148949135702871259139842975485148&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=771&dpuuid=CAESEBuvWD5mNjVfvrn3gGEUE4w&google_cver=1
dpm.demdex.net/ Frame AB11
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzYxNTYxNDg5NDkxMzU3MDI4NzEyNTkxMzk4NDI5NzU0ODUxNDg=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBuvWD5mNjVfvrn3gGEUE4w&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBuvWD5mNjVfvrn3gGEUE4w&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.13.17.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-17-63.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v048-07a1ea75c.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
PfKEIymEQh4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBuvWD5mNjVfvrn3gGEUE4w&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
match.adsrvr.org/track/upb/ Frame 5F96
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
  • https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
923 B
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
37689adf0f1381fde38ca7230bdf5dbe931e38b29280e58908256eb3643bea92

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 18 Oct 2023 06:54:05 GMT
server
Kestrel
vary
Accept-Encoding

Redirect headers

content-length
275
date
Wed, 18 Oct 2023 06:54:05 GMT
location
https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
server
Kestrel
/
match.adsrvr.org/track/upb/ Frame EA5D
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
  • https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
923 B
967 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
861f3efa539ae9d42819caadecbe212263ce477d939de18a8dfdf10c5218328d

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 18 Oct 2023 06:54:05 GMT
server
Kestrel
vary
Accept-Encoding

Redirect headers

content-length
275
date
Wed, 18 Oct 2023 06:54:05 GMT
location
https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
server
Kestrel
generic
match.adsrvr.org/track/cmb/ Frame AB11
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
70 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:05 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
date
Wed, 18 Oct 2023 06:54:05 GMT
server
Kestrel
content-length
257
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=nwkc66kcjubvjlns6jjjs6tpiy5nn1697612042&fp_cr_tm=1697612042923&fp_acc_tm=1697612042923&fp_emm_tm=1697612042923&ve_id=&sessionId=nhavisjcaajtog6v4loaiwbgxhpi21697612042&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,40puyv81gybpy0clhlzr8sa92kh3x1697612043&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16976120429096015&c30=bldv,6.0.0.673&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1697612041307&c3=st,c&c64=starttm,1697612044&adid=1697612041307&c58=isLive,false&c59=sesid,&c61=createtm,1697612044&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&sdd=&c62=sendTime,1697612044&rnd=276454
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.99.23 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-99-23.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:04 GMT
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame AB11 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
jsdiagnostic
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_longreq&anid:10507&sessionId:d204036d-b8c8-b11b-01e9-45cbe8b3b5f7&err:threshold%3A2000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.228.74 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-228-74.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
server
nginx
x-server-name
app06.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ibs:dpid=23728&dpuuid=ZS.BEAuIWESwlN3o5bsHWgAA%264721
dpm.demdex.net/ Frame AB11
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZS.BEAuIWESwlN3o5bsHWgAA%264721
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZS.BEAuIWESwlN3o5bsHWgAA%264721
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.13.17.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-17-63.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v048-07ea38d33.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3LNuwhWjTfA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4KjBYGjTFDfCLUa7Eijvgt8U6rSCJljw7LmmzTBLq5A5MoH9Dc%2FbdbobrZ4uuz3TK6SL1FYFEt41rBdDj3ID68%2FS8bjra3BMfAMAqeTrUcbB%2FV7ybQ6InA1Ebdfn5DykdVRDNmP"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZS.BEAuIWESwlN3o5bsHWgAA%264721
cache-control
no-cache
cf-ray
817ede470f568acd-PER
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
LiveRampId
au.audience.newscgp.com/ 		94 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/LiveRampId?device_id_type=newskey&device_id=4539fe69f634b58ebe902d6108b8f203&bust=16905034818750.019150480735628417&errors-in-body=1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-119.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
8a7ade9025f960256f74bc03ca44604996b68a46d10fef14e038e2e23344dad8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:08 GMT
via
1.1 35a6ccd005bb4de1deff66dab22059c4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
94
x-amz-cf-id
VRYqubYXziB45fTL8dX-R9LlK7Ss9Fntk_oiJMRRVY9g0CmPq2ak_A==
ads
securepubads.g.doubleclick.net/gampad/ 		261 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1399418072403812&correlator=3491939895844712&hxva=1&scor=2005480090520594&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C300x600%7C160x600%7C120x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C300x90%7C315x90%2C1x1&ifi=1&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697612045145&lmt=1697583245&adxs=436%2C1112%2C808%2C0%2C176%2C1112%2C0&adys=28%2C354%2C13981%2C14817%2C8460%2C328%2C15537&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C0%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&vis=1&psz=1600x134%7C312x250%7C300x670%7C1600x720%7C1248x0%7C312x0%7C1600x15555&msz=728x133%7C312x250%7C300x250%7C1600x0%7C1248x0%7C312x0%7C1600x0&fws=512%2C512%2C0%2C0%2C0%2C516%2C0&ohw=0%2C0%2C0%2C0%2C0%2C312%2C0&ga_vid=189444290.1697612045&ga_sid=1697612045&ga_hid=500057946&ga_fc=false&a3p=EhsKDGlkNS1zeW5jLmNvbRjxqsCMtDFIAFICCGo.&dlt=1697612040040&idt=2954&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D1%26amznp%3D1%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D1%26amznp%3D1%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D1%26amznp%3D1%7Cpos%3D1%26refreshed%3Dfalse%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D1%26amznp%3D1%7Cpos%3D1%26refreshed%3Dfalse%7Cpos%3D1&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3D4539fe69f634b58ebe902d6108b8f203%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26adl%3Dfalse%26sssw%3Dtrue%26abtest%3Da%26pvid%3D4539fe69f634b58ebe902d6108b8f203-00000000000000000000000000000000-1697612041304-190055&adks=1798527053%2C1263259910%2C1415436295%2C1982096792%2C3785065344%2C2320616304%2C3544675803&frm=20&is_cau=%2C%2C%2C%2C%2C%2C
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
af23439fd47af030ab450dd1fe43a229ed087799521793f94a039644d118031d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34967
x-xss-protection
0
google-lineitem-id
6394165109,6394165382,5084295962,-2,5084295962,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449289144,138449331125,138445902048,-2,138445902045,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b55fa654ee3e34c0ed8b9c5d1953e9cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 47E6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b55fa654ee3e34c0ed8b9c5d1953e9cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 06:54:21 GMT
expires
Thu, 17 Oct 2024 06:54:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame EA5D 		488 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.90.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-90-128.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 00:47:06 GMT
Via
1.1 f6a003d0ac39dd4960506f9ca113dde8.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Aug 2023 20:10:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-P2
Age
22019
x-amz-server-side-encryption
AES256
ETag
"2775054c068b37509e0798448f7fd32c"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
488
X-Amz-Cf-Id
E-u0CeqbXfVTng6sBI8mgnIRCXoGJ0FdNA-sVqjnRGxMRvFqfkiFDA==
uid
dt.scanscout.com/ssframework/ Frame AB11 		0
0
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 5F96 		488 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.90.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-90-128.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 00:47:06 GMT
Via
1.1 f6a003d0ac39dd4960506f9ca113dde8.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Aug 2023 20:10:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-P2
Age
22019
x-amz-server-side-encryption
AES256
ETag
"2775054c068b37509e0798448f7fd32c"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
488
X-Amz-Cf-Id
mkM0tznYxvadA9j5dgTuvPUJsc53AXtNchzoLZgc8nh_d5IxzJR7SQ==
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 19 Oct 2023 06:54:08 GMT
cksync
hb.yahoo.net/ Frame 75FD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS05VXZfelkxRTJ1RXI2RzRfc3Z4X2RsRjV0LkZ2Llk4UX5B&gdpr=0&ovsid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&dpid=55953
53 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS05VXZfelkxRTJ1RXI2RzRfc3Z4X2RsRjV0LkZ2Llk4UX5B&gdpr=0&ovsid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&dpid=55953
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.235.217 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-235-217.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
53
content-type
image/gif
date
Wed, 18 Oct 2023 06:54:09 GMT
expires
Wed, 18 Oct 2023 06:54:09 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E

Redirect headers

age
0
content-length
0
date
Wed, 18 Oct 2023 06:54:08 GMT
location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS05VXZfelkxRTJ1RXI2RzRfc3Z4X2RsRjV0LkZ2Llk4UX5B&gdpr=0&ovsid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&dpid=55953
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.87
strict-transport-security
max-age=31536000
pixel
cm.g.doubleclick.net/ Frame A328
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YTY1N2M2ZjktNDBkYy00ZWNiLTk5ZWItNjU5ODYwNWFhN2U0&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-65986...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&google_gid=CAESEJCzLGF1fr7fSVqWrR9Hyj0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTY1N2M2ZjktNDBkYy00ZWNiLTk5ZWItNjU5ODYwNWFhN2U0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4
170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTY1N2M2ZjktNDBkYy00ZWNiLTk5ZWItNjU5ODYwNWFhN2U0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 06:54:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

content-length
423
date
Wed, 18 Oct 2023 06:54:05 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTY1N2M2ZjktNDBkYy00ZWNiLTk5ZWItNjU5ODYwNWFhN2U0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4
server
Kestrel
rubicon
match.adsrvr.org/track/cmf/ Frame A6ED
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Wed, 18 Oct 2023 06:54:05 GMT
server
Kestrel

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
content-length
0
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame AB11
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=76156148949135702871259139842975485148&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=76156148949135702871259139842975485148&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.13.17.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-17-63.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v048-0a1c8b572.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
tBCjh8hsTGI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Wed, 18 Oct 2023 06:54:06 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
pixel
cm.g.doubleclick.net/ Frame A870
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YTY1N2M2ZjktNDBkYy00ZWNiLTk5ZWItNjU5ODYwNWFhN2U0&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-65986...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&google_gid=CAESEJCzLGF1fr7fSVqWrR9Hyj0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTY1N2M2ZjktNDBkYy00ZWNiLTk5ZWItNjU5ODYwNWFhN2U0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4
170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTY1N2M2ZjktNDBkYy00ZWNiLTk5ZWItNjU5ODYwNWFhN2U0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 06:54:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

content-length
423
date
Wed, 18 Oct 2023 06:54:05 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTY1N2M2ZjktNDBkYy00ZWNiLTk5ZWItNjU5ODYwNWFhN2U0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4
server
Kestrel
cksync
hb.yahoo.net/ Frame D1BD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS05VXZfelkxRTJ1RXI2RzRfc3Z4X2RsRjV0LkZ2Llk4UX5B&gdpr=0&ovsid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&dpid=55953
53 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS05VXZfelkxRTJ1RXI2RzRfc3Z4X2RsRjV0LkZ2Llk4UX5B&gdpr=0&ovsid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&dpid=55953
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.235.217 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-235-217.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
53
content-type
image/gif
date
Wed, 18 Oct 2023 06:54:09 GMT
expires
Wed, 18 Oct 2023 06:54:09 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E

Redirect headers

age
0
content-length
0
date
Wed, 18 Oct 2023 06:54:08 GMT
location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS05VXZfelkxRTJ1RXI2RzRfc3Z4X2RsRjV0LkZ2Llk4UX5B&gdpr=0&ovsid=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&dpid=55953
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.87
strict-transport-security
max-age=31536000
rubicon
match.adsrvr.org/track/cmf/ Frame BBCF
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Wed, 18 Oct 2023 06:54:05 GMT
server
Kestrel

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
content-length
0
usermatch.gif
beacon.krxd.net/ Frame AB11
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=76156148949135702871259139842975485148
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=76156148949135702871259139842975485148
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=76156148949135702871259139842975485148
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
54.149.199.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-199-105.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by
beacon-n007-pdx-prod.krxd.net
date
Wed, 18 Oct 2023 06:54:07 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1697612047
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=76156148949135702871259139842975485148
date
Wed, 18 Oct 2023 06:54:07 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a009-ash-prod.krxd.net
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame AB11
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=76156148949135702871259139842975485148&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.13.17.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-17-63.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v048-07a1ea75c.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
G8NKJ7nTQuU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Wed, 18 Oct 2023 06:54:06 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pixel
cm.g.doubleclick.net/ Frame AB11
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlNfQkRBQUFBRWZEbVFOOQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlNfQkRBQUFBRWZEbVFOOQ==
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-bne12522-BNE
pragma
no-cache
date
Wed, 18 Oct 2023 06:54:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1697612046.864379,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlNfQkRBQUFBRWZEbVFOOQ==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame AB11
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZS_BDAAAAEfDmQN9&expires=90
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZS_BDAAAAEfDmQN9&expires=90
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-bne12522-BNE
pragma
no-cache
date
Wed, 18 Oct 2023 06:54:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1697612046.864713,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZS_BDAAAAEfDmQN9&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
m=W93Wdc
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L... Frame 3271 		128 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1.O/am=AEMa/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI66cMNaqRx82nXeie0kivMIIeGsgA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=W93Wdc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5ZeaDyvzSW6Y3bpYa_-5VQXHEqAA/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
6a0c386c6ced8567e0d062db55fa699305960e4a19e5752bb9c01c16bfc5ce31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 17:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43908
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 04:56:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 17:16:37 GMT
m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L... Frame 3271 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1.O/am=AEMa/d=1/exm=W93Wdc,_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI66cMNaqRx82nXeie0kivMIIeGsgA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5ZeaDyvzSW6Y3bpYa_-5VQXHEqAA/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
b3f366a5418c77cb143fd3bfd0460abef00c12f70bdeaf63085f9b253c8015d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1836
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 04:56:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 06:54:05 GMT
rum
dsum-sec.casalemedia.com/ Frame AB11
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZS_BDAAAAEfDmQN9
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZS_BDAAAAEfDmQN9&C=1
43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZS_BDAAAAEfDmQN9&C=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3HmnzARWUbxhmzQgRTzZBxe9jAUrv3T0FeM6kXCG0tc5yslTtKlWAOdWWFGjjmkjr2lc2jOaxgyzbOj2Q8Jna2XIXsMCk3l%2B9WwCLoJHhKzxdSA3Ghf0jfftq7p1BBN%2F4%2Fwd2cDmqEjOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede395f603e63-ADL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8Z4HvTBPSPrWA1EhXWTgkOYiE4ExysAfbgwjFV4mm9e2okwWAyzeYnoOAuMEszneEkb3ELvsPAgDyHpcPZTXeFltkvFqp7MWDxxUc7JnyRz%2BWpGDImmEDDoJlyM8E7CgfJrGOfLHMCAWA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=88&external_user_id=ZS_BDAAAAEfDmQN9&C=1
cache-control
no-cache
cf-ray
817ede383dcf3e63-ADL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
setuid
ib.adnxs.com/ Frame AB11
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=ZS_BDAAAAEfDmQN9
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=ZS_BDAAAAEfDmQN9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.43.90.178 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:06 GMT
an-x-request-uuid
30795bf8-53d8-4212-bc63-c5047d3feabd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
103.107.197.109; 103.107.197.109; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-bne12522-BNE
pragma
no-cache
date
Wed, 18 Oct 2023 06:54:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1697612046.968048,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=ZS_BDAAAAEfDmQN9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
m=LEikZe
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L... Frame 3271 		236 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1.O/am=AEMa/d=1/exm=FCpbqb,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI66cMNaqRx82nXeie0kivMIIeGsgA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5ZeaDyvzSW6Y3bpYa_-5VQXHEqAA/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 18:45:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
160
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 04:56:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 18:45:07 GMT
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L... Frame 3271 		1 KB
788 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1.O/am=AEMa/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI66cMNaqRx82nXeie0kivMIIeGsgA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5ZeaDyvzSW6Y3bpYa_-5VQXHEqAA/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
436ea87eb6704dd1b0a5e3ec8332c2fc8b5f4311c45e00d273a195bab44da660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 17:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
718
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 04:56:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 17:16:37 GMT
m=RqjULd
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L... Frame 3271 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1.O/am=AEMa/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI66cMNaqRx82nXeie0kivMIIeGsgA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5ZeaDyvzSW6Y3bpYa_-5VQXHEqAA/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
28cbfc1bddd44fae420cd114e584ec822a7644e47d736c4dd529826312e8f61d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 17:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6412
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 04:56:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 17:16:37 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 3271 		164 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=6411444404964633184&bl=boq_subscribewithgoogleclientserver_20231016.07_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=53646&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5ZeaDyvzSW6Y3bpYa_-5VQXHEqAA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f100.1e100.net
Software
ESF /
Resource Hash
4dd69a2d49c32a57934eb9e1f833040f07d0ac052056e53c3dcbd8fbf24eb39d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 18 Oct 2023 06:54:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F870 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-gtWAl02kgHSVPBhcxpbT9fkGfMUI8qWGeY1fCZR7hk1B9KcgiN_64YeUjk6I1BtNiFXN29edwMOxj5c4kO3p8o4dIphQnIUacO6D76IACJGo6FvtHA5uKtNPlMoGhlo8K_YD464z9Px7aQ7OPRTd49MHASBhwpkZgTxJbKU2eRp2L0YR_l802rcO6y2rmWgaYxehUqfppTO1rh77bi1mLfLROUeU_F6mbeWh23sEru2GTLjMmBbfxCBGx13qfM5gY1s_h6m5e2XJGvJhs6h6YqzaJLgOhDR1VON-0dVYw6VTzpUp3OvB-cgMeU4URvRnqU57A1xpAx76DXW9GE_iicS9g5XexSa94Q&sai=AMfl-YRObb2oaYfLcrJN8WGphBQo-K1dFx3-GGtbhnp5yJJ68hy-A6O2fw05SkR6EN3pyCfVd_4906M_XGt1lHT_n7pYZuWkjDMcMEvJpeAxvyPN5HyINB4_Sb9Lsqasilg&sig=Cg0ArKJSzBBjprf0b0EcEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame F870 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
64714
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 12:55:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame F870 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:08:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
67529
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 12:08:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F870 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697483867094811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 06:54:06 GMT
13328773137836421002
tpc.googlesyndication.com/simgad/ Frame F870 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13328773137836421002
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
4dec096ac53796aca6f7b6c1e26425431a2ae18cd5d490aa4dd4d3597e5350ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:09 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47473
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 07:25:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 17 Oct 2024 06:54:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 48AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutwo5Yx9AD-g6QcKiSP0ydufvt3tGxvD0vDSWxRbFhqxvw7zGObLycDM8gzWfJcWoc7JPXKUjYITg-tDqNnEleSnsMCoLZtS-z4LjOsNzavTFaPjohwKrWsA3bM-pfR9bKUcAyEFvgPJ2AqRpAG161gaZ7PuDb79iETvOF3S4hoLWyRfeUypimPregva1ols0YSDIwbGYVUvR6haffZZPLSmBMG8VgawXLLfmq0HVmLvIt4hQrfrBxJOEQoaaHVsR-u8vVq3Tk_HpgsgSp3XhUKVbUHweaXt5TFY9cPn81r8s4-vMLH6bQUll4-T5JiL2RwW7PwRrRkvTCnewNPCUXykQhkqoZCex9Dg&sai=AMfl-YTiwYquR6qtPJQqoHZsOkZjdKDhUeLyR9KYfj01tQpipG7qy8Ep1uMCdFLICjA1LbkoQkbQUqbRLNGfA_fVjnaOoKdJx8HMK6kLH9BQ0v0rsY3Z6N6C0ZeuoBQanFQ&sig=Cg0ArKJSzIYcfA1yj-_0EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 48AD 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
64714
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 12:55:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 48AD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:08:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
67529
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 12:08:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 48AD 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697483867094811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 06:54:06 GMT
16155067779660419316
tpc.googlesyndication.com/simgad/ Frame 48AD 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16155067779660419316
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
89ccbdf79c51f1a72c6f8dd6118ff42d24cd9ee97975017675f90201ed1d866a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:09 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89934
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 07:25:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 17 Oct 2024 06:54:09 GMT
truncated
/ Frame F870 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af0c3df12e26b2104b482de94a913e61686a180cc4b0812a9c5c7800a0cef8ef

