Submitted URL: http://www.heraldsun.com.au/
Effective URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Submission: On November 19 via api from US — Scanned from AU

Summary

This website contacted 144 IPs in 15 countries across 116 domains to perform 535 HTTP transactions. The main IP is 184.25.220.115, located in Singapore, Singapore and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 236185.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 7th 2022. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 38 184.25.220.115 16625 (AKAMAI-AS)
1 11 184.25.220.199 16625 (AKAMAI-AS)
11 23.58.140.194 16625 (AKAMAI-AS)
1 151.101.194.217 54113 (FASTLY)
1 15 151.101.193.44 54113 (FASTLY)
1 192.0.66.122 2635 (AUTOMATTIC)
4 52.95.129.58 16509 (AMAZON-02)
1 13.33.33.30 16509 (AMAZON-02)
16 142.251.10.132 15169 (GOOGLE)
2 151.101.1.44 54113 (FASTLY)
1 3 13.33.88.81 16509 (AMAZON-02)
1 172.64.133.15 13335 (CLOUDFLAR...)
2 34.160.169.226 15169 (GOOGLE)
2 10 141.226.229.48 200478 (TABOOLA-AS)
3 104.69.108.119 16625 (AKAMAI-AS)
4 96.16.116.178 16625 (AKAMAI-AS)
2 54.192.150.8 16509 (AMAZON-02)
9 18.161.97.112 16509 (AMAZON-02)
1 4 172.253.118.149 15169 (GOOGLE)
1 13.33.91.15 16509 (AMAZON-02)
2 157.240.15.13 32934 (FACEBOOK)
2 13.227.138.75 16509 (AMAZON-02)
2 34.194.167.128 14618 (AMAZON-AES)
1 151.101.1.175 54113 (FASTLY)
2 172.67.38.106 13335 (CLOUDFLAR...)
1 104.65.228.244 16625 (AKAMAI-AS)
14 142.250.4.157 15169 (GOOGLE)
1 3 13.224.158.57 16509 (AMAZON-02)
1 13.33.100.21 16509 (AMAZON-02)
1 54.192.150.92 16509 (AMAZON-02)
2 104.26.7.155 13335 (CLOUDFLAR...)
3 13.33.88.25 16509 (AMAZON-02)
2 23.52.171.89 20940 (AKAMAI-ASN1)
1 199.36.158.100 54113 (FASTLY)
1 15 52.220.189.161 16509 (AMAZON-02)
19 74.125.24.157 15169 (GOOGLE)
2 142.250.4.156 15169 (GOOGLE)
1 34.235.69.0 14618 (AMAZON-AES)
1 54.192.150.39 16509 (AMAZON-02)
2 2 35.157.224.29 16509 (AMAZON-02)
1 13.56.167.15 16509 (AMAZON-02)
2 2 124.146.215.49 2514 (INFOSPHER...)
9 13 69.173.158.64 26667 (RUBICONPR...)
18 37 172.253.118.155 15169 (GOOGLE)
2 17 67.199.150.86 3257 (GTT-BACKB...)
13 18 52.223.40.198 16509 (AMAZON-02)
1 2 209.191.163.208 32475 (SINGLEHOP...)
1 74.214.196.131 19189 (PULSEPOINT)
1 23.106.127.38 59253 (LEASEWEB-...)
1 52.200.250.127 14618 (AMAZON-AES)
2 2 182.161.73.146 55569 (CRITEO-AS...)
9 12 162.19.138.83 16276 (OVH)
4 5 107.178.244.193 15169 (GOOGLE)
8 15 104.254.151.69 29990 (ASN-APPNEX)
4 5 185.84.60.23 198622 (ADFORM)
5 5 103.229.206.240 30419 (MEDIAMATH...)
3 4 119.9.108.211 45187 (RACKSPACE...)
9 10 35.213.12.39 15169 (GOOGLE)
3 4 35.227.202.26 15169 (GOOGLE)
1 1 13.114.176.56 16509 (AMAZON-02)
2 2 35.156.8.143 16509 (AMAZON-02)
2 4 34.98.64.218 396982 (GOOGLE-CL...)
1 2 52.223.2.229 16509 (AMAZON-02)
1 44.229.70.27 16509 (AMAZON-02)
4 4 44.205.120.122 14618 (AMAZON-AES)
1 82.145.213.8 39832 (NO-OPERA)
1 104.16.85.20 13335 (CLOUDFLAR...)
4 54.192.150.97 16509 (AMAZON-02)
1 151.101.65.44 54113 (FASTLY)
1 20.50.2.28 8075 (MICROSOFT...)
1 13.237.58.233 16509 (AMAZON-02)
1 141.226.230.50 200478 (TABOOLA-AS)
3 157.240.7.35 32934 (FACEBOOK)
9 18.142.71.123 16509 (AMAZON-02)
1 34.120.155.137 396982 (GOOGLE-CL...)
1 13.213.224.33 16509 (AMAZON-02)
3 63.140.48.120 16509 (AMAZON-02)
1 1 13.228.7.136 16509 (AMAZON-02)
1 103.231.98.193 62713 (AS-PUBMATIC)
2 3 104.18.33.19 13335 (CLOUDFLAR...)
1 182.161.73.145 55569 (CRITEO-AS...)
2 34.102.253.54 396982 (GOOGLE-CL...)
4 69.173.158.65 26667 (RUBICONPR...)
2 34.235.52.228 14618 (AMAZON-AES)
1 9 142.251.12.138 15169 (GOOGLE)
1 52.85.54.4 16509 (AMAZON-02)
2 52.221.158.212 16509 (AMAZON-02)
1 54.192.150.93 16509 (AMAZON-02)
1 162.19.138.118 16276 (OVH)
1 162.19.138.82 16276 (OVH)
1 54.255.199.87 16509 (AMAZON-02)
4 13.236.243.253 16509 (AMAZON-02)
1 13.227.254.91 16509 (AMAZON-02)
3 3 50.116.239.135 6336 (TURN-US-ASN)
4 104.65.228.208 16625 (AKAMAI-AS)
1 1 199.127.207.191 26120 (RHYTHMONE)
2 2 18.141.80.142 16509 (AMAZON-02)
1 1 34.230.201.103 14618 (AMAZON-AES)
5 52.88.253.169 16509 (AMAZON-02)
1 1 23.207.181.216 16625 (AKAMAI-AS)
13 13 151.101.130.49 54113 (FASTLY)
2 7 209.54.182.161 16509 (AMAZON-02)
2 182.161.73.129 55569 (CRITEO-AS...)
3 18 139.5.84.243 27381 (CASALE-MEDIA)
1 13.225.131.60 16509 (AMAZON-02)
1 2 103.71.26.125 132134 (SPOTX-AS-...)
1 74.118.186.44 26120 (RHYTHMONE)
4 54.230.188.115 16509 (AMAZON-02)
1 151.101.108.157 54113 (FASTLY)
1 23.49.60.185 20940 (AKAMAI-ASN1)
2 74.125.200.97 15169 (GOOGLE)
2 104.65.228.195 16625 (AKAMAI-AS)
2 4 142.251.10.148 15169 (GOOGLE)
1 142.251.10.154 15169 (GOOGLE)
4 5 52.74.162.2 16509 (AMAZON-02)
1 4 104.254.150.241 29990 (ASN-APPNEX)
1 13.33.33.73 16509 (AMAZON-02)
2 13.224.189.46 16509 (AMAZON-02)
4 5 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.99.194 13335 (CLOUDFLAR...)
8 74.125.24.94 15169 (GOOGLE)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
7 172.217.194.157 15169 (GOOGLE)
3 172.217.194.155 15169 (GOOGLE)
3 74.125.24.132 15169 (GOOGLE)
1 3 67.199.150.81 3257 (GTT-BACKB...)
2 3.73.8.30 16509 (AMAZON-02)
2 54.199.92.111 16509 (AMAZON-02)
4 172.64.154.237 13335 (CLOUDFLAR...)
2 23.58.244.87 16625 (AKAMAI-AS)
1 172.64.151.162 13335 (CLOUDFLAR...)
1 185.84.60.21 198622 (ADFORM)
1 2 119.81.192.134 36351 (SOFTLAYER)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
4 103.231.98.195 62713 (AS-PUBMATIC)
1 2 34.142.175.23 396982 (GOOGLE-CL...)
2 5 18.141.128.115 16509 (AMAZON-02)
1 13.251.70.29 16509 (AMAZON-02)
8 74.125.68.155 15169 (GOOGLE)
2 2 103.229.10.192 16509 (AMAZON-02)
6 172.217.194.103 15169 (GOOGLE)
1 1 185.183.112.155 60350 (VP)
1 52.77.150.143 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 104.18.36.94 13335 (CLOUDFLAR...)
7 172.253.118.100 15169 (GOOGLE)
1 52.95.115.196 16509 (AMAZON-02)
15 13.33.174.66 16509 (AMAZON-02)
4 18.136.173.211 ()
3 142.251.12.149 15169 (GOOGLE)
1 1 150.95.47.241 7506 (INTERQ GM...)
1 1 54.179.36.186 16509 (AMAZON-02)
2 3 77.88.21.90 13238 (YANDEX)
1 1 18.177.254.176 16509 (AMAZON-02)
1 1 54.168.63.191 16509 (AMAZON-02)
1 35.213.109.249 15169 (GOOGLE)
1 2 23.52.45.34 16625 (AKAMAI-AS)
1 1 35.208.249.213 19527 (GOOGLE-2)
2 151.101.2.133 54113 (FASTLY)
1 151.101.194.133 54113 (FASTLY)
6 13.227.254.119 16509 (AMAZON-02)
29 52.32.86.55 16509 (AMAZON-02)
1 1 18.138.18.111 16509 (AMAZON-02)
1 2 18.140.183.49 16509 (AMAZON-02)
2 2 35.213.93.179 15169 (GOOGLE)
7 13.33.88.121 16509 (AMAZON-02)
535 144
Apex Domain
Subdomains
Transfer
68 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 173
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 226357
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
307 KB
48 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 546
cdn.adsafeprotected.com — Cisco Umbrella Rank: 2994
pixel.adsafeprotected.com — Cisco Umbrella Rank: 605
dt.adsafeprotected.com — Cisco Umbrella Rank: 518
400 KB
34 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
189 KB
29 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 671
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
image5.pubmatic.com — Cisco Umbrella Rank: 55246
image2.pubmatic.com — Cisco Umbrella Rank: 882
ads.pubmatic.com — Cisco Umbrella Rank: 458
image6.pubmatic.com — Cisco Umbrella Rank: 662
image4.pubmatic.com — Cisco Umbrella Rank: 822
simage4.pubmatic.com — Cisco Umbrella Rank: 1110
31 KB
27 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 996
trc.taboola.com — Cisco Umbrella Rank: 636
sg-trc-events.taboola.com — Cisco Umbrella Rank: 34482
images.taboola.com — Cisco Umbrella Rank: 1558
sync.taboola.com — Cisco Umbrella Rank: 938
sync-t1.taboola.com — Cisco Umbrella Rank: 1187
match.taboola.com — Cisco Umbrella Rank: 4200
pips.taboola.com — Cisco Umbrella Rank: 1453
cds.taboola.com — Cisco Umbrella Rank: 1454
214 KB
26 bonzai.co
invoke.bonzai.co — Cisco Umbrella Rank: 172248
massets.bonzai.co — Cisco Umbrella Rank: 176270
collector.bonzai.co
dcollector.bonzai.co — Cisco Umbrella Rank: 172789
4 MB
25 google.com
news.google.com — Cisco Umbrella Rank: 5373
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 23
75 KB
25 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 491
ssum.casalemedia.com — Cisco Umbrella Rank: 1273
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
dsum.casalemedia.com — Cisco Umbrella Rank: 1372
20 KB
25 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 236185
origin.go.heraldsun.com.au
subscriptions.heraldsun.com.au
metrics.heraldsun.com.au
846 KB
22 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
js.adsrvr.org — Cisco Umbrella Rank: 1393
insight.adsrvr.org — Cisco Umbrella Rank: 573
25 KB
21 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
acdn.adnxs.com — Cisco Umbrella Rank: 579
secure.adnxs.com — Cisco Umbrella Rank: 426
37 KB
21 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
token.rubiconproject.com — Cisco Umbrella Rank: 544
fastlane.rubiconproject.com — Cisco Umbrella Rank: 439
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2899
eus.rubiconproject.com — Cisco Umbrella Rank: 541
22 KB
16 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
newscorpau.demdex.net — Cisco Umbrella Rank: 119892
20 KB
16 api.news
content.api.news — Cisco Umbrella Rank: 61433
324 KB
14 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1007
sync-tm.everesttech.net — Cisco Umbrella Rank: 533
3 KB
14 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1084
id5-sync.com — Cisco Umbrella Rank: 479
50 KB
13 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 55840
mhr.talk.news.com.au — Cisco Umbrella Rank: 732770
ncg.tags.news.com.au — Cisco Umbrella Rank: 158627
236 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 290
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915
10 KB
11 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 105713
83 KB
10 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
5 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
4 KB
9 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1283
beacon.krxd.net — Cisco Umbrella Rank: 530
cdn.krxd.net — Cisco Umbrella Rank: 1638
consumer.krxd.net — Cisco Umbrella Rank: 2207
91 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
318 KB
7 bzcdn.co
s.bzcdn.co — Cisco Umbrella Rank: 330131
106 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 582
cm3.adform.net — Cisco Umbrella Rank: 96826
3 KB
6 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2328
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 6710
zlmk2tlq5oonviahbufztslgnyhcc1668831206.nuid.imrworldwide.com
67 KB
6 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 131368
au.pixel.newscgp.com — Cisco Umbrella Rank: 194491
au.audience.newscgp.com — Cisco Umbrella Rank: 215967
49 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
132 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
www.linkedin.com — Cisco Umbrella Rank: 576
3 KB
5 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 762
check.analytics.rlcdn.com — Cisco Umbrella Rank: 3831
idsync.rlcdn.com — Cisco Umbrella Rank: 321
1 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 50344
rm-script.dotmetrics.net — Cisco Umbrella Rank: 5506
40 KB
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 446
3 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 400
907 B
5 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 1922
bs.serving-sys.com — Cisco Umbrella Rank: 1181
lm.serving-sys.com — Cisco Umbrella Rank: 1931
26 KB
4 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 79993
www.google.com.au — Cisco Umbrella Rank: 24281
2 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 665
1 KB
4 openx.net
u.openx.net — Cisco Umbrella Rank: 656
us-u.openx.net — Cisco Umbrella Rank: 407
612 B
4 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 929
au-gmtdmp.mookie1.com — Cisco Umbrella Rank: 345065
1 KB
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1134
2 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 944
24 KB
4 amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com — Cisco Umbrella Rank: 973623
60 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3438
1 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
166 KB
3 turn.com
d.turn.com — Cisco Umbrella Rank: 1098
ad.turn.com — Cisco Umbrella Rank: 708
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
272 B
3 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 631
bidder.criteo.com — Cisco Umbrella Rank: 691
1 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3216
collector.brandmetrics.com — Cisco Umbrella Rank: 3565
17 KB
3 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 16571
a.vidora.com — Cisco Umbrella Rank: 69815
6 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 146
3 KB
3 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 353
18 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2194
971 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 714
856 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1226
649 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 615
1003 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 752
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 668
719 B
2 innity.com
avd.innity.com — Cisco Umbrella Rank: 27326
847 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 587
cdn.indexww.com — Cisco Umbrella Rank: 1490
2 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 471
466 B
2 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1409
376 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
104 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 557
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
57 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 926
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1158
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1326
695 B
2 inskinad.com
mfad.inskinad.com — Cisco Umbrella Rank: 24529
1 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3659
404 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 339
740 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 865
1 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 862
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 883
2 KB
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 2703
629 B
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 19495
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 139
112 KB
2 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 159632
3 KB
2 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 95687
28 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3110
32 KB
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 25038
654 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1440
482 B
1 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 2930
218 B
1 adtdp.com
dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 122899
351 B
1 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 153171
347 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 618
512 B
1 reemo-ad.jp
sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 133976
402 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2180
419 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1431
181 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1358
705 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3986
392 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 528
397 B
1 t.co
t.co — Cisco Umbrella Rank: 475
379 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 160
17 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 716
5 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 603
15 KB
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 519
99 B
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 7546
835 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 508
501 B
1 scanscout.com
dt.scanscout.com — Cisco Umbrella Rank: 29559
698 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
2 KB
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1729
468 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 901
384 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 434
513 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1146