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 48AD 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e550c86635ea377cc024424945e8009df376644b844021a9fe5486b3828fedd8

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame FFE3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlcF5CUplyUTjw_4GnfihD11OCbDYpLsiam6Y0K81XSQZ8r-aq_vexS3Fn3oZOAv8buRqOcLLrDixv7DiQCFO5tDC5W8SA1HFStcaq3DInZSlaDlr8fhMI40LXMXqtx6iiD5nd9vgvLPQ9Kmw3zd0YdSK1k2iycDZV6kVlxMiOs2z3Xzj509VvxHKxTqYhmTnLREhXBZbnGq897TnHR0aepgZKVsz-Kt1DD-TciTwm0gctru50zOd-8nFJSyrBn7kHCG_WHvy9TGl-o9crTAc3icJnKeDfWmUGflwgRga5cTOQ9zq-__PcBzggZdqv01HDbdrvWguxhGSqzEgs9bW9Q0FQ1DqACFtJ-g&sai=AMfl-YRmp89V5AoTW4l8_7uskt_RSe60dpBGCmbMZdjLDggtzzATW0lTydf1fPEm_VCaFHSyCH7vXvHp_EhW0mDFGaSb7a2Z7WMoBtEU5A1nhXbUb_wGag7SIwgw3WR6nCs&sig=Cg0ArKJSzLChPloddslBEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame FFE3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
64714
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 12:55:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame FFE3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:08:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
67529
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 12:08:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FFE3 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697483867094811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 06:54:06 GMT
9718306219872050408
tpc.googlesyndication.com/simgad/ Frame FFE3 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9718306219872050408
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
6fb048b529862aa820b01dc3d122f0de2a3b145b79bc6eb281d4bdf96fd27141
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 22:39:31 GMT
x-content-type-options
nosniff
age
461678
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30495
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 07:37:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 11 Oct 2024 22:39:31 GMT
l
www.google.com/ads/measurement/ Frame FFE3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5i6fRLXCoFGy9dCdwfcID1ocuBrS0AeLAa20s5LPZoZDHoxBI9oIo0GzrTOsaIhIFRr8qGzk-Pn55eiezzyy7zoDyqg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame EDB3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEBEe6rP7t5z4sFWg2GUpXQ3-vzNtqvGz305dZ4JxyfOllhZAmPovHVRHdvlWMbJ138r7pOYE7RswxbSdcqIYJI2OKX-dy5Yv8ols_X2CXhlFIcVAhGvf6yse2vL2DHHZcU3cMYqotuOsLgUcNia0zM-U7EZlp5va3qgi2N-EwvsPt00tPkcQjXARxAr6I32KhpmJ3d3d1D9gQPcEEOgvi6Bi4LAf08JKxxWrTetCrjhE1CQauhWYfilvplq1v3qfHBtyl-KK_2u6bVqpljzJt-nixaoNDByzKu4r5oHlBiGAO3fpOSyk0IzSNo55JxFY4deHtAhCVCJbiL_LZdJ7JXuPu4qzgEmxZsQ&sai=AMfl-YTSFbah6_P1Q_PMw5W6wBgxlixyOBrBCwPafcBsUPh_-Pcso93dx0gOfVY3Xx54R-wRPjfe_R_mBi_AN3CfT3SfwX7AD65etXzX52-PYc8WBUJ8xmph0JmnzMYGFqw&sig=Cg0ArKJSzMUuoIy2d_Q_EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4539fe69f634b58ebe902d6108b8f203-1697612034
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame EDB3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
64714
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 12:55:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame EDB3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 12:08:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
67529
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 12:08:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EDB3 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697483867094811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 06:54:06 GMT
14822947184821417181
tpc.googlesyndication.com/simgad/ Frame EDB3 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14822947184821417181
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
99740307ed5cfa3bfd0c6d068d455e4c76d3328c7262599434f41754fd6165c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:45:26 GMT
x-content-type-options
nosniff
age
497323
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27589
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 07:37:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 11 Oct 2024 12:45:26 GMT
l
www.google.com/ads/measurement/ Frame EDB3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSAEmRBqC9UpzYReDEnq1WP9Y_8T6eCYH6-5AaISA8a3sE_abX4DS_Zms12i5oqeQBP1BIhwmm_cmN-ZCQzhiWHAmzafg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame AB11
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZS_BDAAAAEfDmQN9
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZS_BDAAAAEfDmQN9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-bne12522-BNE
pragma
no-cache
date
Wed, 18 Oct 2023 06:54:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1697612046.132594,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZS_BDAAAAEfDmQN9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
truncated
/ Frame FFE3 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4af37496cc0e6f3640a2084b79e5518409bd7afdd45985c4f32f3822438d5015

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EDB3 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03fabcad975137575d49015c723f42231abc08679bf3a49aa79444e00eb8faf3

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L... Frame 3271 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.f_yGZfA5vbs.L.B1.O/am=AEMa/d=1/exm=FCpbqb,LEikZe,RqjULd,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI66cMNaqRx82nXeie0kivMIIeGsgA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5ZeaDyvzSW6Y3bpYa_-5VQXHEqAA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
64d4fe6081f265609e8f277d63bd7b7aad3064603b507df0f9368cb581f50491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 17:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37120
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 04:56:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 17:16:38 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 18 Oct 2023 06:54:06 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3271 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5ZeaDyvzSW6Y3bpYa_-5VQXHEqAA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 18 Oct 2023 06:54:06 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 18 Oct 2023 06:54:06 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 18 Oct 2023 06:54:06 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3271 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5ZeaDyvzSW6Y3bpYa_-5VQXHEqAA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 18 Oct 2023 06:54:07 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 18 Oct 2023 06:54:07 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 18 Oct 2023 06:54:06 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3271 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.jPUr1CvNWXg.es5.O/am=AEMa/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5ZeaDyvzSW6Y3bpYa_-5VQXHEqAA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 18 Oct 2023 06:54:06 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 18 Oct 2023 06:54:06 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AB11
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZS_BDAAAAEfDmQN9
1 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZS_BDAAAAEfDmQN9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 06:17:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-bne12522-BNE
pragma
no-cache
date
Wed, 18 Oct 2023 06:54:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1697612046.241085,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZS_BDAAAAEfDmQN9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame AB11
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZS_BDAAAAEfDmQN9&img=1
0
0
b.php
www.facebook.com/fr/ Frame AB11
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZS_BDAAAAEfDmQN9&t=2592000&o=0
43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZS_BDAAAAEfDmQN9&t=2592000&o=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 23:54:07 PDT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
pragma
public
x-fb-debug
5v+Kf1hIfwf0h8YE+h0oLgTetBYgFGi4/+cyTIvFOXUZfzvbrPpVI5SKC1UC3TvkjZYpoUkJnKVUpaBleDAI8Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
origin-agent-cluster
?0
cache-control
public, max-age=0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Tue, 17 Oct 2023 23:54:07 PDT

Redirect headers

x-served-by
cache-bne12522-BNE
pragma
no-cache
date
Wed, 18 Oct 2023 06:54:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1697612046.451504,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZS_BDAAAAEfDmQN9&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ibs:dpid=147592
dpm.demdex.net/ Frame AB11
Redirect Chain
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.13.17.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-17-63.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v048-0fc79264f.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
pfDnrCmRS28=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-vcl-time-ms
240
date
Wed, 18 Oct 2023 06:54:06 GMT
via
1.1 varnish
x-served-by
cache-bne12527-BNE
server
nginx
x-timer
S1697612047.559805,VS0,VE240
x-fastly-to-nlb-rtt
238524
x-cache
MISS
location
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 969C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1697612046602&cv=11&fst=1697612046602&bg=ffffff&guid=ON&async=1&gtm=45be3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&frm=1&auid=724835606.1697612047&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
ce32364b9de08063abd901e9dde5fb77a91a53caddf3aeab45f74b62de19be2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
sync.1rx.io/usersync/adobe/ Frame AB11 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.107 , Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:14 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
jload
pixel.adsafeprotected.com/ Frame 689E 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|1&pubId=36557831&chanId=171638111&placementId=6394165109&pubCreative=138449289144&pubOrder=3227604870&cb=1929386801&custom=homepage&custom3=168400391&adsafe_par&impId=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.228.74 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-228-74.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
d66577e7b786703e09b4363c6924d2c8c998ba7356fd0247fa691e234bb773e3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame A3CB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1697612046714&cv=11&fst=1697612046714&bg=ffffff&guid=ON&async=1&gtm=45be3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&frm=1&auid=724835606.1697612047&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
e11a38c81b99e0f27a7ef74e7de6c4dfd59e5eabd906e6fd4610f315959ce425
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame CB46 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5084295962&pubCreative=138445902048&pubOrder=2553375348&cb=576947098&custom=homepage&custom3=168400391&adsafe_par&impId=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.228.74 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-228-74.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
7bdbdef27a4a0cfd2a79077ba022e84bf5422b1a6822390a2c1760aa375c81a6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.119.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-119-175.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.119.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-119-175.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
jload
pixel.adsafeprotected.com/ Frame A0FF 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=171638111&placementId=5084295962&pubCreative=138445902045&pubOrder=2553375348&cb=597164435&custom=homepage&custom3=168400391&adsafe_par&impId=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.228.74 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-228-74.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ad0be3fb57ddaa4423f45c119b70022d7a297a74879933f0403a30b17f5a9aa1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
jload
pixel.adsafeprotected.com/ Frame 4EA7 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=36557831&chanId=171638111&placementId=6394165382&pubCreative=138449331125&pubOrder=3227604870&cb=875522713&custom=homepage&custom3=168400391&adsafe_par&impId=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.228.74 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-228-74.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
43f67d9ff8113d8da9b7db587e697b30b3e01cb3919fce9b7afd5ee8766e7fa4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
13726
check.analytics.rlcdn.com/check/ 		0
0
pixie
ib.adnxs.com/ Frame 2D0C 		42 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1697612047529&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1697612047529&et=1697612047530&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:07 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.23.4
x-proxy-origin
103.107.197.109; 103.107.197.109; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
42
content-type
image/gif
dc_pre=CIT_vNiB_4EDFfpanQkdTfQAOw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8580403197494.931
adservice.google.com/ddm/fls/z/ Frame B323 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIT_vNiB_4EDFfpanQkdTfQAOw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8580403197494.931
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIT_vNiB_4EDFfpanQkdTfQAOw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8580403197494.931?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CP-BvdiB_4EDFR9anQkd7Z0HvQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8253341447765.541
adservice.google.com/ddm/fls/z/ Frame 286B 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CP-BvdiB_4EDFR9anQkd7Z0HvQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8253341447765.541
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CP-BvdiB_4EDFR9anQkd7Z0HvQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8253341447765.541?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 27B4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132220
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 18 Oct 2023 06:54:08 GMT
expires
Thu, 19 Oct 2023 19:37:48 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 481C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98ade229c8e5ad15bb18fd8dd30aeb135ca4b94260023a34a42a0b96278d4455

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
817ede45b8693e63-ADL
content-encoding
br
content-type
text/html
date
Wed, 18 Oct 2023 06:54:08 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXth%2FgbOzdCFQccIeBWT04h1YjYR0FkPZDI7SqFsFRja3u9CghYUNV3xeEdmrjVe56D2MByB%2FUP3igIf%2F5DOBHUCtS%2BUvoVIWOpqhkcBOwtaMkyc6mWDqVUjw4dlhdgMEazjqdK7eDLFbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 26FF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.183 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 18 Oct 2023 06:54:08 GMT
ETag
"623de86a-cf34"
Expires
Thu, 19 Oct 2023 06:54:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
usync.html
eus.rubiconproject.com/ Frame BEAE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.154.61 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-154-61.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 18 Oct 2023 06:54:08 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 1FA4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
602
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
817ede4d097155f2-ADL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 18 Oct 2023 06:54:09 GMT
expires
Wed, 18 Oct 2023 10:54:09 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=7579792736111074373
43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=7579792736111074373
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:15 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
d542e28d-d738-4a65-b79c-d885353c2c2a

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
an-x-request-uuid
fb5f5125-8884-420d-b900-eb4a4e280bf2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.playground.xyz/usersync?partner=appnexus&uid=7579792736111074373
x-proxy-origin
103.107.197.109; 103.107.197.109; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.google.com/pagead/1p-user-list/859754747/ Frame FAA0 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1697612044357&cv=9&fst=1697608800000&num=1&guid=ON&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=3323262546&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/859754747/ Frame FAA0 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/859754747/?random=1697612044357&cv=9&fst=1697608800000&num=1&guid=ON&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=3323262546&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
d779718eed5e6af18de75d3edd354975bc904d0e97484222b86f68191a9edcda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-17e57"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 19 Oct 2023 06:54:09 GMT
event
prebid-a.rubiconproject.com/ Frame 		0
0
event
prebid-a.rubiconproject.com/ 		0
0
async_usersync
ib.adnxs.com/ Frame 26FF 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
an-x-request-uuid
1ff8e814-5cbd-4e60-87e2-5a71258e5eda
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
103.107.197.109; 103.107.197.109; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 27B4 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54326548&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
7d5868e2723c7fbd131f75c4ed88f5e4bcfcebf723ca67decba2c64d702d916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 18 Oct 2023 06:54:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
crum
dsum-sec.casalemedia.com/ Frame 481C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZS.BDpN4lOFe6iY-HdxLsAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIJRojUU6ukP_ZNTPOmS_U8&google_cver=1&google_hm=2
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIJRojUU6ukP_ZNTPOmS_U8&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FArsn0MPOUiwUCSm%2FqGkrt1s8bpH1uvoTbDi9vB3FB4OfHi76Wxp1eYLXXpK%2FC%2FDTBikFRplKyaM7uLnE4u6qDYpUOF1wKcuy%2FMo3%2BUUNUTJtUgN4dNCwCloYUZhM0kzpAYBJ1qtlrvJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede48aa798acd-PER
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIJRojUU6ukP_ZNTPOmS_U8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 481C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZS-BDpN4lOFe6iY_HdxLsAAAEnYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENzpGLi71q64K9NUUYZpJyY&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENzpGLi71q64K9NUUYZpJyY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMvprAQV3no9T7lIhNMD%2BTZQfI0QMLPA2upGj4sAuUf8N1Gd6%2BH%2BJTPaHT96TrghvHGfh32trKMwPbNL7nJvKUx4Ap6cV8BePr%2FCkzjvMRw5wNkX1Q5ZCyf%2BgLBkDuSWbtD25RQZfKp%2FLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede47b8a78acd-PER
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENzpGLi71q64K9NUUYZpJyY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 481C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS-BDpN4lOFe6iY_HdxLsAAAEnYAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS-BDpN4lOFe6iY_HdxLsAAAEnYAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS-BDpN4lOFe6iY_HdxLsAAAEnYAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 06:54:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JY97M971WK8TD2R3WDJ9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 06:54:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
65Z43QCW6BXFX2YYYASF
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS-BDpN4lOFe6iY_HdxLsAAAEnYAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZS-BDpN4lOFe6iY_HdxLsAAAEnYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 481C 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZS-BDpN4lOFe6iY_HdxLsAAAEnYAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.123.88 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-123-88.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 481C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4352714729533595304&gdpr=0&gdpr_consent=
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4352714729533595304&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bWFUms3cb0yvGhsewyabf8kxtRU01GLCVei61nx5clAkwQwOiDhChuoiTPW9hgVzaSY6Ko%2BfZDteWetiXWrCQeT0lVZd2fyuA6eXe2xk9uY%2BNJFFtGeX8zeRzuILuPtDWRjPqM8LIyaJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede4778028acd-PER
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4352714729533595304&gdpr=0&gdpr_consent=
date
Wed, 18 Oct 2023 06:54:07 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 481C
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BqOYEAcwyP%2FmkjqGo1P7Ws%2Bv6pdT3HCJ%2BRrQy39gX2jI7gc5tzP7UoWiX07B5lSTKrmzGC2dSfFFDAv4RQEFKZpxX%2FqqcDq5UYGcq55eV9FG7CjsEW3dZ9UCEuD6aFjACKWza8BLPmuHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede51ec068acd-PER
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Wed, 18 Oct 2023 06:54:10 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 481C
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f85ea035a1d1d50b2kgzqz00lnvedoy8
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f85ea035a1d1d50b2kgzqz00lnvedoy8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7a62cLdHxswm7X52fveGSFlsxgSSca2W%2FjhvpJJ332Y%2B6p9I1Yhlxcgh0AsEhTIaeuzWalBefQMIYSnSdfP5JWR5kmjMkZ1CTxIJHQu1hl6xvUec2Ql37UuGLDCeHGzWQlOc3PBTs5mxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede488a4c8acd-PER
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 18 Oct 2023 06:54:08 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f85ea035a1d1d50b2kgzqz00lnvedoy8
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ibs:dpid=23728&dpuuid=ZS.BDpN4lOFe6iY-HdxLsAAA%264726
dpm.demdex.net/ Frame 481C 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZS.BDpN4lOFe6iY-HdxLsAAA%264726?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.13.17.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-17-63.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v048-0e2da5768.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hJxzfu8dQMY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
i.gif
mfad.inskinad.com/udb/9874/sync/ Frame 481C 		0
0
/
www.google.com/pagead/1p-user-list/707564276/ Frame 969C 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1697612046602&cv=11&fst=1697608800000&bg=ffffff&guid=ON&async=1&gtm=45be3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=1&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=461141083&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/707564276/ Frame 969C 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/707564276/?random=1697612046602&cv=11&fst=1697608800000&bg=ffffff&guid=ON&async=1&gtm=45be3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=1&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=461141083&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame BEAE 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.154.61 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-154-61.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
87f706547dba77861b4dda27017e5f90eaa2b067b401fd49ec77d83f6c1fcb62

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 06:54:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Oct 2023 03:51:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75474
Connection
keep-alive
Content-Length
11122
Expires
Thu, 19 Oct 2023 03:52:02 GMT
khaos.json
token.rubiconproject.com/ Frame BEAE 		7 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Expires
0
tap.php
pixel.rubiconproject.com/ Frame BEAE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/bnIh30SnHS483KHeb8io0Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kz.dMxhE2oII6e70Y6_7PSLwvePMgOVkijEHUg--~A
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kz.dMxhE2oII6e70Y6_7PSLwvePMgOVkijEHUg--~A
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 18 Oct 2023 06:54:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kz.dMxhE2oII6e70Y6_7PSLwvePMgOVkijEHUg--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame BEAE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=u-L6asPVQLuKySMrMYvYIg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=u-L6asPVQLuKySMrMYvYIg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=u-L6asPVQLuKySMrMYvYIg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 06:54:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DKWWBQWT77RD4Y39NSVV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=u-L6asPVQLuKySMrMYvYIg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame BEAE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5WRURQTFYtMVYtNklEMw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDH2xoHKL9XUzF24MTAUlPs&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5WRURQTFYtMVYtNklEMw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5WRURQTFYtMVYtNklEMw==&google_push=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5WRURQTFYtMVYtNklEMw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
pixel
cm.g.doubleclick.net/ Frame BEAE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzlhMmVjOTk1OGFhYzc5Mjc2NDE5OTVhMTRhYmY3MjdlZDM0YTE2MA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzlhMmVjOTk1OGFhYzc5Mjc2NDE5OTVhMTRhYmY3MjdlZDM0YTE2MA
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzlhMmVjOTk1OGFhYzc5Mjc2NDE5OTVhMTRhYmY3MjdlZDM0YTE2MA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame BEAE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNVEDPLV-1V-6ID3
0
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNVEDPLV-1V-6ID3
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:10 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: FFCA738D54124E7484EA15AA054CAC4C Ref B: PER311000104009 Ref C: 2023-10-18T06:54:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYH+Bs9qPTrcu27ghvRhg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNVEDPLV-1V-6ID3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
syncd
x.bidswitch.net/ Frame BEAE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 06:54:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
date
Wed, 18 Oct 2023 06:54:08 GMT
server
Kestrel
content-length
413
ecm3
aax-eu.amazon-adsystem.com/s/ Frame BEAE
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Wm4r11nYTrSgOponODeLbA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Wm4r11nYTrSgOponODeLbA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Wm4r11nYTrSgOponODeLbA
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 06:54:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H2ZQ6MW3NGV6S5P0X368
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Wm4r11nYTrSgOponODeLbA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame BEAE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEChgQCMGMLN_xqPGQu8AUt0&google_cver=1
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEChgQCMGMLN_xqPGQu8AUt0&google_cver=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEChgQCMGMLN_xqPGQu8AUt0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame BEAE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADd6U7KXwIAABkS_cz04g&expires=30
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADd6U7KXwIAABkS_cz04g&expires=30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADd6U7KXwIAABkS_cz04g&expires=30
Date
Wed, 18 Oct 2023 06:54:10 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
magnite
prebid.a-mo.net/setuid/ Frame BEAE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LNVEDPLV-1V-6ID3
0
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LNVEDPLV-1V-6ID3
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:08 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
5
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LNVEDPLV-1V-6ID3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
setuid
ib.adnxs.com/prebid/ Frame BEAE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNVEDPLV-1V-6ID3
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNVEDPLV-1V-6ID3
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.43.90.178 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
an-x-request-uuid
89bba2ec-c767-4d33-bbe8-409fbd63b209
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
103.107.197.109; 103.107.197.109; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNVEDPLV-1V-6ID3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
liveCS.php
live.primis.tech/live/ Frame BEAE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNVEDPLV-1V-6ID3
0
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNVEDPLV-1V-6ID3
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.227.254.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-114.sin52.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:10 GMT
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
CloudFront
x-amzn-waf-action
challenge
x-amz-cf-pop
SIN52-C3
x-cache
Error from cloudfront
content-type
text/html; charset=UTF-8
cache-control
no-store, max-age=0
content-length
0
x-amz-cf-id
piDQ8GMxrxV8nPlmZz2DmBcXDni7be9Anx_YiNFefTWy8zaDUHmyGA==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNVEDPLV-1V-6ID3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
v1
match.sharethrough.com/sync/ Frame BEAE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNVEDPLV-1V-6ID3
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNVEDPLV-1V-6ID3
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
54.169.175.61 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-175-61.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:11 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNVEDPLV-1V-6ID3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Expires
0
tap.php
pixel.rubiconproject.com/ Frame BEAE
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f294dd42-8dac-4182-81ea-6f24b8e57d9e&expires=30
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f294dd42-8dac-4182-81ea-6f24b8e57d9e&expires=30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f294dd42-8dac-4182-81ea-6f24b8e57d9e&expires=30
Date
Wed, 18 Oct 2023 06:54:10 GMT
Connection
keep-alive
X-CI-RTID
c8e122ba-8367-4a9d-874d-e7d055c9467a
Content-Length
144
Content-Type
text/html; charset=utf-8
pixel
capi.connatix.com/us/ Frame BEAE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LNVEDPLV-1V-6ID3&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LNVEDPLV-1V-6ID3&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LNVEDPLV-1V-6ID3&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
817ede56ba4aa938-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 18 Oct 2023 06:54:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LNVEDPLV-1V-6ID3&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
817ede54e881a938-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
merge
ce.lijit.com/ Frame BEAE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LNVEDPLV-1V-6ID3
  • https://ce.lijit.com/merge?pid=80&3pid=LNVEDPLV-1V-6ID3&dnr=1
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LNVEDPLV-1V-6ID3&dnr=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 06:54:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 06:54:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LNVEDPLV-1V-6ID3&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
main.19.8.439.js
static.adsafeprotected.com/ Frame 689E 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|1&pubId=36557831&chanId=171638111&placementId=6394165109&pubCreative=138449289144&pubOrder=3227604870&cb=1929386801&custom=homepage&custom3=168400391&adsafe_par&impId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-108.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 ce698fda3f892ed6ad58fa176c04a520.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
6023473
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
D3Ht3BsUnYbroQAOJrWyDwiJ4EJkuIdZjGk5JyDDJcmCvGOLwjcdRw==
main.19.8.439.js
static.adsafeprotected.com/ Frame A0FF 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=171638111&placementId=5084295962&pubCreative=138445902045&pubOrder=2553375348&cb=597164435&custom=homepage&custom3=168400391&adsafe_par&impId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-108.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 ce698fda3f892ed6ad58fa176c04a520.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
6023473
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
tByklVIMiKr9ZWDEdyWtLMskzwcQ44xLORSRB9DSPx9JdlH9mWmw3Q==
main.19.8.439.js
static.adsafeprotected.com/ Frame CB46 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5084295962&pubCreative=138445902048&pubOrder=2553375348&cb=576947098&custom=homepage&custom3=168400391&adsafe_par&impId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-108.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 ce698fda3f892ed6ad58fa176c04a520.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
6023473
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
TcvOPaCc7tHhs7lvj3tXgH1dppFMVa3KIjrDltvwxnracijgdTIIzQ==
/
www.google.com/pagead/1p-user-list/820018408/ Frame A3CB 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820018408/?random=1697612046714&cv=11&fst=1697608800000&bg=ffffff&guid=ON&async=1&gtm=45be3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=1&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=100402668&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/820018408/ Frame A3CB 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/820018408/?random=1697612046714&cv=11&fst=1697608800000&bg=ffffff&guid=ON&async=1&gtm=45be3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=1&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=100402668&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.19.8.439.js
static.adsafeprotected.com/ Frame 4EA7 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=36557831&chanId=171638111&placementId=6394165382&pubCreative=138449331125&pubOrder=3227604870&cb=875522713&custom=homepage&custom3=168400391&adsafe_par&impId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-108.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 ce698fda3f892ed6ad58fa176c04a520.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
6023473
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
gPozP6PItNrTAUPOJcqcO3vpRD4fkHqJ9OsMKlssY-oUHYokqBCVPQ==
sca.17.6.2.js
static.adsafeprotected.com/ Frame 669E 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-108.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ce698fda3f892ed6ad58fa176c04a520.cloudfront.net (CloudFront)
date
Thu, 21 Sep 2023 15:36:16 GMT
x-amz-cf-pop
MRS52-P1
age
2357099
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
31PC5DN64-btjG0Ae2Bpkn6GCiXYHNcWEWoEORIhvCu48x7M-GtFwA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=728x90|1&pubId=36557831&chanId=171638111&placementId=6394165109&pubCreative=138449289144&pubOrder=3227604870&cb=1929386801&custom=homepage&custom3=168400391&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:5991d982-4558-bb87-d301-56e47318a459,c:rpjwRl,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6ddfb8fb8-qp6vw,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:462,mot:0,app:0,maw:0,fm:tT1d9wf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p1%7C1q1%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1o*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.qs.bi,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:520,oid:22d9db03-6d83-11ee-a07c-46e96aa95ff4,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.228.74 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-228-74.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
server
nginx
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync
ib.adnxs.com/ Frame 26FF 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
an-x-request-uuid
283d8d22-a31c-4656-8e22-41b6f98d0d59
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
103.107.197.109; 103.107.197.109; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5991d982-4558-bb87-d301-56e47318a459&tv=%7Bc:rpjwS2,pingTime:-2,time:563,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2221,beZ:2223,mfA:2684,cmA:2685,inA:2686,inZ:2690,prA:2691,prZ:2733,si:2742,poA:2743,poZ:2760,cmZ:2760,mfZ:2760,loA:2771,loZ:2774,ltA:2784,ltZ:2784,mdA:2223,mdZ:2660%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:519%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:563,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:519,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B98~0%5D,as:%5B98~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tT1d9wf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p1%7C1q1%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1o*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:521,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1%5D,sinceFw:41,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5991d982-4558-bb87-d301-56e47318a459&tv=%7Bc:rpjwSA,time:597,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:597,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:519,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B132~0%5D,as:%5B132~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tT1d9wf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p1%7C1q1%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1o*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:521%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 324D 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-108.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ce698fda3f892ed6ad58fa176c04a520.cloudfront.net (CloudFront)
date
Thu, 21 Sep 2023 15:36:16 GMT
x-amz-cf-pop
MRS52-P1
age
2357099
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
5trPcrs9UjazWLv3X62nog5dYtmZfDHIKzuWHILl7pWGCqkx85zDOg==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=728x90|2&pubId=36557831&chanId=171638111&placementId=5084295962&pubCreative=138445902045&pubOrder=2553375348&cb=597164435&custom=homepage&custom3=168400391&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:fb436297-f737-8491-bcad-821add915c1d,c:rpjwSU,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6ddfb8fb8-lvf7r,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:436.8460.728.90,am:i,cc:436.8460.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:484,mot:0,app:0,maw:0,fm:tT1d9yb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1q1%7C1r*.10507%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1r*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.qs.bi,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:498,oid:22f06fed-6d83-11ee-95a8-0e8272e9aab2,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.228.74 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-228-74.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
server
nginx
x-server-name
app03.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usermatch
ssum-sec.casalemedia.com/ Frame B2E2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
510c40a15de53391da59f4104b63e595166ccbecafbb14cedede449c8bf5f5e2

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
817ede4ddc338acd-PER
content-encoding
br
content-type
text/html
date
Wed, 18 Oct 2023 06:54:09 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tziIGNhYnuLeRZ6RZKX9Ui0klfaZNKxGjBX1EbenkLX4ZrqppslpFo3bgXwVLc7oMhM4C%2FcY0MXxKGJEUACU6O5YbWx7B3sEJEps3SRKNj8OuoiOI8h8b4jXx%2Bor5gM5kT%2FFlj3kjCIHkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fb436297-f737-8491-bcad-821add915c1d&tv=%7Bc:rpjwTw,pingTime:-2,time:535,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2195,beZ:2196,mfA:2679,cmA:2680,inA:2680,inZ:2682,prA:2682,prZ:2689,si:2693,poA:2693,poZ:2703,cmZ:2703,mfZ:2703,loA:2717,loZ:2719,ltA:2730,ltZ:2730,mdA:2197,mdZ:2668%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:497%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:535,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:497,wc:0.0.1600.1200,ac:436.8460.728.90,am:i,cc:436.8460.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tT1d9yb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1q1%7C1r*.10507%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1r*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:498,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-728x90-2%5D,sinceFw:36,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
adsct
t.co/i/ Frame 85DD 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=305000b0-cffe-4322-8b44-1121f85904d6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0d5ae682-9347-4b75-9b0a-aadba1c4fcb0&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_k /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
161
date
Wed, 18 Oct 2023 06:54:11 GMT
strict-transport-security
max-age=0
server
tsa_k
content-type
image/gif;charset=utf-8
x-transaction-id
726b52142df144f3
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
cd02bb49f55698ee06d9db121e69aaa601c508b368311146ec52fb80c8c3e9ef
content-length
43
adsct
analytics.twitter.com/i/ Frame 85DD 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=305000b0-cffe-4322-8b44-1121f85904d6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0d5ae682-9347-4b75-9b0a-aadba1c4fcb0&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_k /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
164
date
Wed, 18 Oct 2023 06:54:10 GMT
strict-transport-security
max-age=631138519
server
tsa_k
content-type
image/gif;charset=utf-8
x-transaction-id
e05524876633d6da
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
36c90551f6c870da0ce04a9759ac8bbf9223cd8e55a66f42e96fbe3dad4ef315
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 0382 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-108.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ce698fda3f892ed6ad58fa176c04a520.cloudfront.net (CloudFront)
date
Thu, 21 Sep 2023 15:36:16 GMT
x-amz-cf-pop
MRS52-P1
age
2357099
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
F3OXYVmsC6tC9JzRv7BWnO9XHlX8MBMTHFxcZTaIpvaIxdRr4apL5Q==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5084295962&pubCreative=138445902048&pubOrder=2553375348&cb=576947098&custom=homepage&custom3=168400391&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:43cf42ef-2149-a12e-bea9-a68cf44b0bf7,c:rpjwUr,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6ddfb8fb8-pdsg8,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:808.14071.300.250,am:i,cc:808.14071.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:564,mot:0,app:0,maw:0,fm:tT1d9yj+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1q*.10507%7C1q1%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1q*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:584,oid:22f0702d-6d83-11ee-9753-5ecf31578bb2,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.228.74 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-228-74.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
server
nginx
x-server-name
app05.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=43cf42ef-2149-a12e-bea9-a68cf44b0bf7&tv=%7Bc:rpjwUQ,pingTime:-2,time:609,type:a,im:%7BpBlk:595,sf:0,pom:1,prf:%7BbeA:2264,beZ:2265,mfA:2828,cmA:2828,inA:2828,inZ:2830,prA:2830,prZ:2844,si:2848,poA:2849,bl:2859,poZ:2859,cmZ:2859,mfZ:2859,loA:2867,loZ:2868,ltA:2872,ltZ:2872,mdA:2266,mdZ:2816%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:584%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:609,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:584,wc:0.0.1600.1200,ac:808.14071.300.250,am:i,cc:808.14071.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tT1d9yj+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1q*.10507%7C1q1%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1q*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:585,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_2,google_ads_iframe_/5129/ndm.hwt/home_2__container__,ad-block-300x250-2%5D,sinceFw:23,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame FFE3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssF4VQwBKprKajeWoyEFAIivtl-qqtJcBDVTustWzDxl3_vRUC-8wuyPXdQmA3-G2G6YxqLBlcRf-geIBYqWle6XcwhabHpZHustXqVIpwf_XdC4Rr9VTkV03JTGL29kpF7K6eWbdDKglKZCpF8VoFKQfVq0doxGSCB4N-UsTySJYd2GPhif1aW_VFaMNP4twJmAx_pKJ3ek44u5cGEsn20t4dmiUbQ4Uulsug9NNZe-8SoF9EPpEeH1RAErirXXDLBFsGcB8jjkQMTFZBWEbYQLcFXLP86K6AFN9D54rHbTyogF0dpaVlATiPQ3MMTTj_aBYLij__8qhmBqeusYD8Otvx99h1hYYTsT1_V&sai=AMfl-YRiagLhBm5S0C30MIPsNVzEsf_JbTEIkcKPddm6yoX4zK0aUA5gdM5q9F46yXFrsjP1Ao03RNwtWZyRIUSMEAuwVrcWjNnfTAXkvpyUiNp45kf0XomUgEtWDKF6Rdg&sig=Cg0ArKJSzEDJcVFVqu2wEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 18 Oct 2023 06:54:10 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fb436297-f737-8491-bcad-821add915c1d&tv=%7Bc:rpjwVr,time:654,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:654,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:497,wc:0.0.1600.1200,ac:436.8460.728.90,am:i,cc:436.8460.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B169~0%5D,as:%5B169~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tT1d9yb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1q.10507%7C1q1%7C1r*.10507%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1r*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:498,sis:632%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dcm
s.amazon-adsystem.com/ Frame B2E2
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 06:54:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A0ZPSTFQ0YNCC7QN0ZKN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 06:54:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5YKWR633FWZB6MCGEZ1C
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B2E2 		70 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:09 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame B2E2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENzpGLi71q64K9NUUYZpJyY&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENzpGLi71q64K9NUUYZpJyY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ow8%2BaKfjl4IFFNU0qRK8IGM7ZPGsspHO%2FEHnQ7yPYum23L9zZxmG2643CO6mQrw4ZnWGGn%2BVY4FZ69QcXTgVxc2YVIzP7%2BLHmY2prM09xT6Xp1f2yRKDxyBbXFhx7cqhzQB2QFBhpFBoA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede4f9f8d8acd-PER
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENzpGLi71q64K9NUUYZpJyY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B2E2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7579792736111074373
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7579792736111074373
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1aN%2BvMJ1aeC6p0BuIN6pfkHJjApmjrzmTVqFbE6jTEYRvbPaig7S276eKJ6%2B%2FZ1jlpcSiMu3bGDSAc4B%2BUK69aC3u420Th8pDgfAq6hxmCUbXX3UGofOoGOWmawiYbMSy7G7%2FHFSEBueg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede4f7f448acd-PER
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
an-x-request-uuid
f1014110-a283-48df-8835-cd0652c6b532
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7579792736111074373
x-proxy-origin
103.107.197.109; 103.107.197.109; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B2E2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
18.142.123.88 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-123-88.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB
date
Wed, 18 Oct 2023 06:54:09 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/ Frame B2E2 		43 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.16.136 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-46-16-136.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 06:54:13 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1697612053024084-57
Expires
Wed, 18 Oct 2023 06:54:13 GMT
crum
dsum.casalemedia.com/ Frame B2E2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7579792736111074373
43 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7579792736111074373
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfJ97374Mf8rs%2BbEBCmCVRQRV5luTxUDlc1bhkKf5PaSJ4DTAZCDBARroA9Tv5LwnPGDOC2VAwCxEcsNCogSlxr1r0CWMdThOHYdcMTQDAvN96tNqacP4cHUaARpmXO2Tx4%2BH8gS"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede4f6df13e63-ADL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
an-x-request-uuid
5919c20e-901f-4a20-ad97-80626ad422a0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7579792736111074373
x-proxy-origin
103.107.197.109; 103.107.197.109; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B2E2
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dgaC83gCgaZtAdX3dQad8CYF0aVtUdSkI1XjXK-X
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dgaC83gCgaZtAdX3dQad8CYF0aVtUdSkI1XjXK-X
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x77dioe%2FDlGt2j1%2BIuB2lIXFVw3q8ExVIXZlErk4F%2BoMbXcpRglq7wDl%2BKjja7zXsV3tSdb8WK3bfCjm4YmZ6r3wOngy2eCwBXPmgETAUCbwkHPrWtmbHShPsEGhqakgWJ9ZaAhe5bS%2F4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede586ef88acd-PER
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:11 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dgaC83gCgaZtAdX3dQad8CYF0aVtUdSkI1XjXK-X
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame B2E2 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZS.BEAuIWESwlN3o5bsHWgAA%264721
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:09 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
76309
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
817ede4ecc9855f2-ADL
content-length
43
expires
Thu, 19 Oct 2023 06:54:09 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame EAEB 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-108.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ce698fda3f892ed6ad58fa176c04a520.cloudfront.net (CloudFront)
date
Thu, 21 Sep 2023 15:36:16 GMT
x-amz-cf-pop
MRS52-P1
age
2357099
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
aDIclJTvmRihDRt5AY3Ic9EPlNW8YoEdxGib8NznPx1Dg4FV6fhaHQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|1&pubId=36557831&chanId=171638111&placementId=6394165382&pubCreative=138449331125&pubOrder=3227604870&cb=875522713&custom=homepage&custom3=168400391&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:92bad93a-5e25-2208-ab42-3cf96e74b5e5,c:rpjwW3,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6ddfb8fb8-5pm9p,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:646,mot:0,app:0,maw:0,fm:tT1d9yI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1q2%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1p*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.qs.bi,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:660,oid:22f0702e-6d83-11ee-87fd-b6bcdfcfbb52,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.228.74 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-228-74.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:09 GMT
server
nginx
x-server-name
app04.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame EDB3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRY6fRuTzwf7XyJ3CBxa5lPwo3w4I020ulNV9lcbjWzirRBVYbk_vWa5q8nBznBbzHJfKovmiIN_xIx_d7AoSShWOdgDcRXpth3J4tO8og6QVuHM2FzS_YlXoK1-fzO_J5Qj-YZ_sDs9ZRwxpvL9ryNhAGC8wPm1NpQFSlcZJWS10VYTJhFlBRVVFywVkK02UzGA8fdJHHgAblZChe7uhZI0xtII5beX8T81SygJ4on59v5x1aMxjb5WCAFF2iXsunkaU-tTJD2rAikD4RnfKYARQt1R5PZWowWWDTs9HX148ED3ht8_GB5d_F8odWfMXWoazf4x20B9j_SDHEex9fpd_vGPRqrW4CPp2L&sai=AMfl-YT7x28wEWbIq4LNT7AWtpQWVFn6yLJkSzSQ36gKQCtXES8VrVuIPKxfqvBLrbtjXROxzTqisxv46gQOx-p8eS6xfdr8VOTwZVkFeJ6xOPeJ51J5t-GIRSruZRbuJow&sig=Cg0ArKJSzGn6tz1K_hG_EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 18 Oct 2023 06:54:10 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=92bad93a-5e25-2208-ab42-3cf96e74b5e5&tv=%7Bc:rpjwX0,pingTime:-2,time:718,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2197,beZ:2198,mfA:2843,cmA:2844,inA:2844,inZ:2845,prA:2845,prZ:2852,si:2857,poA:2857,poZ:2867,cmZ:2867,mfZ:2867,loA:2903,loZ:2905,ltA:2915,ltZ:2915,mdA:2198,mdZ:2797%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:659%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:719,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:659,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B72~0%5D,as:%5B72~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tT1d9yI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1q2%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1p*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:660,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1%5D,sinceFw:58,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=43cf42ef-2149-a12e-bea9-a68cf44b0bf7&tv=%7Bc:rpjwX4,time:747,type:e,im:%7BpWait:11%7D,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:747,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:584,wc:0.0.1600.1200,ac:808.14071.300.250,am:i,cc:808.14071.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B182~0%5D,as:%5B182~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tT1d9yj+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q*.10507%7C1q1%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1q*,rmeas:1,rend:1,renddet:IMG.qs,siq:585,sis:736%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame 48AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3JuSkGTdmGd0wmmnbm6yGCjBE7PUNUl0fBORbm2KY6zKNwiQtVFydifop9N2xnnYGGbRw4NxCdhNCawxjUa9EaKhGmDqCeMHlaV5i8esME4UnkwxOlSsFM87FC-vn6jD0MbfKDtU-bwo4P_gtnQ5qQkK5cDN6s1xDRQ1AN_4XWT0Qfib0uyFNpG-3HGHx0SQXaZDCdQnLErNICtgiH8m4wdDj9ca_60S0jD8m-a_cQHKbtxsisPpfi-mDQ3wbX5bxy1A0r9HK8MtUkLYstNtW1eXwbrq6lOvyDG7kLfbRkNvMxgHK440ZKkWS_2n1eg2fIjCK9drLAYAOzk-SKMLZZSppyoSuLYuoc6FZ&sai=AMfl-YSzxPpB-j34L4pngz5vZ_9Nwxln0GRuguvBsDq6-KtBEOC3PQ6A_FrkFsrUVL7OJRKuMuehWu7u2bzMwNQRe2wmfjCseuTPEkA2ETINi0KCvITbzJRFdwdvLaqUofo&sig=Cg0ArKJSzDrzd8r00GKjEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 18 Oct 2023 06:54:10 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=92bad93a-5e25-2208-ab42-3cf96e74b5e5&tv=%7Bc:rpjwXU,time:774,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:774,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:659,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B127~0%5D,as:%5B127~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tT1d9yI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1q2%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1p*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:660%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame F870 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLwxCaCOrU95X0UJFfiIKTD-ZRKIboV1ywpJoT1Opy84PgB4pVpdpy8nEv4socu_CQCInqAC00H1KFIACazDgjJqkv1EpEFpL_0xDeBbL8TxHnTh88VWLumR9UyfMJ5vX7VJNvUeaYZG6izRd72Ve4rdZOCk6ORrM9ef9N5RnNqLccCAsXTIfMiRBDNq1_3WiGLCd0PEmEunnRcyqAydRyr72JXw-jRkOkFPfF2PMlVQYAfRnjQjlhZj6gEwJ1GZHl9dkb1Hq3YGp78isA779tsfupQTrhZTEY8S3-Amx-M8D-wpxwastXPjuCaFvxIowWgZbi8bd1lL4-uXc-2WEyBTgp-Lr7ztsNXiqM&sai=AMfl-YRQ_44k4l7KsYfE2NCUIlpaJFAiiZYNzf2zUiGO4e6yvL7rp2Jo8E6_sz8fYsU11hig-3eKg7f6dgD_WtmPQB1xHv5FxalKzaB56sMqfG6tGe0Pm-TrF1S3dvb4JZY&sig=Cg0ArKJSzJEXeSKfde3KEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 18 Oct 2023 06:54:10 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5991d982-4558-bb87-d301-56e47318a459&tv=%7Bc:rpjx01,time:1058,type:e,im:%7Bpci:%7Btdr:514%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1058,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:519,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B593~0%5D,as:%5B593~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tT1d9wf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:521,sis:662%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame F6B7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7579792736111074373&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7579792736111074373&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:54:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
0ee8ab6d-d6f3-4777-9f2c-db8779180900
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 06:54:10 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7579792736111074373&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
103.107.197.109; 103.107.197.109; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2
b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/ Frame 67AE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://b1sync.zemanta.com/usersync/pubmatic/?gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s=2
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s...
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
19 B
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.95 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Content-Length
19
Content-Type
text/plain; charset=utf-8
Date
Wed, 18 Oct 2023 06:54:13 GMT
X-Content-Type-Options
nosniff