67 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 607
697 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 510
729 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 967
539 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1132
201 B
1 web.app
ts2020-indies-client.web.app — Cisco Umbrella Rank: 200369
2 KB
1 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 4920
27 KB
1 cloudfront.net
d3div1mtym39ic.cloudfront.net
39 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 29473
20 KB
1 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4338
949 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1239
24 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 867
12 KB
1 pagesuite.com
edition.pagesuite.com — Cisco Umbrella Rank: 86633
49 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 5069
7 KB
0 sonobi.com Failed
syd-1-apex.go.sonobi.com Failed
535 116
Domain Requested by
37 cm.g.doubleclick.net 18 redirects www.heraldsun.com.au
googleads.g.doubleclick.net
e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
29 dt.adsafeprotected.com www.heraldsun.com.au
21 www.heraldsun.com.au 2 redirects www.heraldsun.com.au
18 dsum-sec.casalemedia.com 3 redirects www.heraldsun.com.au
js.adsrvr.org
ssum-sec.casalemedia.com
googleads.g.doubleclick.net
18 pagead2.googlesyndication.com ad.doubleclick.net
e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.heraldsun.com.au
www.googletagservices.com
16 content.api.news www.heraldsun.com.au
15 massets.bonzai.co invoke.bonzai.co
massets.bonzai.co
www.heraldsun.com.au
15 ib.adnxs.com 8 redirects tags.news.com.au
www.heraldsun.com.au
acdn.adnxs.com
googleads.g.doubleclick.net
15 match.adsrvr.org 12 redirects js.adsrvr.org
ssum-sec.casalemedia.com
15 dpm.demdex.net 1 redirects www.heraldsun.com.au
tags.news.com.au
ssum-sec.casalemedia.com
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
13 sync-tm.everesttech.net 13 redirects
13 simage2.pubmatic.com 2 redirects www.heraldsun.com.au
ads.pubmatic.com
12 id5-sync.com 9 redirects tags.news.com.au
cdn.id5-sync.com
11 resourcesssl.newscdn.com.au www.heraldsun.com.au
ts2020-indies-client.web.app
11 tags.news.com.au 1 redirects www.heraldsun.com.au
tags.tiqcdn.com
au.tags.newscgp.com
10 x.bidswitch.net 9 redirects www.heraldsun.com.au
9 news.google.com 1 redirects subscriptions.heraldsun.com.au
news.google.com
www.heraldsun.com.au
www.gstatic.com
9 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
googleads.g.doubleclick.net
9 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
www.googletagservices.com
9 static.adsafeprotected.com bedsberry.com
pixel.adsafeprotected.com
www.heraldsun.com.au
e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
8 www.googletagservices.com securepubads.g.doubleclick.net
e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
www.googletagservices.com
www.heraldsun.com.au
7 s.bzcdn.co www.heraldsun.com.au
massets.bonzai.co
s.bzcdn.co
7 play.google.com www.gstatic.com
7 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
www.heraldsun.com.au
7 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ads.pubmatic.com
ssum-sec.casalemedia.com
www.heraldsun.com.au
7 pixel.rubiconproject.com 3 redirects www.heraldsun.com.au
7 googleads4.g.doubleclick.net ad.doubleclick.net
googleads.g.doubleclick.net
7 cdn.taboola.com www.heraldsun.com.au
cdn.taboola.com
6 dcollector.bonzai.co www.heraldsun.com.au
6 www.google.com securepubads.g.doubleclick.net
www.heraldsun.com.au
e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
6 token.rubiconproject.com 6 redirects
6 sync.taboola.com 2 redirects www.heraldsun.com.au
6 trc.taboola.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
5 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
5 ups.analytics.yahoo.com 4 redirects www.heraldsun.com.au
5 beacon.krxd.net www.heraldsun.com.au
cdn.krxd.net
5 sync.mathtag.com 5 redirects
5 c1.adform.net 4 redirects ads.pubmatic.com
5 pixel.tapad.com 4 redirects www.heraldsun.com.au
4 collector.bonzai.co www.heraldsun.com.au
4 www.gstatic.com news.google.com
www.gstatic.com
4 px.ads.linkedin.com 3 redirects www.heraldsun.com.au
4 secure.adnxs.com 1 redirects www.heraldsun.com.au
4 8228261.fls.doubleclick.net 2 redirects www.heraldsun.com.au
4 js.adsrvr.org secure-ds.serving-sys.com
insight.adsrvr.org
4 image2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
4 au.pixel.newscgp.com au.tags.newscgp.com
4 fastlane.rubiconproject.com tags.news.com.au
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
4 sync.srv.stackadapt.com 4 redirects
4 uipglob.semasio.net 3 redirects www.heraldsun.com.au
4 ad.doubleclick.net 1 redirects tags.tiqcdn.com
www.heraldsun.com.au
www.googletagservices.com
4 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
3 an.yandex.ru 2 redirects www.heraldsun.com.au
3 s0.2mdn.net e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.heraldsun.com.au
3 www.google.com.au www.heraldsun.com.au
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 ssum-sec.casalemedia.com tags.news.com.au
js-sec.indexww.com
ssum-sec.casalemedia.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adservice.google.com securepubads.g.doubleclick.net
8228261.fls.doubleclick.net
3 ads.pubmatic.com s.amazon-adsystem.com
tags.news.com.au
ads.pubmatic.com
3 insight.adsrvr.org 1 redirects js.adsrvr.org
3 www.facebook.com www.heraldsun.com.au
3 u.openx.net 2 redirects www.heraldsun.com.au
3 odr.mookie1.com 3 redirects
3 sync-t1.taboola.com www.heraldsun.com.au
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 c.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
3 cdn.ampproject.org www.heraldsun.com.au
2 a.sportradarserving.com 2 redirects
2 sync.crwdcntrl.net 1 redirects www.heraldsun.com.au
2 simage4.pubmatic.com ads.pubmatic.com
2 cdn.krxd.net ad.doubleclick.net
cdn.krxd.net
2 sync.teads.tv 1 redirects e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 cms.quantserve.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
www.heraldsun.com.au
2 pippio.com 2 redirects
2 avd.innity.com 1 redirects js.adsrvr.org
2 eus.rubiconproject.com tags.news.com.au
eus.rubiconproject.com
2 prebid-a.rubiconproject.com tags.news.com.au
2 lm.serving-sys.com secure-ds.serving-sys.com
2 p.adsymptotic.com 1 redirects www.heraldsun.com.au
2 cdn.linkedin.oribi.io snap.licdn.com
2 acdn.adnxs.com www.heraldsun.com.au
tags.news.com.au
2 www.googletagmanager.com secure-ds.serving-sys.com
2 sync.search.spotxchange.com 1 redirects www.heraldsun.com.au
2 static.criteo.net tags.news.com.au
static.criteo.net
2 ps.eyeota.net 2 redirects
2 ssum.casalemedia.com 2 redirects
2 secure-sdk.imrworldwide.com www.heraldsun.com.au
2 mfad.inskinad.com tags.news.com.au
ssum-sec.casalemedia.com
2 ads.playground.xyz tags.news.com.au
www.heraldsun.com.au
2 metrics.heraldsun.com.au tags.news.com.au
2 eb2.3lift.com 1 redirects www.heraldsun.com.au
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com 2 redirects
2 ce.lijit.com 1 redirects www.heraldsun.com.au
2 tg.socdm.com 2 redirects
2 ih.adscale.de 2 redirects
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 cdn.id5-sync.com tags.tiqcdn.com
securepubads.g.doubleclick.net
2 pixel.zprk.io tags.tiqcdn.com
www.heraldsun.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 assets.vidora.com www.heraldsun.com.au
assets.vidora.com
2 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
2 bedsberry.com www.heraldsun.com.au
bedsberry.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 news-networkeditorial.s3-ap-southeast-2.amazonaws.com www.heraldsun.com.au
2 news-networkeditorial.s3.ap-southeast-2.amazonaws.com www.heraldsun.com.au
1 cm.ambientdsp.com 1 redirects
1 consumer.krxd.net cdn.krxd.net
1 trace.mediago.io 1 redirects
1 y.one.impact-ad.jp e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
1 dynalyst-sync.adtdp.com 1 redirects
1 v9999.adv.admeme.net 1 redirects
1 ads.yieldmo.com 1 redirects
1 sync.dsp.reemo-ad.jp 1 redirects
1 aax-eu.amazon-adsystem.com www.heraldsun.com.au
1 cdn.indexww.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 invoke.bonzai.co www.heraldsun.com.au
1 tags.rd.linksynergy.com 1 redirects
1 cm3.adform.net js.adsrvr.org
1 js-sec.indexww.com tags.news.com.au
1 adservice.google.com.au securepubads.g.doubleclick.net
1 fonts.gstatic.com news.google.com
1 analytics.twitter.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 www.linkedin.com 1 redirects
1 check.analytics.rlcdn.com tags.news.com.au
1 au-gmtdmp.mookie1.com www.heraldsun.com.au
1 www.googleadservices.com secure-ds.serving-sys.com
1 snap.licdn.com www.heraldsun.com.au
1 static.ads-twitter.com www.heraldsun.com.au
1 sync.1rx.io www.heraldsun.com.au
1 us-u.openx.net www.heraldsun.com.au
1 rm-script.dotmetrics.net www.heraldsun.com.au
1 edge.adobedc.net cdn1.adoberesources.net
1 tags.bluekai.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 dt.scanscout.com 1 redirects
1 image5.pubmatic.com www.heraldsun.com.au
1 d.turn.com 1 redirects
1 au.audience.newscgp.com au.tags.newscgp.com
1 ncg.tags.news.com.au au.tags.newscgp.com
1 bs.serving-sys.com secure-ds.serving-sys.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 zlmk2tlq5oonviahbufztslgnyhcc1668831206.nuid.imrworldwide.com www.heraldsun.com.au
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 bidder.criteo.com tags.news.com.au
1 htlb.casalemedia.com tags.news.com.au
1 hbopenbid.pubmatic.com tags.news.com.au
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 api.rlcdn.com tags.news.com.au
1 cds.taboola.com cdn.taboola.com
1 a.vidora.com assets.vidora.com
1 collector.brandmetrics.com cdn.brandmetrics.com
1 pips.taboola.com cdn.taboola.com
1 cdn.jsdelivr.net tags.news.com.au
1 t.adx.opera.com www.heraldsun.com.au
1 visitor.omnitagjs.com www.heraldsun.com.au
1 match.taboola.com www.heraldsun.com.au
1 aa.agkn.com 1 redirects
1 e1.emxdgt.com www.heraldsun.com.au
1 rtb-csync.smartadserver.com www.heraldsun.com.au
1 bh.contextweb.com www.heraldsun.com.au
1 jadserve.postrelease.com www.heraldsun.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 ping.chartbeat.net www.heraldsun.com.au
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 d3div1mtym39ic.cloudfront.net www.heraldsun.com.au
1 cdn1.adoberesources.net tags.tiqcdn.com
1 nebula-cdn.kampyle.com tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 mhr.talk.news.com.au www.heraldsun.com.au
1 images.taboola.com www.heraldsun.com.au
1 sg-trc-events.taboola.com www.heraldsun.com.au
1 use.fontawesome.com cdn.taboola.com
1 edition.pagesuite.com www.heraldsun.com.au
1 origin.go.heraldsun.com.au www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
0 syd-1-apex.go.sonobi.com Failed tags.news.com.au
535 196
Subject Issuer Validity Valid
news.com.au
DigiCert SHA2 Secure Server CA
2022-02-07 -
2023-02-06
a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3
2022-07-16 -
2023-08-17
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
origin.go.heraldsun.com.au
R3
2022-11-16 -
2023-02-14
3 months crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon
2022-09-21 -
2023-09-05
a year crt.sh
edition.pagesuite.com
Amazon
2022-09-17 -
2023-10-15
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3
2022-09-27 -
2023-10-29
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-06 -
2023-06-05
a year crt.sh
bedsberry.com
R3
2022-11-15 -
2023-02-13
3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA
2022-02-27 -
2023-02-28
a year crt.sh
*.vidora.com
Amazon
2022-02-10 -
2023-03-11
a year crt.sh
static.adsafeprotected.com
Amazon
2022-08-06 -
2023-09-04
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2022-05-06 -
2023-06-03
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-08-28 -
2022-11-26
3 months crt.sh
au.tags.newscgp.com
Amazon
2022-01-11 -
2023-02-08
a year crt.sh
*.zprk.io
Amazon
2022-10-19 -
2023-11-17
a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-02-22 -
2023-03-26
a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-19 -
2023-08-19
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.privacymanager.io
Amazon
2022-08-26 -
2023-09-24
a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-04 -
2023-02-03
a year crt.sh
secure-ds.serving-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-05 -
2023-03-08
a year crt.sh
web.app
GTS CA 1D4
2022-10-19 -
2023-01-17
3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2021-12-01 -
2022-12-30
a year crt.sh
*.adsafeprotected.com
Amazon
2022-06-21 -
2023-07-20
a year crt.sh
*.postrelease.com
Amazon
2021-12-29 -
2023-01-27
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-07 -
2023-05-08
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.emxdgt.com
Amazon
2022-06-03 -
2023-07-02
a year crt.sh
*.omnitagjs.com
Amazon
2022-05-17 -
2023-06-15
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-18
a year crt.sh
*.dotmetrics.net
Amazon
2022-09-23 -
2023-10-21
a year crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2
2022-06-11 -
2023-06-11
a year crt.sh
vidora.com
R3
2022-10-09 -
2023-01-07
3 months crt.sh
*.id5-sync.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
fw.adsafeprotected.com
Amazon
2022-04-28 -
2023-05-27
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-26 -
2023-10-27
a year crt.sh
metrics.heraldsun.com.au
DigiCert TLS RSA SHA256 2020 CA1
2022-06-17 -
2023-07-18
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-31 -
2023-01-26
3 months crt.sh
ads.playground.xyz
GTS CA 1D4
2022-10-13 -
2023-01-11
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
mfad.inskinad.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.news.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
*.nuid.imrworldwide.com
Amazon
2022-05-12 -
2023-06-10
a year crt.sh
*.eu-1-id5-sync.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
bs.serving-sys.com
Amazon
2022-04-25 -
2023-05-24
a year crt.sh
www.newsconnect.com.au
Amazon
2022-04-09 -
2023-05-08
a year crt.sh
au.audience.newscgp.com
Amazon
2022-04-28 -
2023-05-27
a year crt.sh
s.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-21
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-11-08 -
2023-02-04
3 months crt.sh
edge.adobedc.net
DigiCert TLS RSA SHA256 2020 CA1
2022-10-19 -
2023-11-19
a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2022-06-28 -
2023-07-29
a year crt.sh
*.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-22 -
2023-08-22
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2022-10-21 -
2023-10-22
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-24 -
2023-03-27
a year crt.sh
analytics.rlcdn.com
Amazon
2022-07-27 -
2023-08-25
a year crt.sh
linkedin.oribi.io
Amazon
2022-07-07 -
2023-08-06
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1
2022-02-10 -
2023-02-10
a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-10 -
2023-02-10
a year crt.sh
*.google.com.au
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
lm.serving-sys.com
Amazon
2022-02-15 -
2023-03-16
a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-01-15 -
2023-01-13
a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-16
a year crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-08 -
2023-12-09
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-11-08 -
2023-05-03
6 months crt.sh
bonzai.co
Amazon
2022-10-28 -
2023-11-26
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
www.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
d.adroll.com
Amazon RSA 2048 M02
2022-11-08 -
2023-12-07
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon
2022-07-20 -
2023-07-19
a year crt.sh
*.bonzai.co
Amazon
2022-01-25 -
2023-02-23
a year crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA
2022-03-04 -
2023-03-25
a year crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2022-10-26 -
2023-10-25
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2022-10-20 -
2023-10-19
a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2022-06-08 -
2023-06-07
a year crt.sh
dt.adsafeprotected.com
Amazon
2022-11-04 -
2023-12-03
a year crt.sh
*.bzcdn.co
Amazon
2022-01-12 -
2023-02-10
a year crt.sh