Redirect headers

Content-Length
216
Content-Type
text/html; charset=utf-8
Date
Wed, 18 Oct 2023 06:54:13 GMT
Location
/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
sync
x.bidswitch.net/ Frame 660C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6eaf9315-25d4-47fb-bafe-3b5a62526990&ssp=pubmatic
43 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6eaf9315-25d4-47fb-bafe-3b5a62526990&ssp=pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 18 Oct 2023 06:54:14 GMT
Server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 18 Oct 2023 06:54:13 GMT
location
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6eaf9315-25d4-47fb-bafe-3b5a62526990&ssp=pubmatic
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame AC91
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KnAq2SR0KYwxd33dLXI123omeooxJC2KL3yKsDua
42 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KnAq2SR0KYwxd33dLXI123omeooxJC2KL3yKsDua
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:54:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 18 Oct 2023 06:54:11 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KnAq2SR0KYwxd33dLXI123omeooxJC2KL3yKsDua
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 27B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KaFvlHuhRnSdMR_xziNYVQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
23.72.44.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:10 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=132218
accept-ranges
bytes
content-length
5606
expires
Thu, 19 Oct 2023 19:37:48 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 27B4
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=29A16F94-7BA1-4674-9D31-1FF1CE235855
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a771e335-d7a0-4f1b-842f-11c04a4508cb%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&ttd_puid=a771e335-d7a0-4f1b-842f-11c04a4508cb%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&ttd_puid=a771e335-d7a0-4f1b-842f-11c04a4508cb%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:10 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&ttd_puid=a771e335-d7a0-4f1b-842f-11c04a4508cb%2C%2C
date
Wed, 18 Oct 2023 06:54:10 GMT
server
Kestrel
content-length
359
qmap
sync.crwdcntrl.net/ Frame 27B4
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=29A16F94-7BA1-4674-9D31-1FF1CE235855&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=29A16F94-7BA1-4674-9D31-1FF1CE235855&gdpr=0&gdpr_consent=&ct=y
49 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=29A16F94-7BA1-4674-9D31-1FF1CE235855&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
18.139.47.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-47-19.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:11 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.27.236
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:11 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=29A16F94-7BA1-4674-9D31-1FF1CE235855&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.0.72
content-length
0
expires
0
info2
uipapac.semasio.net/pubmatic/1/ Frame 27B4
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=29A16F94-7BA1-4674-9D31-1FF1CE235855&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipapac.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=29A16F94-7BA1-4674-9D31-1FF1CE235855&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipapac.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=29A16F94-7BA1-4674-9D31-1FF1CE235855&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipapac.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=29A16F94-7BA1-4674-9D31-1FF1CE235855&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
HTTP/1.1
Server
119.9.108.211 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:08 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=29A16F94-7BA1-4674-9D31-1FF1CE235855&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 27B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjlBMTZGOTQtN0JBMS00Njc0LTlEMzEtMUZGMUNFMjM1ODU1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:54:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 27B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECvElwaEuYw7UFBXpqnJJn8&google_cver=1
42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECvElwaEuYw7UFBXpqnJJn8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:17:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECvElwaEuYw7UFBXpqnJJn8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 27B4
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A706B7BB85134B78A38704BB7CB94A9A
42 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A706B7BB85134B78A38704BB7CB94A9A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:54:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 18 Oct 2023 06:54:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A706B7BB85134B78A38704BB7CB94A9A
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 17 Oct 2023 06:54:14 GMT
29A16F94-7BA1-4674-9D31-1FF1CE235855
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 27B4 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/29A16F94-7BA1-4674-9D31-1FF1CE235855?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.123.88 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-123-88.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 27B4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&gdpr=0&gdpr_consent=
42 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:19:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a657c6f9-40dc-4ecb-99eb-6598605aa7e4&gdpr=0&gdpr_consent=
date
Wed, 18 Oct 2023 06:54:10 GMT
server
Kestrel
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame 27B4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=29A16F94-7BA1-4674-9D31-1FF1CE235855&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ID5z7BpE2uXpXd5Y4b6n2LZhfVhwEek-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ID5z7BpE2uXpXd5Y4b6n2LZhfVhwEek-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ID5z7BpE2uXpXd5Y4b6n2LZhfVhwEek-~A&gdpr=0
date
Wed, 18 Oct 2023 06:54:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5991d982-4558-bb87-d301-56e47318a459&tv=%7Bc:rpjx1d,pingTime:-10,time:1132,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My43MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1697612050022%7C%7C7503c1850e497b722483e6fb68f05bd8%7C%7Cf85ea0352d5e0551a31a58bbfec67123%7C%7Ca9e932f6a78eef1d8d22cd3f1cf9f274%7C%7C85ed31facc662b7227f20a384f301985%7C%7C323ee10100f9381a2410f6cad0da26da%7C%7C67999e9b3bc9f9ce64777742480a7eff%7C%7C1fd5ca4c69d22c4248453ee5a20de32b%7C%7C1663701684%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fb436297-f737-8491-bcad-821add915c1d&tv=%7Bc:rpjx2i,time:1079,type:e,im:%7Bpci:%7Btdr:547%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1080,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:497,wc:0.0.1600.1200,ac:436.8460.728.90,am:i,cc:436.8460.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B595~0%5D,as:%5B595~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tT1d9yb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r*.10507%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1r*,rmeas:1,rend:1,renddet:IMG.qs,siq:498,sis:632%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=92bad93a-5e25-2208-ab42-3cf96e74b5e5&tv=%7Bc:rpjx4F,time:1193,type:e,im:%7Bpci:%7Btdr:508%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1193,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:659,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B549~0%5D,as:%5B549~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tT1d9yI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1q2%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:660,sis:785%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fb436297-f737-8491-bcad-821add915c1d&tv=%7Bc:rpjx5h,pingTime:-10,time:1264,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My43MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1697612050022%7C%7C7503c1850e497b722483e6fb68f05bd8%7C%7Cf85ea0352d5e0551a31a58bbfec67123%7C%7Ca9e932f6a78eef1d8d22cd3f1cf9f274%7C%7C85ed31facc662b7227f20a384f301985%7C%7C323ee10100f9381a2410f6cad0da26da%7C%7C67999e9b3bc9f9ce64777742480a7eff%7C%7C1fd5ca4c69d22c4248453ee5a20de32b%7C%7C1663701684,sca:%7Bspg:5991d982-4558-bb87-d301-56e47318a459%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=92bad93a-5e25-2208-ab42-3cf96e74b5e5&tv=%7Bc:rpjx5B,pingTime:-10,time:1251,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My43MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1697612050022%7C%7C7503c1850e497b722483e6fb68f05bd8%7C%7Cf85ea0352d5e0551a31a58bbfec67123%7C%7Ca9e932f6a78eef1d8d22cd3f1cf9f274%7C%7C85ed31facc662b7227f20a384f301985%7C%7C323ee10100f9381a2410f6cad0da26da%7C%7C67999e9b3bc9f9ce64777742480a7eff%7C%7C1fd5ca4c69d22c4248453ee5a20de32b%7C%7C1663701684,sca:%7Bspg:5991d982-4558-bb87-d301-56e47318a459%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5991d982-4558-bb87-d301-56e47318a459&tv=%7Bc:rpjx9Q,pingTime:0,time:1667,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:519%7D,%7Bpiv:100,vs:i,r:,t:1666%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:1666,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:519,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1202~0,0~100%5D,as:%5B1202~728.90%5D%7D%7D,%7Bsl:i,t:1666,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1202~0,0~100%5D,as:%5B1202~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:0,fm:tT1d9wf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:521,sis:662%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 48AD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvapEb6EDuvpCirLx_7Mp5amMLYF89LsRl9PyjuOFBdp1bo8UPnErVoKct1dg54pvDzexfFXPvEhW0FxAJxbG85fxYfSR2kSAqgPXyIzRabRbhT9gWrWWrIB0ejMQYM&sig=Cg0ArKJSzK5UqScEdWz6EAE&id=lidar2&mcvt=1004&p=354,1118,604,1418&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231016&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1263259910&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697612046003&rpt=3808&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=92bad93a-5e25-2208-ab42-3cf96e74b5e5&tv=%7Bc:rpjxeD,pingTime:0,time:1811,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:659%7D,%7Bpiv:100,vs:i,r:,t:1811%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1811,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:659,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1164~0,1~100%5D,as:%5B1165~300.250%5D%7D%7D,%7Bsl:i,t:1811,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1164~0,1~100%5D,as:%5B1165~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:0,fm:tT1d9yI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1q2%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:660,sis:785%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame F870 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhjfIyrHT8EGPNWXh60kRgPlVxS8PjOhbnLtt_l95FQd1tYhWJfv6mTNyyKB6ni0kzS-Xmi8A0AwEUGm1KAM_dlGtfECkpqPPVGmFvHNsY8RUv3GXCcq5x2tWZNBFk&sig=Cg0ArKJSzEay0yjmLxZGEAE&id=lidar2&mcvt=1005&p=27,436,117,1164&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231016&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1798527053&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697612045986&rpt=3850&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=43cf42ef-2149-a12e-bea9-a68cf44b0bf7&tv=%7Bc:rpjxgh,pingTime:-10,time:1938,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My43MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1697612050022%7C%7C7503c1850e497b722483e6fb68f05bd8%7C%7Cf85ea0352d5e0551a31a58bbfec67123%7C%7Ca9e932f6a78eef1d8d22cd3f1cf9f274%7C%7C85ed31facc662b7227f20a384f301985%7C%7C323ee10100f9381a2410f6cad0da26da%7C%7C67999e9b3bc9f9ce64777742480a7eff%7C%7C1fd5ca4c69d22c4248453ee5a20de32b%7C%7C1663701684,sca:%7Bspg:5991d982-4558-bb87-d301-56e47318a459%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:11 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame 27B4 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=9113416&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
5404b135846cca642a2a7f264ce11cb52481707da0c6ec4c05b7c3a2ea4af0e1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 18 Oct 2023 06:54:11 GMT
content-length
1750
content-type
text/html; charset=UTF-8
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5991d982-4558-bb87-d301-56e47318a459&tv=%7Bc:rpjxq9,pingTime:1,time:2678,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:519%7D,%7Bpiv:100,vs:i,r:,t:1666%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1012,o:1666,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:519,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1202~0,1~100%5D,as:%5B1203~728.90%5D%7D%7D,%7Bsl:i,t:1666,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1010~100%5D,as:%5B1010~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:863,fm:tT1d9wf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:521,sis:662%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:11 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5991d982-4558-bb87-d301-56e47318a459&tv=%7Bc:rpjxqa,pingTime:1,time:2679,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:519%7D,%7Bpiv:100,vs:i,r:,t:1666%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1013,o:1666,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:519,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1202~0,1~100%5D,as:%5B1203~728.90%5D%7D%7D,%7Bsl:i,t:1666,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1011~100%5D,as:%5B1011~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:863,fm:tT1d9wf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:521,sis:662%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:11 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5991d982-4558-bb87-d301-56e47318a459&tv=%7Bc:rpjxqa,pingTime:1,time:2679,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:519%7D,%7Bpiv:100,vs:i,r:,t:1666%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1013,o:1666,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:519,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1202~0,1~100%5D,as:%5B1203~728.90%5D%7D%7D,%7Bsl:i,t:1666,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1011~100%5D,as:%5B1011~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:863,fm:tT1d9wf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:521,sis:662,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:11 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5991d982-4558-bb87-d301-56e47318a459&tv=%7Bc:rpjxqb,pingTime:1,time:2680,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:519%7D,%7Bpiv:100,vs:i,r:,t:1666%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1014,o:1666,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:519,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1202~0,1~100%5D,as:%5B1203~728.90%5D%7D%7D,%7Bsl:i,t:1666,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1012~100%5D,as:%5B1012~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:863,fm:tT1d9wf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:521,sis:662,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:11 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
match
c1.adform.net/serving/cookie/ Frame CE3A 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=29A16F94-7BA1-4674-9D31-1FF1CE235855&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 18 Oct 2023 06:54:11 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 36CE 		85 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 18 Oct 2023 06:54:11 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bne12522-BNE
x-timer
S1697612052.654745,VS0,VE231
Pug
simage2.pubmatic.com/AdServer/ Frame 78CC
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11zwqob89l9i
1 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11zwqob89l9i
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 06:54:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Wed, 18 Oct 2023 06:54:17 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11zwqob89l9i
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame CCF4
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:54:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 06:54:10 GMT
expires
Wed, 18 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1485440
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2E92
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xooSPU13Xal4Is_vCu4-mWdrxW0&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xooSPU13Xal4Is_vCu4-mWdrxW0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:54:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 18 Oct 2023 06:54:15 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xooSPU13Xal4Is_vCu4-mWdrxW0&gdpr=0&gdpr_consent=
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame AD1D 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame BF4E
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc86d172bdf4646a98a5ff519c05e746a
42 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc86d172bdf4646a98a5ff519c05e746a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:18:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 06:54:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc86d172bdf4646a98a5ff519c05e746a
pragma
no-cache
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 93E5
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6N14dBUjDG2t1_6PFoEvZQ
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6N14dBUjDG2t1_6PFoEvZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:54:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 06:54:14 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6N14dBUjDG2t1_6PFoEvZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
458249.gif
idsync.rlcdn.com/ Frame 27B4
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=29A16F94-7BA1-4674-9D31-1FF1CE235855
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDI5QTE2Rjk0LTdCQTEtNDY3NC05RDMxLTFGRjFDRTIzNTg1NRAAGg0Il4K-qQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=b705c2dd5a33685f8e20376b49c430c87a60513ff344d5585c2ab0d100424a7c791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiNzA1YzJkZDVhMzM2ODVmOGUyMDM3NmI0OWM0MzBjODdhNjA1MTNmZjM0NGQ1NTg1YzJhYjBkMTAwNDI0YTdjNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiNzA1YzJkZDVhMzM2ODVmOGUyMDM3NmI0OWM0MzBjODdhNjA1MTNmZjM0NGQ1NTg1YzJhYjBkMTAwNDI0YTdjNzkxNDI2YjU0MTdkY2UyMRAAGgwIl4K-qQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=4685b813-7e92-4ed1-adc4-cd046ecebde6
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=4685b813-7e92-4ed1-adc4-cd046ecebde6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:16 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 18 Oct 2023 06:54:16 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=4685b813-7e92-4ed1-adc4-cd046ecebde6
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
Pug
simage2.pubmatic.com/AdServer/ Frame 27B4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4904814000705241649
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4904814000705241649
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:18:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4904814000705241649
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 27B4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8848152157402147362&gdpr=0&gdpr_consent=&us_privacy=
1 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8848152157402147362&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 06:54:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8848152157402147362&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 18 Oct 2023 06:54:10 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 27B4
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=29A16F94-7BA1-4674-9D31-1FF1CE235855&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=155cffc2c6c01fc8&is_secure=true&networkId=17100&version=1&nuid=29A16F94-7BA1-4674-9D31-1FF1CE235855&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL7ZVOylJK2wNQV8YsAAAAAAA&expiration=1697698455&nuid=29A16F94-7BA1-4674-9D31-1FF1CE235855&...
42 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL7ZVOylJK2wNQV8YsAAAAAAA&expiration=1697698455&nuid=29A16F94-7BA1-4674-9D31-1FF1CE235855&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:54:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:15 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL7ZVOylJK2wNQV8YsAAAAAAA&expiration=1697698455&nuid=29A16F94-7BA1-4674-9D31-1FF1CE235855&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=43cf42ef-2149-a12e-bea9-a68cf44b0bf7&tv=%7Bc:rpjxu6,time:2795,type:e,im:%7BpLoad:2768%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2795,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:584,wc:0.0.1600.1200,ac:808.14071.300.250,am:i,cc:808.14071.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2230~0%5D,as:%5B2230~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:283,fm:tT1d9yj+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q*.10507%7C1q1%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1q*,rmeas:1,rend:1,renddet:IMG.qs,siq:585,sis:736%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:11 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=92bad93a-5e25-2208-ab42-3cf96e74b5e5&tv=%7Bc:rpjxuQ,pingTime:1,time:2816,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:659%7D,%7Bpiv:100,vs:i,r:,t:1811%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1005,o:1811,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:659,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1164~0,1~100%5D,as:%5B1165~300.250%5D%7D%7D,%7Bsl:i,t:1811,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~100%5D,as:%5B1004~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:284,fm:tT1d9yI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1q2%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:660,sis:785%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:12 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=92bad93a-5e25-2208-ab42-3cf96e74b5e5&tv=%7Bc:rpjxuR,pingTime:1,time:2817,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:659%7D,%7Bpiv:100,vs:i,r:,t:1811%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1006,o:1811,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:659,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1164~0,1~100%5D,as:%5B1165~300.250%5D%7D%7D,%7Bsl:i,t:1811,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:284,fm:tT1d9yI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1q2%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:660,sis:785%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:12 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=92bad93a-5e25-2208-ab42-3cf96e74b5e5&tv=%7Bc:rpjxuR,pingTime:1,time:2817,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:659%7D,%7Bpiv:100,vs:i,r:,t:1811%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1006,o:1811,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:659,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1164~0,1~100%5D,as:%5B1165~300.250%5D%7D%7D,%7Bsl:i,t:1811,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:284,fm:tT1d9yI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1q2%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:660,sis:785,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:12 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=92bad93a-5e25-2208-ab42-3cf96e74b5e5&tv=%7Bc:rpjxuS,pingTime:1,time:2818,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:659%7D,%7Bpiv:100,vs:i,r:,t:1811%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1007,o:1811,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:659,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1164~0,1~100%5D,as:%5B1165~300.250%5D%7D%7D,%7Bsl:i,t:1811,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:284,fm:tT1d9yI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1q2%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:660,sis:785,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:12 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame 27B4 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
debug
hk-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=14%3A54%3A13.260&type=info&msg=FPO%20completed%20running&llvl=2&id=7043&cv=20231017-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82815
SPug
simage4.pubmatic.com/AdServer/ Frame 27B4 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5991d982-4558-bb87-d301-56e47318a459&tv=%7Bc:rpjysI,pingTime:5,time:6681,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:519%7D,%7Bpiv:100,vs:i,r:,t:1666%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5015,o:1666,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:519,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1202~0,1~100%5D,as:%5B1203~728.90%5D%7D%7D,%7Bsl:i,t:1666,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5013~100%5D,as:%5B5013~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:287,fm:tT1d9wf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:521,sis:662%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:15 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5991d982-4558-bb87-d301-56e47318a459&tv=%7Bc:rpjysI,pingTime:5,time:6681,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:519%7D,%7Bpiv:100,vs:i,r:,t:1666%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5016,o:1666,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:519,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1202~0,1~100%5D,as:%5B1203~728.90%5D%7D%7D,%7Bsl:i,t:1666,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5014~100%5D,as:%5B5014~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:287,fm:tT1d9wf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:521,sis:662%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:15 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=92bad93a-5e25-2208-ab42-3cf96e74b5e5&tv=%7Bc:rpjyxo,pingTime:5,time:6818,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:659%7D,%7Bpiv:100,vs:i,r:,t:1811%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5007,o:1811,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:659,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1164~0,1~100%5D,as:%5B1165~300.250%5D%7D%7D,%7Bsl:i,t:1811,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5007~100%5D,as:%5B5007~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:288,fm:tT1d9yI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1q2%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:660,sis:785%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:16 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=92bad93a-5e25-2208-ab42-3cf96e74b5e5&tv=%7Bc:rpjyxp,pingTime:5,time:6819,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:659%7D,%7Bpiv:100,vs:i,r:,t:1811%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5008,o:1811,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:659,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1164~0,1~100%5D,as:%5B1165~300.250%5D%7D%7D,%7Bsl:i,t:1811,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5007~100%5D,as:%5B5007~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:288,fm:tT1d9yI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1q2%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:660,sis:785%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:16 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=Bsfu7NCNd2tnBhEDf0&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=15646&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2F&b=8683&t=D-aVoCok7OEBre-dhYJDi-Ciy2Sj&V=141&tz=-480&_acct=anon&sn=2&sv=o4pYQBgJeNpBrZH14zJHbfCbHn6&sd=1&im=067b0ff2&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.220.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-220-158.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 18 Oct 2023 06:54:17 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
iu3
s.amazon-adsystem.com/ Frame 8845 		283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
283
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 18 Oct 2023 06:54:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
G27GZN0AZRMM0R57ATMD
pr
s.amazon-adsystem.com/v3/ Frame D909 		951 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
6c488ada7eafe04f3bf9de7438350345b362fc73783dd2002e7a94760af5b010
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
951
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 18 Oct 2023 06:54:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
384GSAYSB17VCSCR5GED
v2
id5-sync.com/gm/ 		631 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
751968bdba9d4d005c2766078f1d70fe3930717d50deb82a1aff4964184f6e0e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Wed, 18 Oct 2023 06:54:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usermatch
ssum-sec.casalemedia.com/ Frame D3E5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b61951c6cbd0612d92091155e452b445bca56f3d836ec5360030214179a11a23

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
817ede938bc28acd-PER
content-encoding
br
content-type
text/html
date
Wed, 18 Oct 2023 06:54:20 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Tb6tbNqmE11PKGj7Am832fHdb59WS%2FebuXaY86cmCM4dy7RTYWsGxecufsXkQKSzgfJrm%2BLHhFUrd35398AqThxBVUBEp%2BMdm4bQeiTfsCVDtldJKEDZSbQ8xvdcvwZHjuT%2BHo16tJ4kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C351 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.154.61 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-154-61.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 18 Oct 2023 06:54:20 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 167A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132208
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 18 Oct 2023 06:54:20 GMT
expires
Thu, 19 Oct 2023 19:37:48 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 167A 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=37815503&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
49dbe12d3b70d4de09187ba1e3950ed11dc0c15340129776d32a60627818b131

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 18 Oct 2023 06:54:20 GMT
content-length
1206
content-type
text/html; charset=UTF-8
ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D3E5 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.123.88 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-123-88.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame D3E5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADd6U7KXwIAABkS_cz04g&expiration=1698821660
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADd6U7KXwIAABkS_cz04g&expiration=1698821660
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C85rcz7bTJPlV6se2PbBdCshQKk5aSxKCRCxYs9x4gZ02bnUXxxFd2zbajO2arR3wttv5zRaBccxeVEOHV7Rf2uXqxVnDbKk%2BcIFfHRWUN7Fi15IGvugz4IKah8oU9JN9ORLORT9q7adPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede958f718acd-PER
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADd6U7KXwIAABkS_cz04g&expiration=1698821660
Date
Wed, 18 Oct 2023 06:54:20 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame D3E5
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1713423261&external_user_id=157365b0-d15d-40fd-b761-2f47f1bf7d6a
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1713423261&external_user_id=157365b0-d15d-40fd-b761-2f47f1bf7d6a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8m4fNdl3sg9COM9kgWKJMMp6g8NVPSxbqQ7FJDgROWWRtbP3Hi%2FjI%2F1bPIcKQRLA12VGgtt2wNCPBvEWiCeACbBpFdV6ySLl24zpEnDeh6AJWkeFKm6hfIvTBD8EET%2BM14kFV8z9b019Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede978aa58acd-PER
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 18 Oct 2023 06:54:21 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1713423261&external_user_id=157365b0-d15d-40fd-b761-2f47f1bf7d6a
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame D3E5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZS_BDAAAAEfDmQN9
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZS_BDAAAAEfDmQN9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSML65fng93gIOxHX60REeRAzuOnC30FPn4avfHJIOp6IhMQeptkfqrJOwGrEFgn4PWlFqBtbBXn5KFJFeTE1Qpw1SeiW8CHTgK9FZIAx%2BW6FeyNaVmarHfosark%2F3k7hCWaxO2duwQeSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede951e838acd-PER
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-bne12522-BNE
pragma
no-cache
date
Wed, 18 Oct 2023 06:54:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1697612061.894355,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZS_BDAAAAEfDmQN9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame D3E5
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662081564814092
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662081564814092
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuWKR3K2T%2BOn27fjAn4Eg9Ta7PLujzetFI%2FxOybSugeEIHwA14xYxGSb8OXkegd5MKxXD0vklPNBH4XX5J%2BvdwRzgIshzVkztRowmQoLoz%2B4u1dOZwiKJUCNFGu%2FhREfHsaxVTOQR3wmnA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede98dd3d8acd-PER
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:21 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
535
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662081564814092
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
817ede973b0d55ee-ADL
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame D3E5 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.215.8.194 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-215-8-194.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:21 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame D3E5
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5a23f133-cda9-4cb2-be77-81b46cba1ab8&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5a23f133-cda9-4cb2-be77-81b46cba1ab8&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1tpN%2Bv1qxH3JU2UY9z8rEEDeQyxaGkcagofJdQdm4Iyqt20I6my1VvvcXWjKOurbmCpXLPgZZQyqqkg2mOmLdDRu4hBPNjpp8NOYpLyCj1cv%2FvvmzIwgbq%2FDr76C7hYPXOlIR8oLZT2KA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede991d9d8acd-PER
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5a23f133-cda9-4cb2-be77-81b46cba1ab8&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Wed, 18 Oct 2023 06:54:21 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame D3E5
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A706B7BB85134B78A38704BB7CB94A9A
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A706B7BB85134B78A38704BB7CB94A9A
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZ8o9GBMVi9is%2BYd%2FeQPrIVGdnasAbdJOqhliXcEpPuftNiW%2BBv3%2Bq8L0WevglVpsFsDg4o5kyxB1Aj0UTVW3vVBS8XPWqL1YDyMUExi%2B39rRZQDc4ocR%2F0X1I4l5qOR8%2F7IdjGxJeop8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
817ede96387c8acd-PER
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 18 Oct 2023 06:54:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A706B7BB85134B78A38704BB7CB94A9A
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 17 Oct 2023 06:54:20 GMT
ecm3
s.amazon-adsystem.com/ Frame D3E5 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 06:54:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CKP9QZ4JR9TVVRRAN1NW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
b7631a27c26edb85d615ec2a08a342f22ac458a2a54505babaa7eb448c87c3dd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Wed, 18 Oct 2023 06:54:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
c0.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c0.eu-3-id5-sync.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.88.190 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c1.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c1.eu-3-id5-sync.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.127 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c2.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2.eu-3-id5-sync.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.152 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c3.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c3.eu-3-id5-sync.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.112 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c4.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c4.eu-3-id5-sync.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.199 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c5.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c5.eu-3-id5-sync.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.250 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c6.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c6.eu-3-id5-sync.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.187 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c7.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c7.eu-3-id5-sync.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.88.190 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
interact
edge.adobedc.net/ee/v1/ 		725 B
801 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=8489356d-5381-4d26-a564-e03a0df76f86
Requested by
Host: cdn1.adoberesources.net
URL: https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-117.data.adobedc.net
Software
jag /
Resource Hash
1c2c40829df3684327a3360fcd1ae01503704a316fd54a30525c6a4d30397a40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 18 Oct 2023 06:54:20 GMT
content-encoding
deflate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge
OR2;9
access-control-allow-credentials
true
x-konductor
N/A
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-xss-protection
1; mode=block
x-request-id
8489356d-5381-4d26-a564-e03a0df76f86
cm
ipac.ctnsnet.com/int/ Frame 5126 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 18 Oct 2023 06:54:20 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 2B35
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7fcf9a97700e47bea06a40e50c123ba5
42 B
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7fcf9a97700e47bea06a40e50c123ba5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:54:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Wed, 18 Oct 2023 06:54:20 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7fcf9a97700e47bea06a40e50c123ba5
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 7233 		0
0
pxd
dps.jp.cinarra.com/ Frame 979B 		0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=29A16F94-7BA1-4674-9D31-1FF1CE235855
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.123.76 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-123-76.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Wed, 18 Oct 2023 06:54:21 GMT
i.match
s.tribalfusion.com/z/ Frame 15A1
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
817ede973b0c55ee-ADL
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:54:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
817ede957fff55ee-ADL
content-type
text/html
date
Wed, 18 Oct 2023 06:54:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
3223
ecm3
s.amazon-adsystem.com/ Frame 9A6B 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID29A16F94-7BA1-4674-9D31-1FF1CE235855
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 18 Oct 2023 06:54:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
4FSF200M7EN1PR5ART8A
Pug
simage2.pubmatic.com/AdServer/ Frame 167A
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7579792736111074373
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7579792736111074373
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:19:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:21 GMT
an-x-request-uuid
bf27597f-910a-496e-88f6-70ad1f1d8cb9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7579792736111074373
x-proxy-origin
103.107.197.109; 103.107.197.109; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame C351 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.154.61 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-154-61.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
87f706547dba77861b4dda27017e5f90eaa2b067b401fd49ec77d83f6c1fcb62

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 06:54:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Oct 2023 03:51:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75461
Connection
keep-alive
Content-Length
11122
Expires
Thu, 19 Oct 2023 03:52:02 GMT
khaos.json
token.rubiconproject.com/ Frame C351 		7 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LNVEDPLV-1V-6ID3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
ecm3
s.amazon-adsystem.com/ Frame C351
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LNVEDPLV-1V-6ID3
  • https://s.amazon-adsystem.com/ecm3?id=LNVEDPLV-1V-6ID3&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LNVEDPLV-1V-6ID3&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 06:54:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QXDSY6TVDPXJX1FDZQ8Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LNVEDPLV-1V-6ID3&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
v2
id5-sync.com/gm/ 		630 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
2954d7ba7e973e326c087e6a09dbbc9b68b5dd01b27123be62726c6880bc8d74
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Wed, 18 Oct 2023 06:54:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
SPug
simage4.pubmatic.com/AdServer/ Frame 167A 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 167A 		974 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47821906&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
4164347585bd35337d75fe893dec847c92c6fdf8abe55023c5aa193cccf90d6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 18 Oct 2023 06:54:23 GMT
content-length
974
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 2CB8
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=2c241672-6d83-11ee-b75d-8b289e127539
42 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=2c241672-6d83-11ee-b75d-8b289e127539
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:54:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Wed, 18 Oct 2023 06:54:24 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=2c241672-6d83-11ee-b75d-8b289e127539
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1b-delivery-2
cookiesync
core.iprom.net/ Frame 5598 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 18 Oct 2023 06:54:25 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-438665abf2fd@version_1.573
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame E3D1
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
79 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 06:19:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 18 Oct 2023 06:54:24 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
141
match.deepintent.com/usersync/ Frame 4A14 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Wed, 18 Oct 2023 06:54:24 GMT
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame 9296
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A706B7BB85134B78A38704BB7CB94A9A&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A706B7BB85134B78A38704BB7CB94A9A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 06:54:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 18 Oct 2023 06:54:24 GMT
expires
Tue, 17 Oct 2023 06:54:24 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A706B7BB85134B78A38704BB7CB94A9A&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame D0B3
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bX7KQSRE1QT0rK5&gdpr=0&gdpr_consent=
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bX7KQSRE1QT0rK5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 06:54:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 18 Oct 2023 06:54:24 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:bX7KQSRE1QT0rK5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-015e06b625cd64536@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
ecm3
s.amazon-adsystem.com/ Frame 4802 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID29A16F94-7BA1-4674-9D31-1FF1CE235855
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 18 Oct 2023 06:54:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
Q5NGANYTK51NG0B43AG2
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5991d982-4558-bb87-d301-56e47318a459&tv=%7Bc:rpjB4b,pingTime:15,time:16692,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:519%7D,%7Bpiv:100,vs:i,r:,t:1666%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:15026,o:1666,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:519,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1202~0,1~100%5D,as:%5B1203~728.90%5D%7D%7D,%7Bsl:i,t:1666,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15024~100%5D,as:%5B15024~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:292,fm:tT1d9wf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:521,sis:662%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:25 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5991d982-4558-bb87-d301-56e47318a459&tv=%7Bc:rpjB4c,pingTime:15,time:16693,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:519%7D,%7Bpiv:100,vs:i,r:,t:1666%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:15027,o:1666,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:519,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1202~0,1~100%5D,as:%5B1203~728.90%5D%7D%7D,%7Bsl:i,t:1666,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15025~100%5D,as:%5B15025~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:292,fm:tT1d9wf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s%7C1t%7C1u%7C1v%7C1w,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:521,sis:662%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:25 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=92bad93a-5e25-2208-ab42-3cf96e74b5e5&tv=%7Bc:rpjB8F,pingTime:15,time:16817,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:659%7D,%7Bpiv:100,vs:i,r:,t:1811%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:15006,o:1811,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:659,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1164~0,1~100%5D,as:%5B1165~300.250%5D%7D%7D,%7Bsl:i,t:1811,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15005~100%5D,as:%5B15005~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:287,fm:tT1d9yI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1q2%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:660,sis:785%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:26 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=92bad93a-5e25-2208-ab42-3cf96e74b5e5&tv=%7Bc:rpjB8F,pingTime:15,time:16817,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:659%7D,%7Bpiv:100,vs:i,r:,t:1811%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:15006,o:1811,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:659,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1164~0,1~100%5D,as:%5B1165~300.250%5D%7D%7D,%7Bsl:i,t:1811,wc:0.0.1600.1200,ac:1118.354.300.250,am:i,cc:1118.354.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15005~100%5D,as:%5B15005~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:287,fm:tT1d9yI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h1%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1q2%7C1r1%7C1r2%7C1s%7C1t%7C1u%7C1v%7C1w1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:660,sis:785%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.81.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-81-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 06:54:26 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame 167A 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 06:54:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/13/28cfef03
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/5iYtFDHB/D_P/GF-/n3RC_e97K5/7t3iNctNzcJ1zE/MmxYFhMB/JzIyUEpq/VQcC
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/_sec/cp_challenge/sec-4-0.css
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/_sec/cp_challenge/sec-cpt-4-0.js
Domain
au.pixel.newscgp.com
URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Domain
ads.playground.xyz
URL
https://ads.playground.xyz/host-config/prebid?v=2
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=277566
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=2&alt_size_ids=55%2C57%2C68&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&tk_flint=pbjs_lite_v7.50.0&x_source.tid=38fe69aa-3b72-47f3-90be-91b6e06041a4&l_pb_bid_id=256cfa0c2042b81&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=38fe69aa-3b72-47f3-90be-91b6e06041a4&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&slots=1&rand=0.06013983504748688
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&alt_size_ids=9%2C8%2C10&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&tk_flint=pbjs_lite_v7.50.0&x_source.tid=88fe87e6-2376-4e00-be3e-8fefd7e995d0&l_pb_bid_id=26723787454b946&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=88fe87e6-2376-4e00-be3e-8fefd7e995d0&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&slots=1&rand=0.07212560359995335
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&tk_flint=pbjs_lite_v7.50.0&x_source.tid=7b5598c5-5db4-4211-8772-e96c8b2b2c26&l_pb_bid_id=2793be651ae7c2&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=7b5598c5-5db4-4211-8772-e96c8b2b2c26&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&slots=1&rand=0.5321176746716847
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&tk_flint=pbjs_lite_v7.50.0&x_source.tid=e32d1767-ba48-4c8c-a9a3-0db39a97b0eb&l_pb_bid_id=2887941acc3b10e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e32d1767-ba48-4c8c-a9a3-0db39a97b0eb&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&slots=1&rand=0.8086846271975667
Domain
mfad.inskinad.com
URL
https://mfad.inskinad.com/api/v2
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.50.0&cb=72961974048&lsavail=1
Domain
dt.scanscout.com
URL
https://dt.scanscout.com/ssframework/uid?UIAA=76156148949135702871259139842975485148&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZS_BDAAAAEfDmQN9&img=1
Domain
check.analytics.rlcdn.com
URL
https://check.analytics.rlcdn.com/check/13726
Domain
prebid-a.rubiconproject.com
URL
https://prebid-a.rubiconproject.com/event
Domain
prebid-a.rubiconproject.com
URL
https://prebid-a.rubiconproject.com/event
Domain
mfad.inskinad.com
URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=ZS.BDpN4lOFe6iY-HdxLsAAA%264726
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
sync-dsp.ad-m.asia
URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D