This page contains 66 frames:

Primary Page: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Frame ID: E8F5035C437439E81FEE893778D2B533
Requests: 225 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=OEVBlu_QDJ8jmI2_RLzILrfBr6Nl3Lp1&nonce=vXgxj9N9N76q4qCKZlQ~suUn3SFxDV4Z&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: F52FFE10F5D2F0A26F152182E1C3CB4D
Requests: 3 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/stroerrtb-network/1/rtb-h/?taboola_hm=0560958b5fa541d3b7f9abd46b9a0e3b
Frame ID: 1FE1BFECB0E13160A9C35664475D5DCB
Requests: 23 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 76100DF15BA25B216492E95779760ADE
Requests: 3 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 38DEAB4E1F8BA186DF9F036A3F979B41
Requests: 22 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: 54663FDF512DD5D1D00E9D9FA668D72D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5&dcc=t
Frame ID: B01379FAFB19CC850B6AE11B1C21D1BD
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=463564&publicationId=heraldsun.com.au
Frame ID: 1E61C938A0F97F9AA89EB06604DC4258
Requests: 13 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 22D733D7A2C27817862AC064709D7CFD
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 89BB766B4465AEA2EC91411B18FCC89B
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: C1F8163A8DAD3BB4C3E8B31415699543
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 1918AE658454F0ACF42B28C30341D97A
Requests: 4 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 1F034CFEE42305EDC38E397F58791059
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 9212E6FC9C9BB0D84E19D7FFED0148EB
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJnI-9uwufsCFUSL2AUdMzENSw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8954914827525.986
Frame ID: 0A6DFE7CAA7127AA190102FF3809790C
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CN3f-9uwufsCFfKP5godSPoFrg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7661949645015.849
Frame ID: 5C9955EA61B4A5AEA2E59FB83964E30E
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 02E1111B5C449F450C4505E674A07FA4
Requests: 4 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: DB5C8C3A947E766C9E1D8373DD360379
Requests: 4 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/55953/sync?uid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&_origin=0&gdpr=0&gdpr_consent=
Frame ID: 66FB36DB30DC65461DB11DCAD4566841
Requests: 1 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: B95C432D2A17B089BB97CD843CE987FE
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
Frame ID: 70DD9FC40EB6DF66F741A10A018F00F8
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 2F5FD4C4E52A0279018819257CDB032A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 99B16786F82BE92E26020B4F292FF8B1
Requests: 11 HTTP requests in this frame

Frame: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8ED84D8C86ACB9559FB7CAA2CA32D725
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: 9739685533A2B4ABFBBC29F7974A5C32
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: 9331BF13CC53301221327B780C9C2D9D
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Frame ID: B39986EE17936CABD6AA5F2D22707B19
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: 8526C054CE04C321C22F412E9F5E8363
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A803D3C2BF692814EC8670BE1FB408C2
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F37CF7762C14311DCDD6562ADD5DAA15
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0EBFBA16264329B5BC1A62547409742E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Frame ID: 5BB9CC44C2FAE0A0498C4E5E7292FAEE
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&expiration=1671423211&gdpr=0&gdpr_consent=
Frame ID: 405E03995B7B98D33CE7C039086B9BA9
Requests: 1 HTTP requests in this frame

Frame: https://cm3.adform.net/pixel?adform_pid=3&adform_pc=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8&adform_v=1
Frame ID: 005BCB07C7AFDCEFD7EDFD47678741D4
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Frame ID: F9777782539ACDD8C10FE581297AB013
Requests: 1 HTTP requests in this frame

Frame: https://avd.innity.com/bounce/?%2Fuidsync%2Fmapuid%2F%3Fpid%3D689%26puuid%3D8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8
Frame ID: 7757FF1D1290158E2C8ADD0499758386
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&expiration=1671423211&gdpr=0&gdpr_consent=
Frame ID: FE1C7ECE814470805775B688A75243DE
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B43E29A2817FBB5CF9DD858604392F58
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&gdpr=0&gdpr_consent=
Frame ID: DD8AA96238E82E9682AD72284D9BE175
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1d46378-57ec-4800-8d70-5a76eca4c044&gdpr=0&gdpr_consent=
Frame ID: 012CB8E4F2964C81D9DFB0A7120ADA12
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E
Frame ID: 6D376FC6A4EA4ADDAE362F988BF27858
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFQoCIIvyX95pYhk5V-wGxPv7qtb_6T4tgxCiw-mVRkpfjXptpFijZvi_94U0n_5LN_EbPGi5Kg3SARA-RYy_NqGkQux7-4WN_5mI4bSAKyyLB_3ji3VT4bz2j83v-gWW0xQ3dZRlIDNY1LWC7tytohUq5kcf_-lonbjQxmMCsNKPOE1ecxIi0ChKDE-czzBIF7JR78wEMsQDRrAfDsAh1y3IkhpXyn39uXkkkoroajiJunaosZKaXqN1vDTtRudy4Er0gczylU9QCAKmF4HSBUIvrdV29eqTRt3OUvDZm7H8LK2myn5u5ztAhBX2kubsmOAoTcCjZY20Vll5ouBQp&sai=AMfl-YTtIC3wMxsSIQn6JO6i11B2AG8e6tvA7tAFqPRlN_wRvoXHT5KIS6FJZOk43_uV_x-dngVD4r8pVVL_-oL67qgZSH4f_XD3agLIS12DPQ4FPyZZDIQlr7INiki0Kyo6rg&sig=Cg0ArKJSzCKmhfNsGEDWEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CAA08FB010B71BD39AE5D92BBFA28158
Requests: 26 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4kF3mcqLUO5w2Nb9P1zvILxBlOGjrjoCA2-AeVXSNiSTc8dzQt_SYzRGUQlyXUaGM-ASVHXp5NT-NuZkx7WPs6dNDPYNXaVA1XpCXN3wisuR_QHzgUo5yjOhYZW9tGViz6RxbhM6z85FNEk7lrJB5cW602ag9lsWX6mLCTMibw_ni6FbFFiESw0Espsyp3iS2hMrlFzYLTLC1AkqO-ceJ5THApiUh5Wczp1zWSslZO5Df1y_18pe7TYDzz_oJdBpdz0KTA7Kufs1usFdojL8eh9RdnWsTjJk4GMJ-1XrNP6LyKkhdPFM5Cr3cUmveemMSyWuF35vt8xyf0NreACTG&sai=AMfl-YRFXUU9B1DJdYuxoAA__xgtEHJFxS0AJnX4PsKt7fUXorgGa3dwtRqLvawr_6ZtAPSGy-H4w28wAkzeZEtjMeCzWpyInCf_CHJuIZT9zDsEYjQ6_Rk9yti7sW0ZmMRViQ&sig=Cg0ArKJSzDpHlq4uaraNEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 378910945AF42BF914E1939A87D6FDB2
Requests: 22 HTTP requests in this frame

Frame: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6E5E966658F57A48452A6DE791C001EE
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvA3Mj-xn7caIHZAdtzpsLPSbCQ4ZvrAuD3KLzC804Q45X4A30KJteNbpbNjXqeJFmxeNneDRVuzPQzgK7HKPSBlmDFELLnSPmymDEAfDxD5nyrFkDwzCR0oNm0rJNLaI5PLG5DP55ZEN-IflGrADZo88-l1ULCRTHFQc4NzfzdQR7e5cLN-Dx9TiYYNG394PEz1ICFNtzPoPQzKJpJoepGOvz9k-6DE9vc-uupxOawXgGKVo-Ry0U4dBeSy39enKTxvhJvlfjvottR9ti70IJHaeIV5f9oPh6h-61W6R-y_YFe5naGw1maC3J0HvW2YrL3ETQWTi4xnUJNRqU_RkfN&sai=AMfl-YSdd74ltL8sdwESYVxUBLocSnORZxTnrYolWOfNx1yBkumYNYZxyRRX1rGDZRRxFnlWtKWUomTHOm7OcZTBJ1F15V4umqt2mFvWwtWrEYpxYc4MsZzJP6SBlPcGxIgoGQ&sig=Cg0ArKJSzGuXECK3GYStEAE&uach_m=[UACH]&adurl=
Frame ID: 51BB44DD1BF126F10A3A6A0A61D0C6DC
Requests: 8 HTTP requests in this frame