Verdicts & Comments Add Verdict or Comment

341 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al function| sentrySDKOnLoadHandler object| newscorpau object| _taboola object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr function| admiral object| googletag function| loadjs boolean| isLoadedIndiesJs string| urhehlevkedkilrobacf object| ads_api function| algoliasearch object| Sentry function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise function| _typeof object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| nb object| vidora function| vidoraTrackExtraElements object| vidoraHelper object| app function| _ object| _vms function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| 4dm1r11545242527 object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| fetchGDPR function| _tealium_old_error boolean| __tealium_twc_switch object| auth object| optimizely object| sectionData number| _sf_endpt function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker object| vidora_ns object| ADB string| TiktokAnalyticsObject object| ttq function| rdt object| m number| interval object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent object| nca_ipsos object| dm object| ipsos_ready object| ads_core object| ads_extra string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig boolean| excludeKargo object| adUnits object| pbjs object| __iasPET object| apstagShared object| kw_ignore object| mready object| indieApps string| nam object| placementData function| setImmediate function| clearImmediate object| webpackChunk object| pbjsChunk object| _pbjsGlobals object| apsUnits function| DIL object| adobe function| Visitor object| mconfig function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Bh object| _pm_mcg boolean| VIDEOJS_NO_DYNAMIC_STYLE function| videojs object| httpStreaming function| videojsPerSourceBehaviors function| videojsBcAnalytics function| videojsErrors object| videojsBcCatalog object| videojsDock function| videojsPlaylist function| videojsSsai function| bc object| googleImaVansAdapter object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc object| KAMPYLE_EMBED string| account_suffix function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement number| s_objectID number| s_giq function| AppMeasurement function| AppMeasurement_Module_ActivityMap object| s_c_il number| s_c_in object| s object| visitor object| lastException boolean| explicitPageView object| nr object| metrics object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| ID5 number| startTime number| duration object| brandmetrics function| __assign boolean| isAlloyConfigured object| atsdetectionmodule object| atsenvelopemodule object| ats object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData object| ggeac string| redditId object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| __spreadArray object| _brandmetrics object| npt object| diagPixSentCodes object| __iasAdRefreshConfig boolean| DotMetricsInitScript object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| DotMetricsSettings undefined| google_measure_js_timing boolean| hasApsUnits object| ads_ready object| __SENTRY__ string| SENTRY_SDK_SOURCE object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| Criteo function| GeaLoader object| DotmetricsJSON object| DotMetricsObj object| __id5_instances function| omrhp function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray undefined| oneTagObj function| ebDecode object| bsResponseObj object| SUBSCRIPTIONS object| SWG object| _aps boolean| apstagLOADED object| apscustom function| cookieWrite function| cookieRead function| formatTime string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo object| s_i_newscorpau-hsweb_newscorpau-global number| google_unique_id object| gaGlobal object| categoryData object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| __IntegralASExec object| tbopt

207 Cookies

Domain/Path Name / Value
.taboola.com/newscorpau-aud-heraldsun/ Name: taboola_session_id
Value: v2_ba6e694676ce172c720459b907fde6d8_6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689_1697612041_1697612041_CIi3jgYQgPNHGIuWwIy0MSABKAEwEDiu_QZA9oUQSIf08QNQ____________AVgAYABooKCVq-PzhYw8cAE
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: 4539fe69f634b58ebe902d6108b8f203
.heraldsun.com.au/ Name: nk
Value: 4539fe69f634b58ebe902d6108b8f203
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1697612034
www.heraldsun.com.au/ Name: lux_uid
Value: 169761204062016718
.heraldsun.com.au/ Name: utag_main
Value: v_id:018b41900b7c001b72b47e91e2a603073001d06b00b08$_sn:1$_se:1$_ss:1$_st:1697613841085$ses_id:1697612041085%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.8373902899620158
.taboola.com/ Name: t_gid
Value: 6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689
.taboola.com/ Name: t_pt_gid
Value: 6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689
www.heraldsun.com.au/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689
www.heraldsun.com.au/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.heraldsun.com.au/ Name: _lr_retry_request
Value: true
www.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
www.heraldsun.com.au/ Name: AWSALB
Value: JZRMaGfBvnU8Jx3Gzhw+hjxmHkL71C57CssQdcdAbRfT1Z5t/5GAV3yyNXmT0Ahg3KASmalV4X8FDHnmIXTYQ7C31mZgWzY46B7BbFp/lrSUs+bt/Q66wtsC/eIA
.heraldsun.com.au/ Name: ak_bmsc
Value: 48DDE73D98E1F6555175609F0B784BAB~000000000000000000000000000000~YAAQj0ZYaCKztTyLAQAAAw2QQRVWWajU2DsEJ/cdtPN3khovmP+RCGE1/9iYMsknQvz8et0S6JZcBExpmS/gRX0CycDo0CaV6DYbpGz+O6TDbEo0a9du6OWlj9xvthWz1H/v6Pxk4K3iKi0EnLgGDt/JzykRrp/9PaKgtcag5VpzGic5fvGze7WwZL/cVAw/m9S2tnwXn8yQZH/7Lgulimxnr0w2LJBhCVdgj7ta0Y1qTyzQod/nqd7CiWkdhRwZY9Dk1rerYfI1Vwxn6fM+XD3ASxZ1wKa7Rx9COh5/BhUY1fim8dny3y/xh9jRTjJsyO+cLTO3d3h47284k3RMcPg9DS4ebpWgLrhZJSVZR24q1Zspu07RqrQUHIG0PTBdbEhVHS89JmQsTVyHhIJywld2Awh7Pt8hZHaRdk/Kouyjn3S4Kb5XfaX6kkbxqyA+9FP1lNroYU3dXbrCZqDPaYPIeb8HNDbgqS7Jn3/uopbdK/YYNUhMfiAArEIb7CWLOLyEe4nQjng5
www.heraldsun.com.au/ Name: AWSALBCORS
Value: JZRMaGfBvnU8Jx3Gzhw+hjxmHkL71C57CssQdcdAbRfT1Z5t/5GAV3yyNXmT0Ahg3KASmalV4X8FDHnmIXTYQ7C31mZgWzY46B7BbFp/lrSUs+bt/Q66wtsC/eIA
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3A1e7261a0-6d83-11ee-ac91-ab7181b07c1f.K78ZCzszsNJDrzfF8cVuVM8sSBqclDd3MeNJUpZHn%2F0
.heraldsun.com.au/ Name: bm_sv
Value: 33B555376C1BF5CF920080A1A2D25DFB~YAAQj0ZYaCaztTyLAQAAjA2QQRVhepyKEsKlmVY7GgPWWhCHP7QkTRscmacVtYhDCwyaX74LmJET8I8lWQMZFOXrQk5QfXBzTqjGlQk68KdfBSfqKDZwr/LciR8CHwSWAloA2MtBs0WAV3I7dJTxkS/WbKzOhn4zLzTgLF0fIeVVmafq3CF8vpXt+XQD+C+E+OSYymYxBxZjFHZcHSXgN+gT2rEzt9Cc0GklrNiGgt/xmhZfw/ElmyA2NQEGNxZGHk7gpSHB~1
.doubleclick.net/ Name: APC
Value: AfxxVi5b8gNzaSK3roa3ivC7dKTdgvBuQH_AH72Yrhfbq8gTVl0l8A
.heraldsun.com.au/ Name: _cb
Value: Bsfu7NCNd2tnBhEDf0
.heraldsun.com.au/ Name: _chartbeat2
Value: .1697612042117.1697612042117.1.o4pYQBgJeNpBrZH14zJHbfCbHn6.1
.heraldsun.com.au/ Name: _cb_svref
Value: null
www.heraldsun.com.au/ Name: metrics_pcsid
Value: not set
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1697612042335.226121314
.heraldsun.com.au/ Name: optimizelyEndUserId
Value: oeu1697612042467r0.6984962442389808
www.heraldsun.com.au/ Name: vidoraUserId
Value: afr67ldqbtbtcdt54mnuf03ueb9vps
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: 677346c9-a65d-42c8-a1cc-978737b482ec.1697612042.1.1697612043.1697612042.e571d4f5-c40c-4849-bc8f-8693a1d0fd64
.heraldsun.com.au/ Name: _rdt_uuid
Value: 1697612042599.1ec80833-10f7-4f8d-b886-54500767cf7c
.heraldsun.com.au/ Name: _awl
Value: 3.1697612042.5-3999b1b9464a4fe2cd4016399f8095dd-6763652d617369612d6561737431-0
.doubleclick.net/ Name: IDE
Value: AHWqTUnwLHy1IFa1HAxtD48TS6PN8Gpxjw9PCh09LMGgCLb7HNxVvMXMyQWKAwyhiMI
.heraldsun.com.au/ Name: _ncid
Value: c2a33047d9df4c36208e779bbe573bad
.tiktok.com/ Name: _ttp
Value: 2WvTR8OL7PlMxKD8ZDlQh0InFdc
.heraldsun.com.au/ Name: nol_fpid
Value: nwkc66kcjubvjlns6jjjs6tpiy5nn1697612042|1697612042923|1697612042923|1697612042923
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=76e866ef-343b-43f6-82b9-249822ad96fa&Created=10/18/2023 06:54:02&UserMode=0&guid=d52de590-f41e-4bc9-9c60-31c20b71cd9c&ver=1
.heraldsun.com.au/ Name: _tt_enable_cookie
Value: 1
.heraldsun.com.au/ Name: _ttp
Value: YFv5PtIDKQZJs88P1EUdyy2xZO2
.demdex.net/ Name: demdex
Value: 76156148949135702871259139842975485148
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
www.heraldsun.com.au/ Name: _lr_geo_location_state
Value: WA
www.heraldsun.com.au/ Name: _lr_geo_location
Value: AU
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13062
Value: 1
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: k4XWt04zhSEi/bRbtPd6LvzZywZqzK3j6ORuHjpXOEKHYck0QIxCIyYOKuqXI0kD91JNuG7HXyFKMxbJiJEDAfzJQ5i6rR/5D87nUtwyFZZa7BaTCV7t7vIw82uN
.imrworldwide.com/ Name: IMRID
Value: 1fc96620-6d83-11ee-838b-69750de59b4b
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 005amuEzQ0_004c3mEzQ0_
.serving-sys.com/ Name: G4
Value: 0009fM00Oc_
.serving-sys.com/ Name: OT2
Value: 0001DC1txm
.serving-sys.com/ Name: u2
Value: 19b0690f-75ad-4486-ab8a-aa9785adaf254P0050
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZS_BDAAAAEfDmQN9
.socdm.com/ Name: SOC
Value: ZS.BDMCo5ugAAHVdQTgAAAAA
.dpm.demdex.net/ Name: dpm
Value: 76156148949135702871259139842975485148
.smartadserver.com/ Name: pid
Value: 4352714729533595304
.yahoo.com/ Name: A3
Value: d=AQABBAyBL2UCEBNCiBAYq9DF7z5RLASgBDkFEgEBAQHSMGU5ZQAAAAAA_eMAAA&S=AQAAAhLk4O778fofMBBGTqQaiCQ
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19649%7CMCMID%7C76180016419598553491257014746410589638%7CMCAAMLH-1698216844%7C9%7CMCAAMB-1698216844%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-124721290%7CMCOPTOUT-1697619244s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19656%7CvVersion%7C5.1.1
.heraldsun.com.au/ Name: s_nr30
Value: 1697612044598-New
.heraldsun.com.au/ Name: s_tslv
Value: 1697612044599
.heraldsun.com.au/ Name: s_inv
Value: 0
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_tp
Value: 15556
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Chome%257Chomepage%257Chomepage%2C8%2C8%2C1200%2C1%2C12
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Chome%7Chomepage%7Chomepage
.heraldsun.com.au/ Name: s_cc
Value: true
.adnxs.com/ Name: icu
Value: ChgIzrIrEAoYASABKAEwjIK-qQY4AUABSAEQjIK-qQYYAA..
.adnxs.com/ Name: uuid2
Value: 7579792736111074373
.mediago.io/ Name: __mguid_
Value: f85ea035a1d1d50b2kgzqz00lnvedoy8
.adsrvr.org/ Name: TDID
Value: a657c6f9-40dc-4ecb-99eb-6598605aa7e4
.turn.com/ Name: uid
Value: 8848152157402147362
.rubiconproject.com/ Name: khaos
Value: LNVEDPLV-1V-6ID3
.3lift.com/ Name: tluid
Value: 570255265212366100736
.openx.net/ Name: i
Value: ba0bf86d-0159-0962-00da-32fc3c8f0144|1697612045
.heraldsun.com.au/ Name: __gads
Value: ID=b4f82c7f57b27f09:T=1697612045:RT=1697612045:S=ALNI_MaHH7hwumL4XE56cLz6d4Ua0Q7H3g
.heraldsun.com.au/ Name: __gpi
Value: UID=00000c66a815bcf6:T=1697612045:RT=1697612045:S=ALNI_MaQ8xf8cAvV4j_911c1kPjSFYvmZg
.tapad.com/ Name: TapAd_TS
Value: 1697612045956
.tapad.com/ Name: TapAd_DID
Value: a771e335-d7a0-4f1b-842f-11c04a4508cb
.criteo.com/ Name: uid
Value: f37b7d12-7473-4718-b579-9cd4215697d8
.bluekai.com/ Name: bku
Value: pSL999bOntVsnayG
.bluekai.com/ Name: bkpa
Value: KJy9CxObd02pSUHknpxpmEQhwtkAwEzt1EDt1ExTmEx81E1NBp90mezh1MD81E18mex0mEzNBeQN1ExTJ7Jkjsk0wVC65cOpJEBOJEJsJEJsjcO+nZHkqVHkKY8rjUxk1AjoR71k16aAzskAJEBW1E161eAtJE/tjcON5VkAJEBWJE/6U6JnUNPPuDxe9Wc4J1D=
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-a657c6f9-40dc-4ecb-99eb-6598605aa7e4&KRTB&22918-a657c6f9-40dc-4ecb-99eb-6598605aa7e4&KRTB&22926-a657c6f9-40dc-4ecb-99eb-6598605aa7e4&KRTB&23031-a657c6f9-40dc-4ecb-99eb-6598605aa7e4
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.724835606.1697612047
.demdex.net/ Name: dextp
Value: 358-1-1697612044380|470-1-1697612044486|481-1-1697612044614|771-1-1697612044718|903-1-1697612044825|19566-1-1697612044929|23728-1-1697612045038|30432-1-1697612045172|30064-1-1697612045277|66757-1-1697612045385|134096-1-1697612045487|144230-1-1697612045595|144231-1-1697612045699|144232-1-1697612045807|144233-1-1697612045915|144234-1-1697612046080|144235-1-1697612046188|144236-1-1697612046295|144237-1-1697612046398|147592-1-1697612046506|461447-1-1697612046625
.bidswitch.net/ Name: tuuid
Value: fa9c87db-9c18-4eeb-ba31-5ce1279365cf
.bidswitch.net/ Name: c
Value: 1697612046
.bidswitch.net/ Name: tuuid_lu
Value: 1697612046
.eyeota.net/ Name: mako_uid
Value: 18b41902214-71620000010841c7
.eyeota.net/ Name: SERVERID
Value: 16839~DM
.google.com/ Name: NID
Value: 511=OU7-CFY33dkReug8ZOpL5rz4hbsrV3FLfrRvmYcNcwVnud4J483T8xhGUdPlrpKMhQ79O2rojaf1XjVycrqoKQ9In2HnqIVdWTYNVZ8bH6dEWwH2L-phe9YXV3T5gQdYWiqRgy7ozmnmBXTbBWCpu0rMNSLtzZluT0isKFX9M5k
.admixer.net/ Name: am-uid
Value: e865ebed15714a69ad94befdb90c3b6c
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-ZS_BDAAAAEfDmQN9&KRTB&22978-ZS_BDAAAAEfDmQN9&KRTB&23194-ZS_BDAAAAEfDmQN9&KRTB&23209-ZS_BDAAAAEfDmQN9
.krxd.net/ Name: _kuid_
Value: P3KL1J7R
.adform.net/ Name: C
Value: 1
.contextweb.com/ Name: V
Value: LgsSGvLtkGsa
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: f6fd57e0da4904a2
.adform.net/ Name: uid
Value: 4904814000705241649
.casalemedia.com/ Name: CMPS
Value: 4721
.casalemedia.com/ Name: CMID
Value: ZS.BEAuIWESwlN3o5bsHWgAA
.casalemedia.com/ Name: CMPRO
Value: 4721
.adnxs.com/ Name: anj
Value: dTM7k!M4/0EVNsVF']wIg2C%7oo/7t!EKy0$]mp@J9rAzT5`.4%FFARI@LCu4rhzd8B0VEZP=zN/X%W#.wLP*6:R^7G7/wwB`:H^dO9:+JRquVR!4Suj1f[>3I?.SbL!cM
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxOVkVEUExWLTFWLTZJRDMiLCJleHBpcmVzIjoiMjAyNC0wMS0xNlQwNjo1NDowOVoifX0sImJpcnRoZGF5IjoiMjAyMy0xMC0xOFQwNjo1NDowOVoifQ==
.hb.yahoo.net/ Name: data-ttd
Value: a657c6f9-40dc-4ecb-99eb-6598605aa7e4~~63
.hb.yahoo.net/ Name: visitor-id
Value: 3406136491614189000V10
.mfadsrvr.com/ Name: tuuid
Value: 088b44f7-aef4-4413-b2ca-c2c4db70ea3f
.mfadsrvr.com/ Name: c
Value: 1697612049
.mfadsrvr.com/ Name: tuuid_lu
Value: 1697612049
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 6872a17f-2690-42cb-8c0c-e9c903e05052
.prebid.a-mo.net/ Name: sd_amuid2
Value: 6872a17f-2690-42cb-8c0c-e9c903e05052
.mfadsrvr.com/ Name: ssh
Value: !taboola,1697612049
.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898%2C17568988%2C17568985
.heraldsun.com.au/ Name: aam_uuid
Value: 76156148949135702871259139842975485148
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 29A16F94-7BA1-4674-9D31-1FF1CE235855
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~2eji:19e0~2eji:175w~2eji:18z8~2eji"
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7579792736111074373&KRTB&23339-7579792736111074373
.adotmob.com/ Name: uid
Value: 09b1220400d38f705d43bc63
.adotmob.com/ Name: uuid
Value: 09b1220400d38f705d43bc63
.adotmob.com/ Name: partners
Value: IX%3A1697612050072
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECvElwaEuYw7UFBXpqnJJn8&KRTB&23025-CAESECvElwaEuYw7UFBXpqnJJn8&KRTB&23386-CAESECvElwaEuYw7UFBXpqnJJn8
.bidr.io/ Name: bito
Value: AADd6U7KXwIAABkS_cz04g
.bidr.io/ Name: bitoIsSecure
Value: ok
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI4o_r1qHspzwQBRIZCgpyaWdodG1lZGlhEgsI5LLM0qHspzwQBRIWCgdydWJpY29uEgsIqtDM0qHspzwQBRIXCghwdWJtYXRpYxILCOaWn4Gi7Kc8EAUSFQoGY2FzYWxlEgsIopbh36HspzwQBRIYCgliaWRzd2l0Y2gSCwjy5-D2oeynPBAFEhQKBXRhcGFkEgsIpsnDg6LspzwQBRgBIAEoAjILCNa_xrC47Kc8EAU4AVoFdGFwYWRgAg..
www.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 0
.ipredictive.com/ Name: cu
Value: f294dd42-8dac-4182-81ea-6f24b8e57d9e|1697612050209
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6990
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.linkedin.com/ Name: bcookie
Value: "v=2&ee54eaa6-1272-4700-8dfa-384601a49f0e"
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2678:u=1:x=1:i=1697612050:t=1697698450:v=2:sig=AQHUHU77-XBCVPn7M-HtFQ7anD55Ugwd"
.connatix.com/ Name: cnx_userId
Value: 0fcef5ed3fa442aa99a9570425ea5249
.semasio.net/ Name: SEUNCY
Value: 117186C404D4475D
.twitter.com/ Name: personalization_id
Value: "v1_V0r/cYY0XFU9q3REwXuhFw=="
.quantserve.com/ Name: d
Value: EPEBCwGbKvijAA
.quantserve.com/ Name: mc
Value: 652f8113-2eb17-dfcb5-a5539
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-KnAq2SR0KYwxd33dLXI123omeooxJC2KL3yKsDua&KRTB&19420-KnAq2SR0KYwxd33dLXI123omeooxJC2KL3yKsDua&KRTB&22979-KnAq2SR0KYwxd33dLXI123omeooxJC2KL3yKsDua&KRTB&23403-KnAq2SR0KYwxd33dLXI123omeooxJC2KL3yKsDua
.pubmatic.com/ Name: DPSync3
Value: 1697673600%3A248%7C1698796800%3A245_226_201_197%7C1698192000%3A164
.sharethrough.com/ Name: stx_user_id
Value: 0d829b75-5456-4e15-ba75-be7aaf6674d2
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: ef745b1329930414651503e672f31acc
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4904814000705241649&KRTB&23263-4904814000705241649&KRTB&23481-4904814000705241649
.amazon-adsystem.com/ Name: ad-id
Value: A2MRpRXCAUoCrCylG2NcLlA
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8848152157402147362&KRTB&23150-8848152157402147362&KRTB&23527-8848152157402147362
.zemanta.com/ Name: zuid
Value: QDpxKjM3_XAqdKQKg2Wz
.t.co/ Name: muc_ads
Value: 13157c7b-e4e1-4f73-ba8a-951d705483a2
.ads.stickyadstv.com/ Name: UID
Value: a44575de1919cd4f322c702ac9446071
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZS-BEAuIWESwlN3o5bsHWgAAEnEAAAIB
.csync.loopme.me/ Name: viewer_token
Value: 5a23f133-cda9-4cb2-be77-81b46cba1ab8
.lijit.com/ Name: ljt_reader
Value: HgVeCQZHvZx3ljtnSPKsacJo
.sportradarserving.com/ Name: zuuid
Value: 6eaf9315-25d4-47fb-bafe-3b5a62526990
.sportradarserving.com/ Name: c
Value: 1697612053
.sportradarserving.com/ Name: zuuid_lu
Value: 1697612053
.id5-sync.com/ Name: 3pi
Value: 464#1697612045178#-2013617875#6cef5957-aad5-4403-9c57-d0305b4f8122-tuctc290689|112#1697612051015#-1743035185#C6C6D89CDA23006C|2#1697612051355#778643753#7579792736111074373|821#1697612053710#910655896|264#1697612045514#396368766#a657c6f9-40dc-4ecb-99eb-6598605aa7e4|10#1697612048536#-1653310102#4904814000705241649|123#1697612051696#564183147|108#1697612046432#371143955
.lijit.com/ Name: _ljtrtb_80
Value: LNVEDPLV-1V-6ID3
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1697612053
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Perth
.ambientdsp.com/ Name: _aUID
Value: 11zwqob89l9i
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-11zwqob89l9i
.simpli.fi/ Name: suid
Value: A706B7BB85134B78A38704BB7CB94A9A
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:A706B7BB85134B78A38704BB7CB94A9A&KRTB&23486-uid:A706B7BB85134B78A38704BB7CB94A9A&KRTB&23489-uid:A706B7BB85134B78A38704BB7CB94A9A
.c.appier.net/ Name: _auid
Value: 6N14dBUjDG2t1_6PFoEvZQ
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-6N14dBUjDG2t1_6PFoEvZQ
.dotomi.com/ Name: DotomiTest
Value: 155cffc2c6c01fc8
.rlcdn.com/ Name: pxrc
Value: CJeCvqkGEgUI6AcQABIFCOhHEAA=
.adx.opera.com/ Name: UID
Value: OPUc86d172bdf4646a98a5ff519c05e746a
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAL7ZVOylJK2wNQV8YsAAAAAAA&KRTB&22713-AAAL7ZVOylJK2wNQV8YsAAAAAAA&KRTB&22715-AAAL7ZVOylJK2wNQV8YsAAAAAAA&KRTB&23519-AAAL7ZVOylJK2wNQV8YsAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUc86d172bdf4646a98a5ff519c05e746a&KRTB&23485-OPUc86d172bdf4646a98a5ff519c05e746a&KRTB&23524-OPUc86d172bdf4646a98a5ff519c05e746a
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c68a123d-4d77-5da9-7822-cfef0aee3e99.kpbT2Et6491atL9o7wTb%2BXuakgrFVrXcOKS%2Bxu8C1Fw
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c68a123d-4d77-5da9-7822-cfef0aee3e99.kpbT2Et6491atL9o7wTb%2BXuakgrFVrXcOKS%2Bxu8C1Fw
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AxooSPU13Xal4Is_vCu4-mWdrxW0.fiyEJkRe7x5vygYC3yGVawas5ynFG0XjiYqId89NgHI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AxooSPU13Xal4Is_vCu4-mWdrxW0.fiyEJkRe7x5vygYC3yGVawas5ynFG0XjiYqId89NgHI
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJO5UDk3kLhq89UbTGCIfS7OcXso0deWqdVnuGJ1Z27tEHwYBCCXgr6pBjABOgTwLrJgQgQ6sW8r.ltf%2FuzufZ9nwriCZnZ2U%2BHPBiAhVRNSyFG20oWEdi7U
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJO5UDk3kLhq89UbTGCIfS7OcXso0deWqdVnuGJ1Z27tEHwYBCCXgr6pBjABOgTwLrJgQgQ6sW8r.ltf%2FuzufZ9nwriCZnZ2U%2BHPBiAhVRNSyFG20oWEdi7U
ads.playground.xyz/ Name: connect.sid
Value: s%3AEsZPUDPM9orTIrK73IC60u2tvK1O0MZW.KZtIFaSYXR3bpFi8DUHRqbc44iI7n5aODDFlFuHURQs
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-xooSPU13Xal4Is_vCu4-mWdrxW0&KRTB&23334-xooSPU13Xal4Is_vCu4-mWdrxW0&KRTB&23417-xooSPU13Xal4Is_vCu4-mWdrxW0&KRTB&23426-xooSPU13Xal4Is_vCu4-mWdrxW0
.pippio.com/ Name: did
Value: eYkh1xe2oMnsszPT
.pippio.com/ Name: didts
Value: 1697612055
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CJiCvqkGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/ Name: rmuid
Value: 4685b813-7e92-4ed1-adc4-cd046ecebde6
.linksynergy.com/ Name: icts
Value: 2023-10-18T06:54:16Z
.rlcdn.com/ Name: rlas3
Value: 8UYM49edJQjQqsdBk83yj8FDefxMPWAbeoSv7cJbx54=
.adscale.de/ Name: uu
Value: d630655c82a6490e9b15ff833fd2cd8e
.adscale.de/ Name: cct
Value: 1697612059727
.company-target.com/ Name: tuuid
Value: 157365b0-d15d-40fd-b761-2f47f1bf7d6a
.company-target.com/ Name: tuuid_lu
Value: 1697612061|ix:0
.ctnsnet.com/ Name: cid_6016fe3771304798a7bf5d7ebc621022
Value: 1
.ctnsnet.com/ Name: cid_7fcf9a97700e47bea06a40e50c123ba5
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-7fcf9a97700e47bea06a40e50c123ba5&KRTB&23328-7fcf9a97700e47bea06a40e50c123ba5&KRTB&23427-7fcf9a97700e47bea06a40e50c123ba5&KRTB&23445-7fcf9a97700e47bea06a40e50c123ba5
.tribalfusion.com/ Name: ANON_ID
Value: aqnsmAmMZaE8DXqwmMRTRgaOgUHvmvs4Ba6ZcXvkykEGvqbVUZbhUwTZdRahVXERWUXc3TBTwX9y1PWK
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiY3NjE4MDAxNjQxOTU5ODU1MzQ5MTI1NzAxNDc0NjQxMDU4OTYzOFIQCJK3wYy0MRgBKgNPUjIwA_ABkrfBjLQx
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: or2
.id5-sync.com/ Name: id5
Value: ef6eb051-2b1d-7d5b-afda-15c2fa6846bc#1697612044933#4
.rubiconproject.com/ Name: audit
Value: 1|hOr6iJ5LpNLLzBbZSrWVbVVITvtQ5ucsUiKuR0O4iiW4zGUEhRcm+1lpCMj8mjwaVyKty8JsXrQkEa5N2k7U1SEEFoCDRlfYBn0LdTvpHNwhd3BJ9Iks+KfGnvA7ZeXh3OlDu/ORdD8=
.pubmatic.com/ Name: SPugT
Value: 1697612061
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 156011:4
.pubmatic.com/ Name: SyncRTB3
Value: 1698192000%3A15_223_2%7C1698796800%3A254_21_56_204_165_8_231_71_96_214_247_107_209_176_238_234_5_13_233_196_179_3_220_54_22_264%7C1702771200%3A69%7C1698883200%3A35%7C1698451200%3A63
.adgrx.com/ Name: ADGRX_UID
Value: 2c241672-6d83-11ee-b75d-8b289e127539
.w55c.net/ Name: wfivefivec
Value: bX7KQSRE1QT0rK5
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-2c241672-6d83-11ee-b75d-8b289e127539&KRTB&23275-2c241672-6d83-11ee-b75d-8b289e127539
.pubmatic.com/ Name: PugT
Value: 1697612064
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:bX7KQSRE1QT0rK5&KRTB&23421-uid:bX7KQSRE1QT0rK5