Frame: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 81C9D288BFB6B849EAA2C22ED16E4A80
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNT3xAIQ_or1Ahj5uLHYATAB&v=APEucNUP2q6YHUmWt23wBXh90tKpMTgevChxAsZnUroWZYYDYT1iyA6TAhsDOk5IDiPZxon0Fsd99YRdlWT-Z5t5VuzsVFK4Ww
Frame ID: ED735324F43E166A5DE9D72926D50564
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLmAgqYCEIen57ECGLOQuckBMAE&v=APEucNUpasIY6iYpn1xc9e5iKEyvTVM7rUfY_rrmGvUxucNadXW95PO8a4U5gvTMfdGkXhFxm1Jfo0Kow2n5oW16jBQXBFtvbA
Frame ID: 60E601732E2BB7AE2DD28CD91983E7AF
Requests: 5 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138413026295&pubOrder=3068195175&cb=1375891392&custom=homepage&custom3=168400391&adsafe_par&impId=82883654-67c0-11ed-a53f-0ab5b06f5b88
Frame ID: FAC4EB710507CA148AFEABA839B2895F
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138412773756&pubOrder=3068195175&cb=1958050697&custom=homepage&custom3=168400391&adsafe_par&impId=82883657-67c0-11ed-a53f-0ab5b06f5b88
Frame ID: A6CD346942E0564A8C44963B9E385C52
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2D44BD5DEDDFACF811ED11797976FB8E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 41E1232CC742FBD5F35385D6D2B4094F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3DD7170F854FA28E678639719725508F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0346A0DFC1E0EA9589EF81DF667CF467
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3B855F836CCECD85814FA79EED981800
Requests: 3 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138413026298&pubOrder=3068195175&cb=1203535486&custom=homepage&custom3=168400391&adsafe_par&impId=82883655-67c0-11ed-a53f-0ab5b06f5b88
Frame ID: C37B6F3148F3CB509DB0B49106F45A72
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2634DB689B0FC782D7F64C7E5EB36706
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CCE1AF2D336DC4BF16B8F471176B0BB5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hX6QAAAflyDgAT&gdpr=0&gdpr_consent=
Frame ID: D8EF8024F1641329AE8C15EFAE5426CC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xvbz5ob2cpp
Frame ID: DC9F9DF89805B4655FBEAEEAC7BD2740
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=w29gA8BrMljYaTMKw216CMc-NlrYPTUJxzjlDe_r
Frame ID: 510E80F97A0E42ABA77B03BCF24CC234
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7870255768103140305&gdpr=0&gdpr_consent=
Frame ID: 67C50B0006DD6F5E5409448F29C239ED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 065AF11A2D0823EF31FA7029F1E8AA36
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_Svn7znXSxFNOfBUqkEPQ6310aU
Frame ID: E94618E084BF9D8D3F0153356AC07A18
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 6ADBC00E21889ACB574A3966442C4B2F
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: FB690B23D4F4370D6AD43C82FC5DD44F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Herald Sun | Breaking News and Headlines from Melbourne and Victoria | Herald Sun

Page URL History Show full URLs

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&166... HTTP 302
    https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • serving-sys\.com/

Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

535
Requests

81 %
HTTPS

0 %
IPv6

116
Domains

196
Subdomains

144
IPs

15
Countries

8147 kB
Transfer

15628 kB
Size

207
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16688312001579485533 HTTP 302
    https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1668831203767&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1668831203767&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
Request Chain 92
  • https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Request Chain 106
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1668831205708 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1668831205708
Request Chain 113
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=0560958b5fa541d3b7f9abd46b9a0e3b HTTP 302
  • https://sync.taboola.com/sg/stroerrtb-network/1/rtb-h/?taboola_hm=0560958b5fa541d3b7f9abd46b9a0e3b
Request Chain 115
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y3hX58Co8YEAADgJERgAAAAA
Request Chain 116
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LANF0GRY-1P-1MUQ
Request Chain 117
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGyq0EctX75xHicUsh2e_x4&google_cver=1
Request Chain 119
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63
Request Chain 120
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06
Request Chain 121
  • https://ce.lijit.com/merge?pid=42&3pid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 125
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=dce714bd-31bf-4d4c-b783-26c16807bc33
Request Chain 126
  • https://id5-sync.com/s/464/9.gif?puid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/6/2.gif?puid=5da9f952-c53c-4992-b227-fb1f58a0d6b4&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/5/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/5/3.gif?puid=7870255768103140305&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F4%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F4%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/10/4/4.gif?puid=1273501310181649069&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&ttl=%%TTL%% HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOzQ7y5tmBh_Juv6qnh65sY6eS7JoPLBAQTDpJFg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F2%2F6.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/2/6.gif?puid=21716378-57ec-4100-90d0-4d398c6bffac&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/1/7.gif?puid=CDE2B453590C767E&gdpr=0&gdpr_consent= HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/285.gif?puid=LANF0GZ0-1H-D5IH&gdpr=0 HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOzQ7y5tmBh_Juv6qnh65sY6eS7JoPLBAQTDpJFg
Request Chain 127
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8&ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10523645694172603081&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtaboola%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=5da9f952-c53c-4992-b227-fb1f58a0d6b4&ssp=taboola&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10523645694172603081&ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232233304340002557663&ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10523645694172603081&ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8
Request Chain 128
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d5101a8e-c355-4008-8992-2da8df386423 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d5101a8e-c355-4008-8992-2da8df386423&tbid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&query=taboola_hm%3Dd5101a8e-c355-4008-8992-2da8df386423&isDirect=0
Request Chain 129
  • https://u.openx.net/w/1.0/sd?id=543998486&val=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&gdpr=0&gdpr_consent=
Request Chain 130
  • https://eb2.3lift.com/xuid?mid=7772&xuid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 132
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=_Svn7znXSxFNOfBUqkEPQ6310aU
Request Chain 135
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=1c6aefa5-c55c-476d-9668-09feef287781
Request Chain 161
  • https://cm.everesttech.net/cm/dd?d_uuid=87708424576475003343163438819615137413 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3hX6QAAALJzdAN9
Request Chain 188
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=7870255768103140305
Request Chain 189
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=7481973582026346771
Request Chain 191
  • https://token.rubiconproject.com/token?pid=6404&puid=87708424576475003343163438819615137413&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LANF0GZ0-1H-D5IH?gdpr=0
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODc3MDg0MjQ1NzY0NzUwMDMzNDMxNjM0Mzg4MTk2MTUxMzc0MTM= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFg4qk8RGTU8Ta3-mlmey3A&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 193
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06
Request Chain 195
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3hX6Na-JlG83cbzRPQ1RQAA%264749
Request Chain 196
  • https://dt.scanscout.com/ssframework/uid?UIAA=87708424576475003343163438819615137413&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-b7412e1449c6e31df032364bb48446c1
Request Chain 198
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=87708424576475003343163438819615137413&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=87708424576475003343163438819615137413&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 199
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=87708424576475003343163438819615137413 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=87708424576475003343163438819615137413
Request Chain 200
  • https://tags.bluekai.com/site/43981?id=87708424576475003343163438819615137413&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 202
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=Y3hX6QAAAM1DDQAr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTNoWDZRQUFBTTFERFFBcg==&_test=Y3hX6QAAAM1DDQAr
Request Chain 203
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5&dcc=t
Request Chain 206
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y3hX6QAJHXBDTgAr HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y3hX6QAJHXBDTgAr&expires=90&_test=Y3hX6QAJHXBDTgAr
Request Chain 207
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y3hX6QAJLiFtNwAO HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3hX6QAJLiFtNwAO&_test=Y3hX6QAJLiFtNwAO
Request Chain 210
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Y3hX6QAAAflyDgAT HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=Y3hX6QAAAflyDgAT&_test=Y3hX6QAAAflyDgAT
Request Chain 214
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y3hX6QAAALJzdAN9
Request Chain 215
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hX6QAAALJzdAN9
Request Chain 216
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3hX6QAJHXBDTgAr&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3hX6QAJHXBDTgAr&img=1&__user_check__=1&sync_id=8651446e-67c0-11ed-9b5c-1554f2220207
Request Chain 217
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3hX6QAJHXBDTgAr&t=2592000&o=0
Request Chain 218
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63
Request Chain 223
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=463564&publicationId=heraldsun.com.au HTTP 301
  • https://news.google.com/swg/ui/v1/serviceiframe?_=463564&publicationId=heraldsun.com.au
Request Chain 231
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8954914827525.986 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CJnI-9uwufsCFUSL2AUdMzENSw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8954914827525.986
Request Chain 232
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7661949645015.849 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CN3f-9uwufsCFfKP5godSPoFrg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7661949645015.849
Request Chain 235
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MjZmNzdlMjUtNDFlMS00ZTkzLWJkMWEtNmVhOWExY2MxZDA2&gdpr=0&gdpr_consent=&ttd_tdid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&google_gid=CAESEEzHiZqy9lbo_V_096fcZwc&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-G94fachE2uJHG6R4c7Drw8zshYdVsPw-~A&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&_origin=0&gdpr=0&gdpr_consent=
Request Chain 245
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1668831210637&url=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1668831210637&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1668831210637%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1668831210637&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true&liSync=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=96fc8d88-6679-45de-b8d6-72f0c729e290 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=96fc8d88-6679-45de-b8d6-72f0c729e290&_expected_cookie=3c51a35e9f6bb0c8e03294fe9d275e59
Request Chain 277
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=7870255768103140305
Request Chain 278
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Request Chain 280
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://cm3.adform.net/pixel?adform_pid=3&adform_pc=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8&adform_v=1
Request Chain 281
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Request Chain 282
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://avd.innity.com/uidsync/mapuid/?pid=689&puuid=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8 HTTP 302
  • https://avd.innity.com/bounce/?%2Fuidsync%2Fmapuid%2F%3Fpid%3D689%26puuid%3D8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8
Request Chain 286
  • https://c1.adform.net/serving/cookie/match?party=14&cid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&gdpr=0&gdpr_consent=
Request Chain 287
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1d46378-57ec-4800-8d70-5a76eca4c044&gdpr=0&gdpr_consent=
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AOpfuXGbSnGg-x_Huam4Pg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 290
  • https://idsync.rlcdn.com/420486.gif?partner_uid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDAwRUE1RkI5LTcxOUItNEE3MS1BMEZCLTFGQzdCOUE5QjgzRRAAGg0I7K_hmwYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=3f7e0e1bc96a5303cc38ac54e049ff595d4f0251d5fb287374ab5c5dbdc7715b791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzZjdlMGUxYmM5NmE1MzAzY2MzOGFjNTRlMDQ5ZmY1OTVkNGYwMjUxZDVmYjI4NzM3NGFiNWM1ZGJkYzc3MTViNzkxNDI2YjU0MTdkY2UyMRAAGgwI7a_hmwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzZjdlMGUxYmM5NmE1MzAzY2MzOGFjNTRlMDQ5ZmY1OTVkNGYwMjUxZDVmYjI4NzM3NGFiNWM1ZGJkYzc3MTViNzkxNDI2YjU0MTdkY2UyMRAAGgwI7a_hmwYSBAgCEABCAEoA&google_gid=CAESELccXVHiHlZvaW-1ztit_tk&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=5473304b-9771-4ace-948d-f0972f018614
Request Chain 291
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f9846378-57ec-4a00-8c02-1a5299d64253
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDBFQTVGQjktNzE5Qi00QTcxLUEwRkItMUZDN0I5QTlCODNF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKhJMt-aSH81AKSGbcruVOs&google_cver=1
Request Chain 296
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&gdpr=0&gdpr_consent=
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3hX6Na_JlG83cbzRPQ1RQAAEo0AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED_FHTmskTIREB98iNJafW8&google_cver=1
Request Chain 308
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3hX6Na-JlG83cbzRPQ1RQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
Request Chain 309
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=_Svn7znXSxFNOfBUqkEPQ6310aU
Request Chain 310
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=pLyNl6e438y_ut6epL6XnKDt286_7tidoOvSQAs0
Request Chain 311
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7870255768103140305
Request Chain 312
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7870255768103140305
Request Chain 330
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=21716378-57ec-4100-90d0-4d398c6bffac
Request Chain 331
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7481973582026346771
Request Chain 332
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y3hX6Na_JlG83cbzRPQ1RQAAEo0AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y3hX6Na_JlG83cbzRPQ1RQAAEo0AAAIB
Request Chain 333
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0864220407de434a988e1985&expiration=[EXPIRATION]
Request Chain 335
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1684469612&external_user_id=e4012292-057d-4f7f-b41f-234a05fff162
Request Chain 368
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LANF0GZ0-1H-D5IH
Request Chain 369
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vfi9s_DjRm-boSyVgtswaA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vfi9s_DjRm-boSyVgtswaA
Request Chain 370
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Y1omDWOTFPtn8Eu8176Nkcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=76135572664420416
Request Chain 372
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2YwZWE3OTkyYTA2MjQ0NDQyODZjMjJkMjZkZjdjOTdjMTA0YTE1Yg
Request Chain 373
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF2xLBdeNG4Oep0cNLl4ibY&google_cver=1
Request Chain 374
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFORjBHWjAtMUgtRDVJSA==
Request Chain 375
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&gdpr=0&gdpr_consent=&expires=30
Request Chain 376
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
Request Chain 377
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3hX6Na-JlG83cbzRPQ1RQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
Request Chain 378
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPWnjOCZCgAW9epnWIIlTqc&google_cver=1
Request Chain 379
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3MDI1NTc2ODEwMzE0MDMwNQ%3D%3D
Request Chain 380
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
Request Chain 381
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3hX6Na-JlG83cbzRPQ1RQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
Request Chain 382
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPWnjOCZCgAW9epnWIIlTqc&google_cver=1
Request Chain 383
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3MDI1NTc2ODEwMzE0MDMwNQ%3D%3D
Request Chain 388
  • https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28611619.347748519;dc_trk_aid=538999851;dc_trk_cid=178895209;ord=1343796421;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28611619.347748519;dc_pre=CKfDp92wufsCFUGJcAodSd4Ktg;dc_trk_aid=538999851;dc_trk_cid=178895209;ord=1343796421;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
Request Chain 406
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDeZyPbSOj4-1kEJ0zhhO9A&google_cver=1&google_push=ASkJ3Fa2YFx4LLGjc5_U8yT2MTwoj-Ng2dWAKEYHhXvJ17iAHFz141YMSoiSvLJLKClNnBI-Rli-69tTEpcWjxZTnOEtH5EuxqzsBETIaemOrUWIhcS2BDv6VRSrRW3ySo6OEu1n05bA9wS_AXZO82g1NjU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=IXFjeFfsQQCQ0E05jGv_rA&google_push=ASkJ3Fa2YFx4LLGjc5_U8yT2MTwoj-Ng2dWAKEYHhXvJ17iAHFz141YMSoiSvLJLKClNnBI-Rli-69tTEpcWjxZTnOEtH5EuxqzsBETIaemOrUWIhcS2BDv6VRSrRW3ySo6OEu1n05bA9wS_AXZO82g1NjU
Request Chain 407
  • https://um.simpli.fi/gp_match?google_gid=CAESEKS-h5MEF210U0Fy4vIdpiM&google_cver=1&google_push=ASkJ3FZ5jY7Bfg9Fq9hLZSsDocn-jkByjvKIEAtA-wtuJNW5eh9T-4EdsjqCYRwT9VTRmFTy414PxJ4EeoJcgca59XXyMBPQ0UUDsKQVPN2rCIYh2JYEQhQJ7cb9BCtgJQ5_2rrE05zjMS6nFnpZpBjEqk4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F51E39BD43F64AEC9A896B38D50274B8&google_push=ASkJ3FZ5jY7Bfg9Fq9hLZSsDocn-jkByjvKIEAtA-wtuJNW5eh9T-4EdsjqCYRwT9VTRmFTy414PxJ4EeoJcgca59XXyMBPQ0UUDsKQVPN2rCIYh2JYEQhQJ7cb9BCtgJQ5_2rrE05zjMS6nFnpZpBjEqk4
Request Chain 408
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELimf_oIg4URmr58B_QgRf4&google_cver=1&google_push=ASkJ3FYJR5RGil-yrG5PBqWD7qc1G8doxoWHWzwmy2H5Kdlh_IUBurX0uVgCHO9KshIX8q26aZPojgJPIdz_TE4Br9yUoKSyWUvX0gb_t9RCleQtmdsPeFmY0SvYu0WPQ1EZkYUbbThIOuYlgHMOPYe6pF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYJR5RGil-yrG5PBqWD7qc1G8doxoWHWzwmy2H5Kdlh_IUBurX0uVgCHO9KshIX8q26aZPojgJPIdz_TE4Br9yUoKSyWUvX0gb_t9RCleQtmdsPeFmY0SvYu0WPQ1EZkYUbbThIOuYlgHMOPYe6pF4&google_hm=NzYxMzU1NzI2NjQ0MjA0MTY%3D
Request Chain 409
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHPLtJMVUd4_GH_a_S6n03A&google_cver=1&google_push=ASkJ3FalKcLilX-fdyMivOscu4Gj3PZ9dFTljO1N---CxHdDlFxFJFNRTNy0Rf-r6lFsvlO5AWjDLy7GADvIiY9pHP9gvIOeiO9pgDzriifl_NWWgSY_Q6LE9LMaln2XeQvtSRx6m5dNa84GkRpFkjIYIpc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AOpfuXGbSnGg-x_Huam4Pg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FalKcLilX-fdyMivOscu4Gj3PZ9dFTljO1N---CxHdDlFxFJFNRTNy0Rf-r6lFsvlO5AWjDLy7GADvIiY9pHP9gvIOeiO9pgDzriifl_NWWgSY_Q6LE9LMaln2XeQvtSRx6m5dNa84GkRpFkjIYIpc
Request Chain 410
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEK-dGd4qoUHKr0h0ecT0y_E&google_cver=1&google_push=ASkJ3FZgkxo-iyOrPpIspYED4s87aXViNCb4eYhkL4Ump_s1zs3p-Z9YkMty8hL6RMPJeDsQxMxA5NU7PHGVD1p5oB00RsKHaO45CNz7dFYm1OZ-Ei7x1Cp_-HfmLmK93QoHD4st0eIiyFbYF3YNawrQwOM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ASkJ3FZgkxo-iyOrPpIspYED4s87aXViNCb4eYhkL4Ump_s1zs3p-Z9YkMty8hL6RMPJeDsQxMxA5NU7PHGVD1p5oB00RsKHaO45CNz7dFYm1OZ-Ei7x1Cp_-HfmLmK93QoHD4st0eIiyFbYF3YNawrQwOM
Request Chain 411
  • https://ads.yieldmo.com/exptsync?google_gid=CAESENsxbUhiY1trnYGZh3E2xDE&google_cver=1&google_push=ASkJ3FYaLSpSmaPyDAg6cGiPPZmfvcsNGoiM4ArebnA-qBECaldBahXShob6sDdcTUAtLcPPQ0OI_ypRt9o_skZZW2Ir24vksnSsJOVCXf9eUp2Uw2qv9gQSK_MTti0DqOPTX0fxdf_MGF7cV2jyAPC_2tI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FYaLSpSmaPyDAg6cGiPPZmfvcsNGoiM4ArebnA-qBECaldBahXShob6sDdcTUAtLcPPQ0OI_ypRt9o_skZZW2Ir24vksnSsJOVCXf9eUp2Uw2qv9gQSK_MTti0DqOPTX0fxdf_MGF7cV2jyAPC_2tI&google_hm=ZzhiYWQ5OGM4MWYzM2I1NWVhMTU=
Request Chain 412
  • https://an.yandex.ru/mapuid/google/CAESEDJoJFleoZh3AoIlz4moiXc?ext-param=ASkJ3Fav0_3zr6x3XBN74h6d7GEpn9xkWY_a1BnrqxL4dwrGQsYWZQgJjxNV8JTOYoKIrG8k1x1d3Msf6_gc6KV8I4k8OWSyIsNWIOcMz6ouUMG_eeYi9boIEhsZD6pEe4SWG-JPcpsgaycPXLMRbTUK9eA&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEDJoJFleoZh3AoIlz4moiXc?redir-setuniq=1&ext-param=ASkJ3Fav0_3zr6x3XBN74h6d7GEpn9xkWY_a1BnrqxL4dwrGQsYWZQgJjxNV8JTOYoKIrG8k1x1d3Msf6_gc6KV8I4k8OWSyIsNWIOcMz6ouUMG_eeYi9boIEhsZD6pEe4SWG-JPcpsgaycPXLMRbTUK9eA&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEDJoJFleoZh3AoIlz4moiXc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 417
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEM8w58DDccou9ln2MFKdm4w&google_cver=1&google_push=ASkJ3FaFffY0pTXPeTtMT7dZZ0GIL9jSaROohEUjWLi6Dy89e05_DyhDq-Rqn1OUT4S8xpo3cDN4_HM7mg9vLrh8Pn11sjlxj4W1owmQOj6cpNa4HWH39JVUmw9jsmUq1edMw6UaIN9dS9Li HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ASkJ3FaFffY0pTXPeTtMT7dZZ0GIL9jSaROohEUjWLi6Dy89e05_DyhDq-Rqn1OUT4S8xpo3cDN4_HM7mg9vLrh8Pn11sjlxj4W1owmQOj6cpNa4HWH39JVUmw9jsmUq1edMw6UaIN9dS9Li
Request Chain 418
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEN3dlfFSdk8lbWt0z4W88kw&google_cver=1&google_push=ASkJ3FbyAkEV3dEZapD3VjZ2jQrkk1UREdG28z1VZa-lGIdWKT5_x1FR4uLIhGdq1xx1iwb0g624zKSar-1NMyRRVF6nwcUHtiTMo_ddsPOBW7JqlHD5_nNyBX3NEnOE4ZDZ3UD4jYsXFwr9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=ASkJ3FbyAkEV3dEZapD3VjZ2jQrkk1UREdG28z1VZa-lGIdWKT5_x1FR4uLIhGdq1xx1iwb0g624zKSar-1NMyRRVF6nwcUHtiTMo_ddsPOBW7JqlHD5_nNyBX3NEnOE4ZDZ3UD4jYsXFwr9
Request Chain 419
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDzCCCwnUMHjFqlOREXFSuM&google_cver=1&google_push=ASkJ3Fbimo-nmvP7Q7DsFZQO7AHwljmErx-OmPiHRH9adbhWFInp55GMAb4j7FxVw42TxTr5-5cMkvMCNj5nCuO8fNXbTUfKXIw_LQNIgGePSYpxJqoCp2fMBCtT9FwH0cIjbg74aEc-b90 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=_Svn7znXSxFNOfBUqkEPQ6310aU&google_push=ASkJ3Fbimo-nmvP7Q7DsFZQO7AHwljmErx-OmPiHRH9adbhWFInp55GMAb4j7FxVw42TxTr5-5cMkvMCNj5nCuO8fNXbTUfKXIw_LQNIgGePSYpxJqoCp2fMBCtT9FwH0cIjbg74aEc-b90
Request Chain 420
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEPv0Z9ZZp2hdR2udoznL6Yw&google_cver=1&google_push=ASkJ3FYizWXm3MOHeoMP21qgNaaFzGiMGrFjnOB93aLjgxFm_eA_60wdaDGjhY1bPpp7bzq9Xh8NVWxT-KQ-ZO84lQ8nBkJxIxvDRQPC85iZOdUl9C_YHhAOLz__Gr2X_r3cTO9CB3QszzW- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FYizWXm3MOHeoMP21qgNaaFzGiMGrFjnOB93aLjgxFm_eA_60wdaDGjhY1bPpp7bzq9Xh8NVWxT-KQ-ZO84lQ8nBkJxIxvDRQPC85iZOdUl9C_YHhAOLz__Gr2X_r3cTO9CB3QszzW-&google_hm=WTNoWDU4Q284WUVBQURnSkVSZ0FBQUFB
Request Chain 422
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGC62ja2Wh7yki2q4YCZuVY&google_cver=1&google_push=ASkJ3FYYlqqN3_FJnhlHzkFgULe6jQUfyqNh1psROvRloJp6yRFqfJaMt0iOpGK0vUc7HRWpq7BCvoBJkzdy6Iowy6nAU-NWH5OFhfyvA7B53_n5ESicnzooeQhPTjloXhFEo6mGu0CsbAWAVA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YjY4ZGZkYWQtOWQxMS00N2JlLWEwN2EtZGQwN2ExNzQ3Zjg0&google_push=ASkJ3FYYlqqN3_FJnhlHzkFgULe6jQUfyqNh1psROvRloJp6yRFqfJaMt0iOpGK0vUc7HRWpq7BCvoBJkzdy6Iowy6nAU-NWH5OFhfyvA7B53_n5ESicnzooeQhPTjloXhFEo6mGu0CsbAWAVA HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 423
  • https://trace.mediago.io/cs/google?google_gid=CAESEKpwoWAsV-9LIrR9Zs3W4rk&google_cver=1&google_push=ASkJ3FbWdA60cF3KhNLBixwr366zGzDyGfw6GMycmHloytqaNO7iyOY7lc3aMF9R7g62M6SLlATKO57JSs3s3MeKi8iY3q3poZS8ChuilbKvUf0DXotviX8Ks3piOzF4P5FymILVbyBvye-D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FbWdA60cF3KhNLBixwr366zGzDyGfw6GMycmHloytqaNO7iyOY7lc3aMF9R7g62M6SLlATKO57JSs3s3MeKi8iY3q3poZS8ChuilbKvUf0DXotviX8Ks3piOzF4P5FymILVbyBvye-D&google_hm=0920d04032b5a8be908f709867a9f9b0
Request Chain 470
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hX6QAAAflyDgAT&gdpr=0&gdpr_consent=
Request Chain 471
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xvbz5ob2cpp
Request Chain 472
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=w29gA8BrMljYaTMKw216CMc-NlrYPTUJxzjlDe_r
Request Chain 473
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7870255768103140305&gdpr=0&gdpr_consent=
Request Chain 474
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 475
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_Svn7znXSxFNOfBUqkEPQ6310aU
Request Chain 476
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 477
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&gdpr=0&gdpr_consent=&ct=y
Request Chain 478
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5da9f952-c53c-4992-b227-fb1f58a0d6b4%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&ttd_puid=5da9f952-c53c-4992-b227-fb1f58a0d6b4%2C
Request Chain 479
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-qbCxKcRE2uV82pMZW333Dw0hR4uygYs-~A&gdpr=0&gdpr_consent=
Request Chain 480
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7821241199922412941
Request Chain 481
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=46a5317d-6376-4ba5-9b1e-d44590894312&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 482
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7481973582026346771&gdpr=0&gdpr_consent=&us_privacy=