11 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
network error URL: https://login.newscorpaustralia.com/csp-reports
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=985957851105.8802?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=985957851105.8802?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=985957851105.8802?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://mfad.inskinad.com/api/v2
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZS_BDAAAAEfDmQN9&img=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=ZS.BDpN4lOFe6iY-HdxLsAAA%264726
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
a.sportradarserving.com
a.tribalfusion.com
a20352597942.cdn.optimizely.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
alb.reddit.com
analytics.tiktok.com
analytics.twitter.com
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
b1sync.zemanta.com
b55fa654ee3e34c0ed8b9c5d1953e9cf.safeframe.googlesyndication.com
beacon.krxd.net
bedsberry.com
bh.contextweb.com
bidder.criteo.com
browser.sentry-cdn.com
bs.serving-sys.com
c.amazon-adsystem.com
c0.eu-3-id5-sync.com
c1.adform.net
c1.eu-3-id5-sync.com
c2.eu-3-id5-sync.com
c3.eu-3-id5-sync.com
c4.eu-3-id5-sync.com
c5.eu-3-id5-sync.com
c6.eu-3-id5-sync.com
c7.eu-3-id5-sync.com
capi.connatix.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.optimizely.com
cdn.speedcurve.com
cdn.taboola.com
cdn1.adoberesources.net
cdn3.optimizely.com
cds.taboola.com
ce.lijit.com
check.analytics.rlcdn.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.ambientdsp.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
collector.brandmetrics.com
config.aps.amazon-adsystem.com
connect.facebook.net
content.api.news
core.iprom.net
csync.loopme.me
d.adroll.com
d.turn.com
d2n6ofw4o746cn.cloudfront.net
dis.criteo.com
dpm.demdex.net
dps.jp.cinarra.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
eb2.3lift.com
edge.adobedc.net
eus.rubiconproject.com
fastlane.rubiconproject.com
geo.privacymanager.io
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
hk-trc-events.taboola.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image5.pubmatic.com
image6.pubmatic.com
images.taboola.com
insight.adsrvr.org
inv-nets.admixer.net
ipac.ctnsnet.com
js-sec.indexww.com
js.adsrvr.org
js.sentry-cdn.com
lb.eu-1-id5-sync.com
live.primis.tech
lm.serving-sys.com
login.newscorpaustralia.com
logx.optimizely.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
metrics.heraldsun.com.au
mfad.inskinad.com
mhr.talk.news.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
news.google.com
newscorpau.demdex.net
newscorpau.sc.omtrdc.net
nhavisjcaajtog6v4loaiwbgxhpi21697612042.nuid.imrworldwide.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.zprk.io
play.google.com
players.brightcove.net
pm-widget.taboola.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.a-mo.net
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rm-script.dotmetrics.net
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
statsapi.foxsports.com.au
subscriptions.heraldsun.com.au
sync-dsp.ad-m.asia
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
t.adx.opera.com
t.co
tags.bluekai.com
tags.news.com.au
tags.rd.linksynergy.com
tags.tiqcdn.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc-events.taboola.com
trc.taboola.com
ts2020-indies-client.web.app
u.openx.net
uipapac.semasio.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
www.facebook.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.heraldsun.com.au
www.redditstatic.com
x.bidswitch.net
ads.playground.xyz
au.pixel.newscgp.com
bidder.criteo.com
check.analytics.rlcdn.com
cm-supply-web.gammaplatform.com
dt.scanscout.com
fastlane.rubiconproject.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
login.newscorpaustralia.com
mfad.inskinad.com
prebid-a.rubiconproject.com
sync-dsp.ad-m.asia
sync.search.spotxchange.com
103.229.10.171
103.43.90.178
104.18.24.173
104.18.25.18
104.18.26.193
104.18.41.104
104.22.53.86
104.244.42.131
104.244.42.133
104.26.12.18
104.69.166.9
104.69.168.60
107.178.254.65
119.9.108.211
13.107.42.14
13.215.8.194
13.224.250.80
13.227.254.114
13.227.254.18
13.228.194.70
13.33.33.103
13.33.35.24
13.33.45.206
13.33.77.151
13.33.88.119
13.33.90.128
13.33.97.213
131.153.206.103
139.162.58.205
141.226.224.32
141.226.229.48
141.226.231.48
142.251.10.156
142.251.12.101
142.251.12.149
142.251.12.156
142.251.12.94
142.251.175.156
146.75.112.157
151.101.1.140
151.101.1.175
151.101.129.229
151.101.129.44
151.101.130.217
151.101.193.44
151.101.2.217
151.101.66.49
157.240.235.1
157.240.235.35
162.19.138.116
162.19.138.82
172.217.194.154
172.253.118.156
172.64.102.11
18.136.228.74
18.138.15.105
18.138.18.111
18.138.79.132
18.139.47.19
18.140.27.177
18.142.123.88
18.143.106.89
18.155.68.27
18.155.68.48
18.155.68.80
18.161.111.107
18.182.123.76
18.192.43.30
182.161.73.129
182.161.73.136
182.161.73.146
184.28.235.217
184.28.235.74
185.84.60.20
195.5.165.20
199.36.158.100
20.40.202.2
207.65.33.76
207.65.33.82
209.191.163.208
211.120.53.205
23.106.127.53
23.108.103.8
23.15.147.149
23.195.152.111
23.195.152.191
23.195.154.245
23.195.154.61
23.202.130.38
23.46.16.136
23.46.16.168
23.54.56.167
23.54.56.214
23.72.44.183
23.72.44.196
23.72.44.233
23.72.45.28
3.123.157.122
3.218.40.90
3.24.70.96
3.72.119.175
34.102.253.54
34.111.113.62
34.120.155.137
34.160.169.226
34.231.45.30
34.96.71.22
34.98.67.3
35.169.153.218
35.186.193.173
35.190.60.146
35.208.249.213
35.213.12.39
35.213.93.179
35.214.232.33
35.236.220.17
35.244.159.8
35.71.131.137
45.137.176.88
50.116.239.135
50.57.31.206
51.75.88.190
51.75.89.127
51.75.92.187
51.75.92.250
51.75.95.112
51.75.95.152
51.75.95.199
52.10.212.50
52.13.17.63
52.223.2.229
52.46.143.56
52.54.122.44
52.6.137.171
52.74.118.249
52.76.99.23
52.84.251.10
52.84.251.86
52.84.45.108
54.149.199.105
54.169.175.61
54.192.150.117
54.192.150.56
54.192.150.7
54.210.220.158
54.224.81.152
54.65.219.118
63.140.36.117
63.140.36.138
63.140.36.14
64.233.170.100
64.233.170.103
64.74.236.95
67.199.150.81
67.199.150.86
67.220.226.232
69.173.151.100
69.173.158.64
74.118.186.107
74.125.130.148
74.125.130.157
74.125.200.132
74.125.200.94
74.125.24.154
74.125.24.97
74.125.68.157
74.214.196.131
8.18.47.7
82.145.213.8
89.207.22.137
017a6942f7ddbc31e6e8cb41c1b7ca5a9077bc53adc790a84c02dc45591c8215
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
03fabcad975137575d49015c723f42231abc08679bf3a49aa79444e00eb8faf3
05dc9361756871c5b3e46098aa895fe1c9f182d5fc549f7644096a05ef08a58a
06779e61ca7cf460a9be9fd0d67de26946e06775dda5fc2dc871b4ef74d2ea71
06b37c36ff9b6334e218ea02b694b81afc75833a3c216b4e9e3d3c42ad3042c4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d25f63ebc6840c2a733d79a5737727daaeac1ee374dd408e59deafbf84df15
0a16fc1fe8cf0f316d5227da439b24fe68b42f09efbe67def46df8cefd644e69
0a78abc02f9359cdec3b153e8608448216573101000634b558222a03df5df9f4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd
0e53454a6a3599c9e3c46ed4eb2132a19bd03b72d6be5282a2d4fb093249751f
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0ec76d4b6ed8c436113f06a582c476855e784f3226de982d3df06453a35eae3e
0fa983167775a01cf77abe9b27e11c3c6e56b08b5925e6fa591f46735836f493
10121f3de73f9a1f64ae2569f72f54f3edf62acf3d9a072e5b7a881c4d0cea6f
12a3170ec516303dd7108508ec6c5b44d8fc14f906a72e03fa65771199e37b5d
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
14b27f6996322cc01899e1645fe0d308e474faab17f1936e1340753110d40eb9
171d746b396dc5efdf864c0f5631ee8fede3b710a07bdd6a2c9ecd2c3a382990
1802acd7b797f6d02ac46b64abf82f6c55c2ab6ff0222a07f98278f16467fedc
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18821b3d7d361f9fe83c1a4903572d69cec2013570fe26bf462dc151b4fc772b
188a54eb995c64efbcb5cc8eb275af03eb3ff18e005a504b63810fb0cccf31a4
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7
1a2f3549b56ae7a38c3ebe16e9dd1184c81d549695e6c563f8e0eeb31e2ec64c
1ad0fc40a2a697471e389304424760c5f7afcb565bfdc41e1e228b85a4f76d1d
1c21be9db4a5aa36ef2488085f60682b852099e863f6b9d87647f17761cf9e3a
1c2c40829df3684327a3360fcd1ae01503704a316fd54a30525c6a4d30397a40
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
209807b4a945eb3978b50de85596e82a78af6ec6cf2d8757abadf90ef182a687
20d3baeeccf48b8aa9138a552f6d3311a710a1049c4e41a0fb6dd4e653dc09fb
240380d6d8a4d144299dbc440998abc87b6cac8f7b4e2f3f676c56bca9910e1d
241c99424ffb0a10103882c9ba09cfc58a3f577c1fbaa95009b5d6c396266e3d
2667ade0f68fa53801e686d823bd3b346b6db404406c2ee359628ed265ab89ee
28cbfc1bddd44fae420cd114e584ec822a7644e47d736c4dd529826312e8f61d
2954d7ba7e973e326c087e6a09dbbc9b68b5dd01b27123be62726c6880bc8d74
2a3c406081ea961d2862beeb61e9e6df7f8c289d7fe3bb19db3cfe0dd2bf6fac
2a694cc83c68e30ede6ad2847f80101cb10d3381b6a4f0932ca7de00afe2b8cb
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fbf272e16d26dff99cb3eeeec27495c4d6b52068337eeb3967122dea7dc7ce0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3549b815d9719a19ca8d18b6589b4cfc3c211d3fd08cc1524d16434668bcb240
35ee40cb57caff6c6e1659481d420449cdd872706b1b850e0095a7f57d622e83
368b7752738a376fe08388d1719cb245bf28aa39a8a67f608a9f2ced2b7c8adc
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37689adf0f1381fde38ca7230bdf5dbe931e38b29280e58908256eb3643bea92
38c2cb9b0d8e8d45e937e85aa2b7d1a8452a902d5e5d1da4f3703f15c00278c1
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39e309c10e89cae85bee7a62fb7324b355456a33a970c1210cda818c296aa7a4
3bc5311c4702041d67c632224e29a9bfbaa88e74ac969d261501924fa4a6ae29
3cbb17ce946796035eb3a1d9bf9f23b21b343f0e2e6b4445802c06388bba2e3b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff68089be6aec9004c46e509907ce39e1fa0621d7d02eb05613a85dbcdd8e58
408096e36a0c32e02344efb63f4ecf2cafecc6040e329bad4616e6de67e6fe1c
4164347585bd35337d75fe893dec847c92c6fdf8abe55023c5aa193cccf90d6f
419fd4b1560b1de01564ef05fea5d689bf3e9881c4ecd923c41ef8a417588cfa
41a368a7669db0c9d808b694ff30deb13af0da9233a84f1da9d69995615354f9
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42c52f665b11b8b9dcd311d985d7fea6a83a12c2cb0a3b1164ed31cd983334bd
4300429d75b6111aaab9037915cb4653f310453781cb012330faaede3fd030bc
436ea87eb6704dd1b0a5e3ec8332c2fc8b5f4311c45e00d273a195bab44da660
43f67d9ff8113d8da9b7db587e697b30b3e01cb3919fce9b7afd5ee8766e7fa4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
462de0cf99e5a07877be62391df469f48b1fb508b31d01ceab53b0a7bf1a73ce
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f9dcd2e18ab82c3a57b6cc54b0a8ac34241d1fd3af99189840d8a022c97dc7
475cc6bd2e4a0658886f527f2420fbcfb869d098cc789914e77c554559f330ac
475f9b9e50c213ab87b0d034da76de7ebc7e2eb9cd1fe856c7f21769e856bbcc
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47d0d5aa7762ddfba8248dd8c8fafeda106e656f8b8a931407ec17cc5460dfd8
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2
484f88512382babcd732c0d5404f8555a99856057e143b6b1f709e1fb9e6e6e9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4921188c7f782540b7f9a2f628947515674747308fe3d51e4dab57b307340f60
49b93c833617a437b5b14a4e3ac687b49b6920d126dfd7be76bacf546fe63d78
49dbe12d3b70d4de09187ba1e3950ed11dc0c15340129776d32a60627818b131
4a527795b18674e33b58a1f4e6d9b4c2f96f73cf9c20c70fcb9f56ed4b94a2a3
4af37496cc0e6f3640a2084b79e5518409bd7afdd45985c4f32f3822438d5015
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0e900d88a4d79acc98c18901c221ff93418f92cfb8e3b10f5030b5d026071a
4c135d0d86a4220f247efa2c51dd813f6ee57c919092844adc5542d8d94f84f8
4c2e03d0e2d3f21d25a50ac39491f5124a03d778da219ccb65801c522201a370
4dd69a2d49c32a57934eb9e1f833040f07d0ac052056e53c3dcbd8fbf24eb39d
4dec096ac53796aca6f7b6c1e26425431a2ae18cd5d490aa4dd4d3597e5350ad
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fddb9d642477918f2e9ac7daf14342fac8bff5ba59a81bf95820a564ca05ad6
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
510c40a15de53391da59f4104b63e595166ccbecafbb14cedede449c8bf5f5e2
52024c00d02e08cceb375c074033497d177dc505d8f051268705ce6c41a25ed7
5404b135846cca642a2a7f264ce11cb52481707da0c6ec4c05b7c3a2ea4af0e1
5430692de4b84722b96638ff5ac92b0cda7a64a2ce1b6def6b9774f981712919
54658f011aceb45705e19dc398fb1006bd498bee77370402133e67e68663385b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550f31172d6616dd65b986ffed33b0d9400f220195367f15a980caa963349c75
559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
57a7b2d3d6bb99ce228a6ebb8738c6eb7195fd54a64d2002139bdc6153eba687
58b602816271b450fea24127d7d4bdeb9bd29455091cd5fab2b90bd15cb38719
59ce7295e406f0620824e63571510b4c7deeaa9705021ded61ca640e0f7a961a
5b3bce54670dc4b7b293e3d2d99f303bf354047a47129e788ad452eee92f8c4b
5bfeec706adc7683becefcd84345ebea5a5e66a5a1c6d7dd43f61acda78a4081
5dacb52e983b6f9301230d96402d32b656bae0eea12e182b952727d355fb0304
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
603fc565806e291180062d072e5a4ea084fc69a2b916975026ea7e94ebe04a3b
60493bfd3fc6b0926963fee86b9dbd4621e753cd1bc556c8bb27be4c7787b985
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
64d4fe6081f265609e8f277d63bd7b7aad3064603b507df0f9368cb581f50491
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
674cecc33d701773b57481266baf1762bbda8be4ea1ab91edbce5c25d03bd76f
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
6a0c386c6ced8567e0d062db55fa699305960e4a19e5752bb9c01c16bfc5ce31
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d
6b7425c73352077b530408a016e970b6ab1254500d0897fc8bd33c83101b95a5
6b8025bbab910b8c683df2791b71cb93234e64a4c70bdc8d9556538d9ffc061c
6bde81b260875ab77e5687f72d4896d25a60810a18db9549c2bc08c1f2d31333
6c488ada7eafe04f3bf9de7438350345b362fc73783dd2002e7a94760af5b010
6c7c0f2be8f7acb79c13f762e2e682d6bfd0eda5ea61a787503f517b0e95cb58
6ccf10fd96234495c81502e28ee7d4b85d6326f57874ecea11f4ec7ea22ceae6
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
6fb048b529862aa820b01dc3d122f0de2a3b145b79bc6eb281d4bdf96fd27141
70dafd1c95afbc06a6484529213debecb69b166131ad8b4bfcd0d7f44af6810e
714f6738376a61459e39558628b73496acaabd5b90516c8bff2b44b7b36609a2
71b1e6a532cfe9d1ae00078364d802514836b26b36a271ed78233d334043da1f
71f807974bc8301887caa7e32ceb42d86249926ee6d6c1aed662eb991623bc45
73b4424d2202e9f35bc51ef07a84e4f2ca17e5c73fb20a25869eb92ae379e2b3
7424e70124580f63f1a7cf513fb39a23265dccf61c7de2e062ed8e197cfd9455
7477c6f8e88d363e804cc07dfabcba4994b82b1f9738b6792deee049ecc232c2
751968bdba9d4d005c2766078f1d70fe3930717d50deb82a1aff4964184f6e0e
7bdbdef27a4a0cfd2a79077ba022e84bf5422b1a6822390a2c1760aa375c81a6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d5868e2723c7fbd131f75c4ed88f5e4bcfcebf723ca67decba2c64d702d916c
7e066e40e0b0551b9c64ad28f35429a82e9b3878b8cfe150e1743804da51e484
7f4ca846fafb32edc5a2ad4f21a03313523b9693071fa849429b10de5002abb4
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
811fb3e1699642a4d9a1e61faff7b36984bbd53652fecf4cb4b7aa6cad0d7b4b
828a33592bfbae32fbbd33b9fa7b0055aece56f5b4f079bd94f15844207a191f
82aaf9f39efa4dff4ed7f5c8e060bff5bfd9fbe9c830ddc539705d9d76bf96ca
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e6ca60b046d39bf2bd8e9a4ba1c5e3a005b0f5c3d1f0aeacf8a5b747d28d1a
861f3efa539ae9d42819caadecbe212263ce477d939de18a8dfdf10c5218328d
867b4bfa91946a56c99248907f9b3dae405069d6be42edb8c2272828c32d6918
875e2dbb46ed3ac5de6ffb948be3670674574c75bf0c963ad68edb8832f06d44
87f706547dba77861b4dda27017e5f90eaa2b067b401fd49ec77d83f6c1fcb62
88368ae9b2482d286c5ed652a8b6c94f220d5a4a00cb502e19cd6bda85d39da1
89081edf3192c54afbbdc32b320a1b0c5edab477d9d12d07e4a3f9146bbeff9f
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89a9b728cbc4ea20ef9c0934035ba3300049c50682dcc0e58452c40749b6d853
89ccbdf79c51f1a72c6f8dd6118ff42d24cd9ee97975017675f90201ed1d866a
8a7ade9025f960256f74bc03ca44604996b68a46d10fef14e038e2e23344dad8
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95
8b25afd4c3a5616558c4d6734afcdd19c265c3b26c9af154ed4f594bbdc45756
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eeb1635a65d8bf0fd57b195c3c3ec1fc05584505c44661285676cb4d1fdac58
919403d0541af2e6be939ac4ffe1fb341038d048ac32b3e4a69d6d9ce980ccb1
91ac695010459a37c6572eff5659c9d51ba2335eb9c49a6e0a558e7f73e86236
91fcaddfc37eef91ea05818d0b192fbe33b1112ce52f1a31a1d858250c7ff42d
92e48936531fc7dd51fa4799d53b25be293b2a198bee7b434d269bb2518d709f
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
952ff5cd031265cc71263d3aaa97efce52950505dac22a4f11769de28a1c661a
961b402cdbb0d3285838dcee0a613125013a2c5b09c4adac2496a81f0b9cb782
9639b41a6a00da2469a17dc078dacca8f00e8f71a998dce01781e816e5a96473
978b2a6f6e3e59f3291ef1c3e7b5ad9ff132761730efd80c0d0a7dbda0260377
97ca050a8ef7d59aa49f6be7a75e2c9fdf593d7fa856d2e91d13b16bd9057fc4
98ade229c8e5ad15bb18fd8dd30aeb135ca4b94260023a34a42a0b96278d4455
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99740307ed5cfa3bfd0c6d068d455e4c76d3328c7262599434f41754fd6165c7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99ce3d5b954b596a1cb1e361f0797c5685dfff608149f320f37184ca2467f68f
9c96c896d339ecd2412561b1cc04a750ddbb798fe446c7d9c7fa1f44cbec81ee
9d0e6380f435ab9edb2a011bd5b56d835902b81fee441fb769355f07fbc468c0
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9dd71f141cda66fe6e76baec04d4f8e2bc478dc5f250a4cdb2c2485608cba166
9eab27c634b2201cb52d5a94c4bdec71726e1ca54039494147e92d35c5a0ce4a
9fcb56796431615752f0184552946e295a703918e343a26904a0fae4bd449fce
a021c4118a8ed18c55e33971fc9eba7bdc07a6c07b43f0c9f421577bf5620acd
a03fac118f9129a069b48741907b495ae22df0be7d2434fa5b8b65e07323d71a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e31167602681c63e7b18ddf16b94159599c3fac3d338d004289a6a77a23fb8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3b029951e626e7d3123a1f25886db28f5ea4f32d1e80491a3b8c8c51f13f5c9
a48dae046278fe3a04f2a5e6106c47e40592575714014ffed14a38da1d403435
a4e47950213a9ebc54c04b1c20fedb4559811c8f349627d8ab877aade5ff2f42
a5d1f2f1cc530b57aa799d659c6347a6b12963f2c0f61319a3230dc6e092e29e
a7befdc71549e05429b2f39beede1835f6d011fff0a1b52df13868535cef3033
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ab1437e8b7c26c45fecb3a842cac98e9354ba4e7059f3908430190d20c7837c1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad0be3fb57ddaa4423f45c119b70022d7a297a74879933f0403a30b17f5a9aa1
ad3882e871320fbd721f080f0fe59b2aa77c4226bdcc2db64b974d2d273b7bd7
af02115ba04348eec87006efd98181d9ecf9c6a584bd5983c6dd517d9e908929
af0c3df12e26b2104b482de94a913e61686a180cc4b0812a9c5c7800a0cef8ef
af23439fd47af030ab450dd1fe43a229ed087799521793f94a039644d118031d
af67202111e120f7578eeabad37b9d3b8e68925db083a70bd152800bf9270c41
afaf4a15fedcab011a226f51e644759145a3f1a674b60ec6774ce573d8b4c22f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
b24ddc19918b1011f103eae417ebe93752b13a2b8fb4f272e9cd368edc4bae05
b35725d4ad3cb0e0c6b51c1954687211b2bcd9205b2422f90e5244faa18ef6a1
b3f366a5418c77cb143fd3bfd0460abef00c12f70bdeaf63085f9b253c8015d6
b4cc31798597f72fc5373ca3c238437615270d993fcd022ea34544b1d1a49d18
b59e15d5894b17c2997abb27ce068d118003dbd13479ce522260b1d96d1ca871
b5d354f1ff2b84dc02b7f1679bab76c7f7424a3b78948785e1ef5580fd379ad9
b61951c6cbd0612d92091155e452b445bca56f3d836ec5360030214179a11a23
b7631a27c26edb85d615ec2a08a342f22ac458a2a54505babaa7eb448c87c3dd
b828e919c2ff55a336488d2ac02c554c1b69b0b662e2e0e6cb230f0e47cd4b6d
ba97fdb79551ec612f180093a000ae30f31ac9b2e82304a771ea5b502aa09352
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0
bbd29deca68f9639a9456faedcb3c18abc0af0b4bd8336b49a82b61c34296bfe
befbb0a49033380440ad4e70e1450ae1a902b23a87dcc2580ed224cc88561b35
bfea5e5db4c526a9c86debd0154807b4eaddf36281a55cb3f622e441e5054dc1
c0c4ab2cb337f29a585f658d65b8e2f01d643dfe273503b3d79766ae0cae0230
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23adf862a75c69d2f83978c3cc4094269b66ad63654966d9893bc5773a30ad0
c337e54e0db2702dfd0df4760fe30ee8079d1f679e5d58133aeceab24eb2b168
c4295d30256e4e955b1584236f687a5bd4ce30cfe10282b7a0c9e921727205bd
c442a9080d41d33294a3983461847b6e73a295164963c8429fd818f2f733a3f2
c8ccc14c406c6f81ae0f851c5203912dda934541223fc6d5d9b361d20b9b9a18
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccb31b1542aaee2eb3ce785ccc2b5ab2b009461292d220cd329c2112da343826
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556
ce32364b9de08063abd901e9dde5fb77a91a53caddf3aeab45f74b62de19be2a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d013bb3c53bf5602f7ef0b6941c24d900877e0009894a3a9554e18d4ad946622
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d061194cd57fd9eec74510da3089a900c6b7cecaae63dfcc9f29c4c9a8a59ff8
d0dbbc7229e0686fdf3dbe9c02c01eacf97d939d84f8eb6d37cbd1648bad9e43
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1face7aa9a24e4e735172eb4675071c2be639d7f3579ccfe2b368d7407d34ef
d23e580436caed27eb6af9adefc3b1269f9b1644aad3b75286baf0eb01480dfb
d30b444a315cff1289e954a6a286d6224e9f8896488849b072e57e45a9e4f980
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35
d607b6ea663791ba493d51dff702ced971121c531f826d15086a0ef672f42f4c
d63c263b9982cbc03642d6436dd33168ea2c8b2e13f9f0f24ab154016daafa7f
d66577e7b786703e09b4363c6924d2c8c998ba7356fd0247fa691e234bb773e3
d6a2262db41d6daa01a55bff2ad51439054c6b051f070f0b2c3ecb7a3c482489
d779718eed5e6af18de75d3edd354975bc904d0e97484222b86f68191a9edcda
d7a065d2addacd77c99edb847d7ca7f63d7cc6e26f2c77b4ee26af42a70b1d53
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
da59296d163a649e5c68a3a0e46036887ba9becafd08ae618b02e6f064d54655
da7c580e30c824986cb7ffcf948daf4148b464b264f68fe15456f19bdcfe8875
dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee
db6c45790dc4ac5191ffde4001b492e90d53b88671009507106f646eac996fe7
dbcdac5068de08ff63d2ae44fc3797fd3b6215cc17a375f48a00503b1cd47d9d
dbf2b38491d95ca0fad4cd2951d8c8eb29ceaee6243f915eb3ec7013b22a0482
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de362ce389744f40e46bf5fae8255a6b0419be273e565ed161c3eeb0dcbaad26
defb630ec1c4a8511f580e8e7afd685171fe1f86978c4da397c487c76e757c3a
dfd8847c59437eff94ab40b9dbe9591678c061587a5c2e3926b0e4ceeb7d2f45
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
e11a38c81b99e0f27a7ef74e7de6c4dfd59e5eabd906e6fd4610f315959ce425
e20095438598e41559c819a6e7627835df9a9c2f6d490a4ea3a212286a3ba934
e2412193337a8af2d62f6203b7373e77bb8933d8cee1f5a80953258ba65ddc6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dd748c4adbc0db25e393e90d7acc8d6e0b23cffff10aa5ebdd2454fcc6bf79
e45125ba57a40658c96c55007f0548387e8c67183ea00eff5766502655206bd3
e4c4034f2522166c0aa6e8c23cd7f3d90b09568a1b97e0b1520dc54e4bbc3a09
e550c86635ea377cc024424945e8009df376644b844021a9fe5486b3828fedd8
e5cbb1a014b0b4854ac14385db517837bd8a439e4389b604f4e8219a24310464
e620105de5910d31b2e7e1576c15461f328c5eb21952be34ba82840d94dba99c
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
ec4bc303ff4d9a749721d252b11b947441f8196e3806f3a2d616a6fd1a45a436
ed37b238b690e509ae7dffcd772cb24b8bdaf2c16980186f22102e8273064eda
ed7877193ea3a97b0116dd05aa9330b8cca37e4eb13d84e5665217657618c41d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f0ef50bf45765ae087cc01984ebe59f10ff50a76af8b0677dda5b436347ee9dc
f111061fbec61ae1f65532b5dba01d03f9a62600b8cf8d9c53a2ba3dc51d3aa4
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f3bb6bd707578d2cf3875bc8c31bdc3cea289fad82329be8a452450db41f5758
f5647c47fb1b581202f34328775140b59a860d678f541caf98adf2e3d48900f2
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6d2196c88067bce2c076d4033031b94b97a03015a4a8664e746daa26c2e207f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb43cca1676fe6b5d16921f2f16d3cf0ec445308ee4ec81b724e4a7b36f2171f
fb6e3f6098ff5934b49b7034b0ff9d48ed6bca2eb1f97fb37129bc6dfca523c0
fbb53392ea2d4f9b972eb848ca5b74ba5914888f2f697a9d5ab5a43a5d2c2a16
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54
ff6ae9abf2f38f35b3c07f4b9bddc4adf55307259d9e685bdc78b55f36ddd638
ff773f94fcb1b41b92e26bebeb6952f4be8cec12fbcd1e1dfcbaed1262684816