535 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.heraldsun.com.au/
Redirect Chain
  • http://www.heraldsun.com.au/
  • https://www.heraldsun.com.au/
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16688312001579485533
  • https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
535 KB
94 KB
Document
General
Full URL
https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
8d251feb9e80e0ab21ad0f2526ee6dd7ec020a604c698e331e5a3fbc6326e411
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 04:13:22 GMT
expires
Sat, 19 Nov 2022 04:13:22 GMT
host-header
a9130478a60e5f9135f765b23f26593b
is-https
true
pragma
no-cache
server
nginx
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 547503 0 pmb=mTOE,4
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3dbfe2ef30bb338b9eedd84e8ab566b718-1668831201&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=bfe2ef30bb338b9eedd84e8ab566b718
x-bpath
OLD
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options
nosniff
x-opw
4
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
nrt1 0 2 9980
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-xss-protection
1

Redirect headers

cache-control
max-age=1353
content-length
154
content-type
text/html
date
Sat, 19 Nov 2022 04:13:21 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1652934576.471666"
location
https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
server
AkamaiNetStorage
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
11 KB
12 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.58.140.194 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Sat, 19 Nov 2022 04:13:23 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
3G5Z8W8S6XCGAJAW
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=147953
accept-ranges
bytes
content-length
11472
x-amz-id-2
5hJLgpae4q57NtXmkIIBukgNtMLxXf2G2hlg/JvBhZjVllnPyAQT/yjTRNG8rwUxM3FqVmPgy/w=
expires
Sun, 20 Nov 2022 21:19:16 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
12 KB
12 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.58.140.194 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Sat, 19 Nov 2022 04:13:23 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
W8C4ST3E64MQACKV
etag
"ad24be3fafec705de20c00e56afe05ae"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=421931
accept-ranges
bytes
content-length
12052
x-amz-id-2
XBT0KEPKNqllbJ24yYGgfe8BSLcgdY5uMNkzvu+/nEs++47yO7zgXsS1qldFfxXR5ApcTToLQ90=
expires
Thu, 24 Nov 2022 01:25:34 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
12 KB
12 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.58.140.194 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:23 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
XE608XH2JQPY9M4C
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=82479
accept-ranges
bytes
content-length
12440
x-amz-id-2
xtS5X8zqfRWWlpi1B3sMWw57xMMm9nFysXQEZ0JUxoJkfCtrYy1ppxityt7bve71Sq+vT1Cfeko=
expires
Sun, 20 Nov 2022 03:08:02 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
11 KB
11 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.58.140.194 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Sat, 19 Nov 2022 04:13:23 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
MPYPY7NWC30CS6VC
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=508768
accept-ranges
bytes
content-length
11372
x-amz-id-2
8U71bRTkHcVwzCz/noTXjaXrGxwJee2Qu5SBeD0oNoXXJJPYKfC0gOSAJQIA0UR6S1EOmFULk9Y=
expires
Fri, 25 Nov 2022 01:32:51 GMT
lux.js
cdn.speedcurve.com/js/
20 KB
7 KB
Script
General
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
3ee455138c5a2ac218dfaef865fb6e8131490ad85d6d63492cebc49a2b335c85

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
396
date
Sat, 19 Nov 2022 04:13:23 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
2265
x-cache
HIT
content-length
7152
x-served-by
cache-syd10151-SYD
last-modified
Sat, 19 Nov 2022 03:35:38 GMT
server
Apache
x-timer
S1668831203.065627,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Nov 2022 03:35:38 GMT
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
2 KB
2 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f948c330c0e25b79dfcb7a2f039dfa3af4ddacdbea9077cbfe722d438f09f5a4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 04:13:23 GMT
date
Sat, 19 Nov 2022 04:13:22 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
958
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 03:15:59 GMT
server
nginx
etag
W/"6369c9ef-879"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
7 KB
4 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b26cf16fceae57ae7d806f7cb4e9f3da3e9c82c1a4c36a3a06c187a962b22334
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 04:14:30 GMT
date
Sat, 19 Nov 2022 04:13:22 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2968
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 03:15:59 GMT
server
nginx
etag
W/"6369c9ef-1dbd"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=68
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/
0
2 KB
Other
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 04:13:24 GMT
date
Sat, 19 Nov 2022 04:13:23 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1537
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 01:29:16 GMT
server
nginx
etag
W/"6369b0ec-2b9b"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/
0
7 KB
Other
General
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 04:13:25 GMT
date
Sat, 19 Nov 2022 04:13:23 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
6236
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 00:59:47 GMT
server
nginx
etag
W/"6369aa03-7b68"
vary
User-Agent
content-type
text/css
cache-control
max-age=2
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/
0
2 KB
Other
General
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 04:13:25 GMT
date
Sat, 19 Nov 2022 04:13:23 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
894
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 00:59:47 GMT
server
nginx
etag
W/"6369aa03-b62"
vary
User-Agent
content-type
text/css
cache-control
max-age=2
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/
239 KB
36 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2a50c5b694cb8c9add6c3f64eeaad489f022ba77189193f14dde4da22262978

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
8bsW0jMybKyERIZMc96wPl.sYTnxbgTH
content-encoding
gzip
via
1.1 varnish
date
Sat, 19 Nov 2022 04:13:23 GMT
x-amz-request-id
MPSKD5VN9K1C5BE7
age
50
x-cache
HIT
content-length
36089
x-amz-id-2
E7P1V2xxSh5GTptY+8U57+Nj0/EsDbwY3AYGK2YGjwNikJ9m3XJNDqMxldSvke1mzL57Ri5KMEM=
x-served-by
cache-syd10152-SYD
last-modified
Thu, 17 Nov 2022 16:29:16 GMT
server
AmazonS3
x-timer
S1668831203.065904,VS0,VE1
etag
"4d84e2defed968352beb7fa9f3914eb9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
82
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
6f350e2f
www.heraldsun.com.au/akam/13/
26 KB
10 KB
Script
General
Full URL
https://www.heraldsun.com.au/akam/13/6f350e2f
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c4348719a242d6ca57de53e67ab6afbfec9df850cd7f34e876e59ad19b5bcfe6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 04:13:23 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Sat, 19 Nov 2022 04:13:23 GMT
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-arrrg4
https://www.heraldsun.com.au/
x-opw
4
content-length
8774
pragma
no-cache
x-bpath
OLD
blaizehappened
true
etag
"c82a498f47e90c349256e13afaf403e9baec5ddec7dc84ff9fa02f7b7ab97790"
vary
User-Agent, Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f6f350e2f&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=6f350e2f&session=bfe2ef30bb338b9eedd84e8ab566b718
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/
8 KB
4 KB
Image
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Mon, 05 Dec 2022 11:30:05 GMT
date
Sat, 19 Nov 2022 04:13:22 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3055
x-rq
sin1 0 2 9980
last-modified
Tue, 18 Oct 2022 08:59:23 GMT
server
nginx
etag
W/"634e6aeb-1f69"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1408603
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
16 KB
16 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.58.140.194 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Sat, 19 Nov 2022 04:13:23 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
KKTNSFTCCQHZAZXT
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=285441
accept-ranges
bytes
content-length
16112
x-amz-id-2
KbLvzmwjv0uEytiOiXSr/bmIXhd8F8wiN/HYKrBrLLw8ouLEJYRDcJqC9itttnrRvoXtQp+YAuQ=
expires
Tue, 22 Nov 2022 11:30:44 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
16 KB
16 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.58.140.194 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Sat, 19 Nov 2022 04:13:23 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
BEAF3237C941B11D
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=292848
accept-ranges
bytes
content-length
15948
x-amz-id-2
eP/fJ4xHSYnBZAXhB09q5ZBX9+QTQx3NNvr1l4a5wmFbtCejPDyiJiggq9VEstqs2p+9tU6j6vI=
expires
Tue, 22 Nov 2022 13:34:11 GMT
3325f7e593d005520fe2c516a646a78f
content.api.news/v3/images/bin/
48 KB
48 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/3325f7e593d005520fe2c516a646a78f?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
98abddb65ee0b41c1ebaec4f837afc504de8975050dc0a81d370c1fc4191b543

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:23 GMT
last-modified
Sat, 19 Nov 2022 01:02:43 GMT
server
Akamai Image Manager
etag
f5ac4e7dc16665d2d27740c2ace4ebd9-3325f7e593d005520fe2c516a646a78f-650
edge-cache-tag
3325f7e593d005520fe2c516a646a78f
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5172601
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
49028
expires
Wed, 18 Jan 2023 01:03:24 GMT
f3ad2343d2ad19b42079a61f0d41dc15
content.api.news/v3/images/bin/
2 KB
2 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/f3ad2343d2ad19b42079a61f0d41dc15?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
548d4dd829439a4c2f766017b751377f3be1a5ea2213f9d4e1447ae5a027cef0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:23 GMT
x-check-cacheable
YES
edge-cache-tag
f3ad2343d2ad19b42079a61f0d41dc15
content-length
1748
last-modified
Sat, 19 Nov 2022 01:01:13 GMT
server
Akamai Image Manager
x-serial
1680
etag
32224d56e4fbbe201368fea25251d8f0-f3ad2343d2ad19b42079a61f0d41dc15-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5172497
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 18 Jan 2023 01:01:40 GMT
156246071bfc76504bcc2ad44f52f9bf
content.api.news/v3/images/bin/
4 KB
4 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/156246071bfc76504bcc2ad44f52f9bf?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
88337d7fa9071989053ff7effabb582fb3dacd3637cbea1b8b3cf652f06a26d3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:23 GMT
last-modified
Sat, 19 Nov 2022 01:47:23 GMT
server
Akamai Image Server
etag
5adfb01921622b29f1429e0b80706b2f-156246071bfc76504bcc2ad44f52f9bf-150
edge-cache-tag
156246071bfc76504bcc2ad44f52f9bf
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, max-age=1800
x-o
CF
x-akamai-note
original-image
access-control-allow-headers
x-newsapi-api-key
content-length
4198
expires
Sat, 19 Nov 2022 04:43:23 GMT
692d177e6a96cdd0230a305aea4a29f3
content.api.news/v3/images/bin/
3 KB
4 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/692d177e6a96cdd0230a305aea4a29f3?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c9ed73cb1cb030ef97f37d50539840a9de3cf14916a6ee0bbe331c2119161192

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:23 GMT
last-modified
Sat, 19 Nov 2022 00:24:01 GMT
server
Akamai Image Manager
etag
24f5385ca628c2cea8f5eed0b765a3d6-692d177e6a96cdd0230a305aea4a29f3-150
edge-cache-tag
692d177e6a96cdd0230a305aea4a29f3
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5170320
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3583
expires
Wed, 18 Jan 2023 00:25:23 GMT
cbe6d73e914ef5fec2336e5bc458db6a
content.api.news/v3/images/bin/
5 KB
5 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/cbe6d73e914ef5fec2336e5bc458db6a?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ec4e9596258110f20801c5d0a1c5956a15c4e8c69d8ca24eb0aac83885ed3007

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:23 GMT
x-check-cacheable
YES
edge-cache-tag
cbe6d73e914ef5fec2336e5bc458db6a
content-length
4785
last-modified
Fri, 18 Nov 2022 20:00:44 GMT
server
Akamai Image Manager
x-serial
784
etag
9bf3bd6409e954547ec5d4f7ded2266d-cbe6d73e914ef5fec2336e5bc458db6a-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5154391
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 17 Jan 2023 19:59:54 GMT
a34a34c9f3368d77a509301c648375af
content.api.news/v3/images/bin/
3 KB
4 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/a34a34c9f3368d77a509301c648375af?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4491f645369fdf2d70e45b0b575e2691d1f057e47e27632936f3b220f68060df

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:23 GMT
x-check-cacheable
YES
edge-cache-tag
a34a34c9f3368d77a509301c648375af
content-length
3542
last-modified
Sat, 19 Nov 2022 01:40:02 GMT
server
Akamai Image Manager
x-serial
1469
etag
d1ea04c2800332ade45de9a656352823-a34a34c9f3368d77a509301c648375af-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5174777
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 18 Jan 2023 01:39:40 GMT
11e5b2560965f837bcc07ed711dcea5f
content.api.news/v3/images/bin/
4 KB
5 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/11e5b2560965f837bcc07ed711dcea5f?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ba924e837f079b6d8c728f19d89127dd52be8f4095971626a85ca54f58450153

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:23 GMT
x-check-cacheable
YES
edge-cache-tag
11e5b2560965f837bcc07ed711dcea5f
content-length
4274
last-modified
Sat, 19 Nov 2022 03:09:07 GMT
server
Akamai Image Manager
x-serial
186
etag
32f15d8aa0093cffb9aa526c3f400942-11e5b2560965f837bcc07ed711dcea5f-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5180171
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 18 Jan 2023 03:09:34 GMT
66e719baaad7148809ddc346fbe1140f
content.api.news/v3/images/bin/
52 KB
53 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/66e719baaad7148809ddc346fbe1140f?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6d7a5232206bffbd6ed85328c2fbf0b1e8542e54a026a2c9c4c89cf9184ea810

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:23 GMT
last-modified
Mon, 14 Nov 2022 23:52:51 GMT
server
Akamai Image Manager
etag
7b76070352d1d887e8605bbdacbf04d1-66e719baaad7148809ddc346fbe1140f-650
edge-cache-tag
66e719baaad7148809ddc346fbe1140f
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4822822
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
53592
expires
Fri, 13 Jan 2023 23:53:45 GMT
3a06536b734902c54a0756403e697cf5
content.api.news/v3/images/bin/
61 KB
62 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/3a06536b734902c54a0756403e697cf5?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
95b455aa0f452d2e4ee5e6f7f8d23f6063b1b4c4d1e6cd2c607692ca99f1e4b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:23 GMT
last-modified
Sat, 19 Nov 2022 02:26:35 GMT
server
Akamai Image Manager
etag
863547b90c55ccf80ae6c2e3b9b3faa3-3a06536b734902c54a0756403e697cf5-650
edge-cache-tag
3a06536b734902c54a0756403e697cf5
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5177544
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
62638
expires
Wed, 18 Jan 2023 02:25:47 GMT
39660e13b48185db14d88a97f4e17a0d
content.api.news/v3/images/bin/
36 KB
36 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/39660e13b48185db14d88a97f4e17a0d?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
889879b43a954c6bc9b21d243f89132e7e625e53f86dcec92b6c70bfb6e4b119

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:23 GMT
x-check-cacheable
YES
edge-cache-tag
39660e13b48185db14d88a97f4e17a0d
content-length
36789
last-modified
Fri, 18 Nov 2022 20:34:24 GMT
server
Akamai Image Manager
x-serial
53
etag
412ccf43813f41167dfbd5478357562e-39660e13b48185db14d88a97f4e17a0d-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5156331
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 17 Jan 2023 20:32:14 GMT
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/
540 B
874 B
Image
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.58.140.194 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Sat, 19 Nov 2022 04:13:24 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
7D7951CE58958EA3
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=588668
accept-ranges
bytes
content-length
540
x-amz-id-2
c9QV5xkLqZA3aeUA+058OxiQN9SbPZxH29WSoy5e4h/svbFFRtWq6gzsRBj8GficGxoExGdKPks=
expires
Fri, 25 Nov 2022 23:44:32 GMT
3039110453_-BOB_Generic_CVP-1.png
origin.go.heraldsun.com.au/wp-content/uploads/2022/09/
10 KB
10 KB
Image
General
Full URL
https://origin.go.heraldsun.com.au/wp-content/uploads/2022/09/3039110453_-BOB_Generic_CVP-1.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.122 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9e47ed2c15b82499c44e99168ffcaa05c7a2e15ce8d035a52b2ea9bcef036f7d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:23 GMT
x-rq
syd3 113 149 443
last-modified
Wed, 28 Sep 2022 02:44:57 GMT
server
nginx
etag
"660f834e8f7b259f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10168
expires
Thu, 28 Sep 2023 02:44:57 GMT
rea-logo.png
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/
28 KB
28 KB
Image
General
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/rea-logo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.58 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 04:13:24 GMT
x-amz-version-id
fJFk.rSD7m0my1Uc67iV0dc4uKOxz4yR
Last-Modified
Thu, 09 Sep 2021 21:17:00 GMT
Server
AmazonS3
x-amz-request-id
VQFYD2YN3TAHCTZ6
ETag
"731035d55715734eff2f2a0f9afb31e7"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
28648
x-amz-id-2
MtksgEZNdrDch/tuIEpXDhra9glMsUOuiEL+MYJBQYGdDQwaZKvPD3RTpSTx9R1uzD6TE8SWCH0=
games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/
4 KB
5 KB
Image
General
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.58 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 04:13:24 GMT
x-amz-version-id
mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
VQFWRGR559N8G9TT
ETag
"2fa79b1c302fa407df95b287a47e01bc"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
4533
x-amz-id-2
GMH6zWBP+4l7CClWUDm0uImSCanCeMfrVpk8tvC1OKP5wVZlqKi4+JGyJWtiXATn876ruz8d0kY=
horoscopes.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/
9 KB
9 KB
Image
General
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/horoscopes.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.58 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 04:13:24 GMT
x-amz-version-id
NaxMYGcYiBqyljIpDSJQNqEzm8yfC62_
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
VQFMN802X3Y0FAT3
ETag
"e9dc4230a2305a0cb7743e2ade763349"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
9223
x-amz-id-2
6l9AtWajBx5WIP6SVVJJY7F7KOHYwuwjX5SKc6QhuxvSumZpFkurRNBhIF/pK0TswZy9ymedpp0=
braingains.svg
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/
17 KB
17 KB
Image
General
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/braingains.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.58 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
63919867af3995b5bdf26e6d016d1c020d0a79b7d28ba4f397065826b734f432

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 04:13:24 GMT
x-amz-version-id
BSPbSueNKMvcQ7CCwOmuub6mQNodfiBJ
Last-Modified
Wed, 15 Dec 2021 03:04:45 GMT
Server
AmazonS3
x-amz-request-id
VQFMXYEA899A6PDV
ETag
"a5e3e51d1e5816755ebf71f5ea933857"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
17305
x-amz-id-2
93Wk0LTK63ghwhmzIvsaDJZoBuM0UffD8XRwBr2BNw7kpO9mW2mQHHIOR+A9030JJh9j52Z8Hfw=
get_image.aspx
edition.pagesuite.com/
49 KB
49 KB
Image
General
Full URL
https://edition.pagesuite.com/get_image.aspx?pbid=38d72c05-d55e-479e-a6ea-985d57be1901&h=400
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-30.sin2.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3aeab02ed27a6e05e8f77e04ce118c817d88615966aa5c3662dcb0ec13d33c0c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:11:24 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Fri, 18 Nov 2022 17:13:02 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-amz-cf-pop
SIN2-P1
age
119
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
private
x-amz-cf-id
kzSRITTHiSlSyvxIHZnPkMu-Vr_jt6ZhvQ7Z7Q4su-ghHFzYLRFS1A==
heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/
8 KB
4 KB
Image
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Mon, 05 Dec 2022 11:29:32 GMT
date
Sat, 19 Nov 2022 04:13:23 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2891
x-rq
sin1 0 2 9980
last-modified
Mon, 26 Sep 2022 08:35:09 GMT
server
nginx
etag
W/"6331643d-1e5e"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1408569
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
amp-story-player-v0.css
cdn.ampproject.org/
1 KB
2 KB
Stylesheet
General
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css?ver=v0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 19 Nov 2022 04:13:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
etag
"3dc8bed9056771d3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Nov 2022 04:13:23 GMT
/
www.heraldsun.com.au/_static/
99 KB
99 KB
Script
General
Full URL
https://www.heraldsun.com.au/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZmYWpiaGJuWkWAK+lIic=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4dac27962abc535e8e0c5707e167d2fe63d16dbfda95ce820c6c8218796d24c1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Sat, 19 Nov 2022 04:13:23 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
100912
x-rq
nrt1 0 2 9980
last-modified
Tue, 15 Nov 2022 19:44:35 GMT
server
nginx
vary
User-Agent
content-type
application/javascript
cache-control
max-age=0
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Sat, 19 Nov 2022 04:13:23 GMT
adblock.js
tags.news.com.au/prod/adblock/
102 B
358 B
Script
General
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-199.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Sat, 19 Nov 2022 04:13:23 GMT
server
AkamaiNetStorage
etag
"bebf5f8dc74222b04669a0854d13b696:1634099175.124073"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=20311
content-length
102
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/
535 B
856 B
Image
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.58.140.194 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:24 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
ZKJGJSAW8CTSRF55
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=122299
accept-ranges
bytes
content-length
535
x-amz-id-2
TLqDnphZ+0PVnqBlBW0eD0oLm19VhrshqvChgYyZ1X6MvtnsCGEm11WAZlOHyFU5xUZXUhNCZuw=
expires
Sun, 20 Nov 2022 14:11:43 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/
586 B
904 B
Image
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.58.140.194 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:23 GMT
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
HBSM65NXW692RVP6
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=432250
accept-ranges
bytes
content-length
586
x-amz-id-2
u7f7Gi68iGJY0DiRegO0fNtiPTUOatAsJ44BUTin/3jhqu4YfC+TUH48SPBNhy8NBinMhmKQtr4=
expires
Thu, 24 Nov 2022 04:17:33 GMT
load.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/
3 KB
2 KB
Script
General
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sat, 19 Nov 2022 04:13:23 GMT
x-amz-request-id
DDBTQSS55130GCVV
age
179
x-cache
HIT, HIT
content-length
1123
x-amz-id-2
f3zKj/AEbi27MuaGaGBKPPytq/VFHw4gWsTCW/x0zcGtGuV8iCcRczY16FjVjzIdVQjY5yVfVvw=
x-served-by
cache-lax10664-LGB, cache-syd10151-SYD
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1668831203.407856,VS0,VE0
etag
"1a868d280f9424f5d82876d6cf0c46b9"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
3, 4
impl.20221117-23-RELEASE.js
cdn.taboola.com/libtrc/
692 KB
144 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
aa23ab86a61744f51cc8f2b620d9f5215cd85f76e10f533222f602d0ab31b0e0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
tkSRILgrOqz123pcvhyl_8uLk3IiN6M4
content-encoding
br
via
1.1 varnish
date
Sat, 19 Nov 2022 04:13:23 GMT
x-amz-request-id
GJK1JT1RVH49TV4C
age
14705
x-cache
HIT
content-length
146589
x-amz-id-2
62LFIrF0ZquPMBSSOAKka7RHyTNvpfOVNLy/04vcemUpASWYX2DrYt997LS1o0VTwg9FWya1I48=
x-served-by
cache-syd10152-SYD
last-modified
Thu, 17 Nov 2022 16:06:54 GMT
server
AmazonS3-br
x-timer
S1668831203.229102,VS0,VE0
etag
"2b0faf11038a210925ed7fb54f76478c"
vary
Accept-Encoding
content-type
application/javascript
abp
43
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
10706
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-81.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 11:26:33 GMT
content-encoding
gzip
via
1.1 17da3580ac51ce2ae5123bc46728adb2.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
60413
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
aEoqIMfbGXT_NK8LOtyPIQkT7V3dQbiRChsOjCjYA9iIb1O-navspg==
all.css
use.fontawesome.com/releases/v5.6.3/css/
52 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.133.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8W8XE7H63ACAA50Q
age
1703901
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
WEpywNY9kINKGzy3pyUEoGXebdnrAVg/EQfwsrJ8pRbMrgTqp78ek4dm1Sb0dOyG5JgO70t9rfY=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqwCuug54jyqGSbOQDXQWUxPJi%2B7H4gywtAkVjdEvEPXtpMs6caKyB5qktXxYe4%2FC8fZLpDNLX87JQS14CQu5nGb4j%2FI5RVzQ1RxyfiuYv0KDRikjtrzXvIZEPYD%2FKpe2onIZMvF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
76c61cf0fe4c4a35-SIN
pmk-202003261.4.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/
111 KB
30 KB
Script
General
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sat, 19 Nov 2022 04:13:23 GMT
x-amz-request-id
CBJAXHHVTDDK1AH7
age
19160037
x-cache
HIT, HIT
content-length
30954
x-amz-id-2
T+SO3zzAu/vI3ID3zGGjDx2/OWdNCwfDObUAO4AV3bMqhIR2V9jGe9Y4TcERARxY+Vu0wOuMQqY=
x-served-by
cache-sna10723-LGB, cache-syd10151-SYD
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1668831204.625651,VS0,VE0
etag
"b7fcedf037c57085d364b689ca46f32e"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 2621
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/
92 KB
28 KB
Script
General
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
5844c78b8dc59b708e1ea3f978dd93da8e0e450a939c81e80c0f1bf42a81431a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Sat, 19 Nov 2022 04:13:24 GMT
x-datacenter
gce-asia-east1
etag
"0c19dafda61de7d97388ba568ca9c2c96cef466d83e8ce8e939b5eb70300aa3c"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-p3jq
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
694373797
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/
7 KB
4 KB
XHR
General
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=04%3A13%3A23.664&lti=deflated&data=%7B%22id%22%3A382%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1668702531097%2C%22vi%22%3A1668831203662%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A12037%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A1335.671875%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85f0c9f24624954350558d763f94694ee3732f5801e326e84183041a650dee8e

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
119
date
Sat, 19 Nov 2022 04:13:23 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-syd10152-SYD
server
nginx
x-timer
S1668831204.718566,VS0,VE119
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/
55 B
763 B
Stylesheet
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 04:13:33 GMT
date
Sat, 19 Nov 2022 04:13:23 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
74
x-rq
bom2 0 2 9980
last-modified
Mon, 07 Nov 2022 15:30:48 GMT
server
nginx
etag
"636924a8-37"
vary
User-Agent
content-type
text/css
cache-control
max-age=10
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/
277 KB
83 KB
Script
General
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Sat, 19 Nov 2022 04:13:23 GMT
server
AkamaiNetStorage
etag
"b4a3b9b58bfcfee5da16aa61754376ea:1658294497.988769"
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=238
is-https
true
x-opw
4
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Sat, 19 Nov 2022 04:17:21 GMT
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
96 KB
30 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4cc955b9c215c5bf97224d3ebd3ce26f85eeb24cd7f337175bef7aebbbaa98b6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 04:13:54 GMT
date
Sat, 19 Nov 2022 04:13:23 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
29738
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 03:15:59 GMT
server
nginx
etag
W/"6369c9ef-180c7"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=31
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
6 KB
3 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 04:13:24 GMT
date
Sat, 19 Nov 2022 04:13:23 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2149
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 01:29:16 GMT
server
nginx
etag
W/"6369b0ec-1973"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
amp-story-player-v0.css
cdn.ampproject.org/
1 KB
505 B
Stylesheet
General
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 19 Nov 2022 04:13:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
etag
"3dc8bed9056771d3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Nov 2022 04:13:23 GMT
amp-story-player-v0.js
cdn.ampproject.org/
52 KB
16 KB
Script
General
Full URL
https://cdn.ampproject.org/amp-story-player-v0.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
260ae4aaf9a98760302699a24a09df152bc83a5ee937e42ea6320d09037edd80
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 19 Nov 2022 04:13:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16106
x-xss-protection
0
server
sffe
etag
"c1a0ead545e935a8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Nov 2022 04:13:23 GMT
truncated
/
9 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
157 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1668831203767&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20a...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1668831203767&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20...
0
188 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1668831203767&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.33.88.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-81.sin2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:24 GMT
via
1.1 17da3580ac51ce2ae5123bc46728adb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
LYtMlNhV_jG4IuTUmIhelto_HFP2dW3m2-OYlCnnYVERYfMC9eYGIA==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1668831203767&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
date
Sat, 19 Nov 2022 04:13:23 GMT
via
1.1 17da3580ac51ce2ae5123bc46728adb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
content-length
0
x-amz-cf-id
6q9rRkIHrrZUEcd56yUMTMUGCme9IkTpmnwqB_bReyVYcIUKzcuBVQ==
x-cache
Miss from cloudfront
userx.20221117-23-RELEASE.es6.js
cdn.taboola.com/libtrc/
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20221117-23-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b409c9d8e227cfc9f2dbeb9116f1d49220ad0fcc9d7cddb4a5a7bd9e1c47a891

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
EISiIp21IXxU.6XGZ6DAAU_Wtki08jLO
content-encoding
gzip
via
1.1 varnish
date
Sat, 19 Nov 2022 04:13:23 GMT
x-amz-request-id
3RHSSBDR4Q3CR1Z6
age
6
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
uMxTj/SOOsZojtAsicBFaAek+pZkM64mfBEsM4BpgB8jE9NYFdiaCGJnGIrU1UFJMyx5UJM5Blk=
x-served-by
cache-syd10152-SYD
last-modified
Thu, 17 Nov 2022 16:22:58 GMT
server
AmazonS3
x-timer
S1668831204.960330,VS0,VE0
etag
"829afb793f5113c47df799d1e44b1ee8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
93
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
4
social
sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/
0
364 B
Image
General
Full URL
https://sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=HK:SG:V&lti=deflated&ri=ce5253d824396252993f3c316c9f20f7&sd=v2_38612f2532f0b101b9d0b592125a50eb_21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63_1668831203_1668831203_CIi3jgYQgPNHGM6i3fDIMCABKAEwEDiu_QZA8IUQSOaS1wNQlZoCWABgAGiy-ebp3bfByjVwAQ&ui=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&pi=/&wi=873729681997272865&pt=home&vi=1668831203662&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=04%3A13%3A23.910&id=6868&llvl=2&cv=20221117-23-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
output-onlinepngtools.png
cdn.taboola.com/static/impl/png/
433 B
700 B
Image
General
Full URL
https://cdn.taboola.com/static/impl/png/output-onlinepngtools.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
AAyhRafOuktzn.f74Q8OqW.nPL5_HaO.
date
Sat, 19 Nov 2022 04:13:23 GMT
via
1.1 varnish
x-amz-request-id
7DASVJ1H3X18PHY6
age
12991
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
433
x-amz-id-2
EdDgsCi1ANPBZkcG+Gks2WKSvDtIMGejcE9k6aQEmf20VndqdcFZ0pEWOHBbO4f65FaaQtA7vcM=
x-served-by
cache-syd10152-SYD
last-modified
Mon, 15 Feb 2021 03:14:25 GMT
server
AmazonS3
x-timer
S1668831204.962249,VS0,VE0
etag
"85ce6ba53f1b4531a8d6ea8389d13cf7"
content-type
image/png
abp
93
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
115
taboola2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.bodyandsoul.com.au/wp-content/uploads/2022/09/
12 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.bodyandsoul.com.au/wp-content/uploads/2022/09/taboola2.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
13b611a17ff22df08e5707d8761d67a2d2e809370c7b843a508ddaad21a4266a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 19 Nov 2022 04:13:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.bodyandsoul.com.au/wp-content/uploads/2022/09/taboola2.jpg
age
3940851
edge-cache-tag
622963427561089633356839835733773848630,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
cache-tag
622963427561089633356839835733773848630,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
409
req-referer
https://www.couriermail.com.au/
content-length
11870
x-request-id
47de56cd6070046e666a8bf732437c51
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000027-IAD, cache-iad-kjyo7100146-IAD, cache-bur-kbur8200099-BUR, cache-iad-kjyo7100029-IAD, cache-syd10152-SYD
last-modified
Tue, 04 Oct 2022 05:09:31 GMT
server
nginx
x-timer
S1668831204.008327,VS0,VE0
etag
"8380477b6ab78d048c5148995ebc7ac2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 40, 10
authorize
login.newscorpaustralia.com/ Frame F52F
2 KB
3 KB
Document
General
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=OEVBlu_QDJ8jmI2_RLzILrfBr6Nl3Lp1&nonce=vXgxj9N9N76q4qCKZlQ~suUn3SFxDV4Z&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.108.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-108-119.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
64943c2c5365c12e1e9477a83073f23488424e59d726554bb9650f0304c0c698
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
76c61cf7dcaa6c96-SIN
content-encoding
gzip
content-length
812
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Sat, 19 Nov 2022 04:13:25 GMT
expires
Sat, 19 Nov 2022 04:13:25 GMT
ot-baggage-auth0-request-id
76c61cf7dcaa6c96
ot-tracer-sampled
true
ot-tracer-spanid
3e246d397eb82ed5
ot-tracer-traceid
70da84712aa486b3
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-000000000000000070da84712aa486b3-3e246d397eb82ed5-01
tracestate
auth0-request-id=76c61cf7dcaa6c96,auth0=true
vary
Accept-Encoding
x-akamai-transformed
9 538 0 pmb=mTOE,3
x-auth0-requestid
a8e03ab0252b60379ed0
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1668831206
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/
4 KB
2 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.178 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-178.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d79ba1a4549502813b3415628e3df0be408f5d5487651af686d52350fe17367c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:24 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 04:19:23 GMT
server
AkamaiNetStorage
etag
"218670f25e2fc2430d3d2da36738cb1d:1668485963.468113"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1553
expires
Sat, 19 Nov 2022 04:18:24 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/
82 KB
21 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.178 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-178.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a411a20ade78048bc2363a9613edadcd9de84994a123f97beae3559e9afa8c79

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:24 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 04:19:23 GMT
server
AkamaiNetStorage
etag
"0be063497424170e30612904f8aba0b0:1668485963.605826"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
21305
expires
Sat, 19 Nov 2022 04:18:24 GMT
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
191 KB
45 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2f9fe749a15b11e399b3bae73ac9f279898d8f76eee2d9b5a8b93d8515ac9baf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 04:13:25 GMT
date
Sat, 19 Nov 2022 04:13:24 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
45687
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 03:15:59 GMT
server
nginx
etag
W/"6369c9ef-2fc54"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
8 KB
4 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2b09ae712243cfc754c40dd240d9dd011865099fc641225f3f98a6336555f091
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 04:14:09 GMT
date
Sat, 19 Nov 2022 04:13:24 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3398
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 03:15:59 GMT
server
nginx
etag
W/"6369c9ef-215f"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=45
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
comments-count
mhr.talk.news.com.au/api/v1/
1 KB
1 KB
Fetch
General
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=efe64f4998965400fb8b3f47f89dd2ce,6915a17fb3643c6f421233cb98e7b862,781538ee0235c524bb6f68db29e79f01,554020e25db7e4761fbba04d200bb36d,11b4ed11706daf5673f486a3c82e330a,a1ca40b4b4232c10b9f03f46cfbfd1f1,b1d6a0874d3486667bb346794de1215e,02ffb1d4a1d8f1d525b07ef43bd22a0a,a094c77d5ca00b3dda6985f12384e2ba,11e2431dee0bbf8b492debdba64657c8,83318877f070e6f72a8faae38b5f2288,5874928a035e2f53b02a760f529c6154,889e3eee1ab6c3f9620f73861e7838b6,bb7d3243d595f670fa9a26bc5b3c54d0,bce4405752942ae3adf3ca2def6dd65c,70f82e1f134c53df29732d1de5dc959a,1ebd662d4ee00342a94fede72e69351c,44f64b9091f621da5a44d3bf58af50ca,48db8ff9b8d78dbcde26c41123ee0ef3,71bf7bdf24b92ac8ca39dfa378e3f725,6865ec652749b2e9b5d966011690b2f4,5ae975b8dd201632c292c66b112af3fa,c45f27993dfe0c275e55733ab8ee853a,86a58292b3810d3f9626145fc880230b,0688647d18bb2e5d17f0393eb3359529,8e5cb575fabc4773caf7341aa9d14533,7dbe9eae429024af1d32ff02830af269,47d194a51eb171513e5d7f0b663d0f6c,a642cdf9e14f94a2732753c24567a111,1ab3ee439014961cca8be5ef0f831e33,5edd87fbac14f8babdacdb079007e9b2,5c729186bf99f36e4d814a1519a2839b,d6c13ce32f8c09385b53a2f9c049f7c3,d97ea5c647ba45c0494cdd1b82994daf,4d1ad73ebd9d1fc13e96cf242c06b3e0,585ec78534acd8ce89acf5007f53a242,a018ac2b580c483ecc9a11d1c72267bf,0b589792a91d1bddc2430cc1c7ef375c,0a81912a5680f1585a865da1643346c6,2504187f4bf3417ff08b5f009837f7af
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
8c2f329b0f09dd44ac22feb774c5ac20a780b2497e7a40d5a57a01ef946b3e41
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 19 Nov 2022 04:13:25 GMT
server
nginx/1.20.1
etag
W/"5dd-QRvwxMqsp3oV31wvOBLr2wpLFAs"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
8329a640-67c0-11ed-97cf-9d5f847fb215
content-length
857
x-xss-protection
1; mode=block
3000
www.heraldsun.com.au/wp-json/api/weather/
2 KB
3 KB
Fetch
General
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8a251af3d58d763cb0c6c8339376099047c2bc22c87abdea62384b58f3ca5c63
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Sat, 19 Nov 2022 04:13:24 GMT
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1713
x-rq
nrt1 0 2 9980
server
nginx
vary
User-Agent
allow
GET
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=16
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Sat, 19 Nov 2022 04:13:40 GMT
e03f4d370cb520598be71be83df45242
content.api.news/v3/images/bin/
12 KB
12 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/e03f4d370cb520598be71be83df45242?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2767cb7c637007e5e81a85776f1b44b2eefd7797204a16cb130b46d939806e2b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:24 GMT
last-modified
Thu, 17 Nov 2022 04:36:47 GMT
server
Akamai Image Manager
etag
0a2a522968f38f7ae9e064ac79ff0ea0-e03f4d370cb520598be71be83df45242-150
edge-cache-tag
e03f4d370cb520598be71be83df45242
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5012724
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
11828
expires
Mon, 16 Jan 2023 04:38:48 GMT
e897a4c410a7d782c0a21e76c3cc87be
content.api.news/v3/images/bin/
6 KB
6 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/e897a4c410a7d782c0a21e76c3cc87be?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
dc540b177e0fcc77484aef49904e1b5696681e49c791ac8bb65f26ad6a6ad4b8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:24 GMT
last-modified
Sat, 12 Nov 2022 09:22:30 GMT
server
Akamai Image Manager
etag
9857d189b8f86ad5df87aa4f01e67209-e897a4c410a7d782c0a21e76c3cc87be-150
edge-cache-tag
e897a4c410a7d782c0a21e76c3cc87be
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4597856
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
6084
expires
Wed, 11 Jan 2023 09:24:20 GMT
ecc8bcbf8ed9218eb76df01199f9c61a
content.api.news/v3/images/bin/
3 KB
3 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/ecc8bcbf8ed9218eb76df01199f9c61a?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
fa4ba7c88c6d4cfd3cc328b83237b60b28965e41471899527a773442c9a6c7fe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:24 GMT
x-check-cacheable
YES
edge-cache-tag
ecc8bcbf8ed9218eb76df01199f9c61a
content-length
2755
last-modified
Sat, 12 Nov 2022 02:00:50 GMT
server
Akamai Image Manager
x-serial
1362
etag
eee2d7f58c7e74ca9302b2043d80afff-ecc8bcbf8ed9218eb76df01199f9c61a-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4571219
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 11 Jan 2023 02:00:23 GMT
b9b997d2606b37a4876b864e06523693
content.api.news/v3/images/bin/
41 KB
42 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/b9b997d2606b37a4876b864e06523693
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f92570748c2e6968e9f7d79b2f353b1e6b882a093e15c71c825493da93f48dd5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:24 GMT
last-modified
Sat, 19 Nov 2022 04:03:32 GMT
server
Akamai Image Manager
etag
b548fbe5352127a3b477733ea74e1238-b9b997d2606b37a4876b864e06523693-0
edge-cache-tag
b9b997d2606b37a4876b864e06523693
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5183385
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
42319
expires
Wed, 18 Jan 2023 04:03:09 GMT
b911775a2d8aa69da247224493e720f6
content.api.news/v3/images/bin/
24 KB
24 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/b911775a2d8aa69da247224493e720f6
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e8ccc8bf78bf715fd359e66c4dfd3d656fe4fbb71a86c195c8d02026551dbc24

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:24 GMT
x-check-cacheable
YES
edge-cache-tag
b911775a2d8aa69da247224493e720f6
content-length
24380
last-modified
Sat, 19 Nov 2022 04:03:21 GMT
server
Akamai Image Manager
x-serial
331
etag
f3a8f7c81f68926616dbec8edaf9acb0-b911775a2d8aa69da247224493e720f6-0
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5183433
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 18 Jan 2023 04:03:57 GMT
vidora-client.1.x.x.min.js
assets.vidora.com/js/
12 KB
5 KB
Script
General
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-8.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:39:20 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
via
1.1 5230066306741527c1870ae028182b78.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
age
34444
x-amz-cf-id
KEmXqWZl7ZFCxLVdITre1bFPu8S8pWy5ZRjCIKRmyqO9jdBGt2G72A==
pixel_6f350e2f
www.heraldsun.com.au/akam/13/
0
2 KB
XHR
General
Full URL
https://www.heraldsun.com.au/akam/13/pixel_6f350e2f
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/6f350e2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-bpath
OLD
date
Sat, 19 Nov 2022 04:13:24 GMT
blaizehappened
true
vary
User-Agent
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
is-https
true
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_6f350e2f&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=pixel_6f350e2f&session=bfe2ef30bb338b9eedd84e8ab566b718
x-arrrg4
https://www.heraldsun.com.au/
x-opw
4
content-length
0
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
mynews-promo.png
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/
366 KB
366 KB
Image
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Fri, 25 Nov 2022 00:46:56 GMT
date
Sat, 19 Nov 2022 04:13:24 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
373561
x-rq
nrt1 0 2 9980
last-modified
Mon, 26 Sep 2022 08:35:09 GMT
server
nginx
etag
W/"6331643d-5b713"
vary
User-Agent
content-type
image/png
cache-control
max-age=506012
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
9cc0c21c3e57a82d776b694e1ebe39fc
content.api.news/v3/images/bin/
14 KB
14 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/9cc0c21c3e57a82d776b694e1ebe39fc
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-115.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6ace7fd09f7fbf5baf7ceb40bc8da7348066c2ee29127d4d818e45a098187e2f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:24 GMT
last-modified
Sat, 19 Nov 2022 04:03:31 GMT
server
Akamai Image Manager
etag
64381e854cf19e4ed7ce46bd27c42162-9cc0c21c3e57a82d776b694e1ebe39fc-0
edge-cache-tag
9cc0c21c3e57a82d776b694e1ebe39fc
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5183461
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
13948
expires
Wed, 18 Jan 2023 04:04:25 GMT
skeleton.js
static.adsafeprotected.com/
17 B
465 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.97.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-112.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 d2e1cc2538095700454cd55cac87c3bc.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P3
age
5185382
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
l1kR5O0qp0KQJkMLLjvAMy5BzL_KtMVVpUM8WZv1bxYs-TRtsBfcYw==
bulk
trc.taboola.com/newscorpau-aud-heraldsun/log/3/
0
425 B
XHR
General
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=HK%3ASG%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
96
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:25 GMT
via
1.1 varnish
x-served-by
cache-syd10152-SYD
server
nginx
x-timer
S1668831205.986165,VS0,VE96
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
710 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sat, 19 Nov 2022 04:13:25 GMT
via
1.1 varnish
x-amz-request-id
R49A95MEAARZDWRY
age
17232
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
OwQO4r3NRn2mobB8qX5KI65TenVKTAqHjn3l8Eljsiqz/LERXHRjxQ8w1JWWw1vGRMYpafcYhZ8=
x-served-by
cache-syd10152-SYD
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1668831205.088545,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
93
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1718
utrack.js
tags.news.com.au/prod/utrack/
2 KB
1 KB
Script
General
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16688312050590.34103505983388405
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-199.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:25 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
833
expires
Sat, 19 Nov 2022 04:13:25 GMT
mitas.js
tags.news.com.au/prod/mitas/
666 B
905 B
Script
General
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-199.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
application/x-javascript
date
Sat, 19 Nov 2022 04:13:25 GMT
cache-control
max-age=39494
server
AkamaiNetStorage
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=308599185882.03894
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/
33 KB
13 KB
Script
General
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=308599185882.03894?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f149.1e100.net
Software
cafe /
Resource Hash
9520ac6f01a49431105ac32a693b5c9954a50db770849e9aa185e9f1998c3fad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12635
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/
70 KB
24 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.91.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-91-15.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 02:31:23 GMT
content-encoding
gzip
via
1.1 2e665350ce36612d432303ac51dbf21a.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:51:11 GMT
server
nginx
x-amz-cf-pop
SIN2-P2
age
6122
etag
W/"62d7517f-1181e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
UUT-8LKuYuH_U3V7yBbCT_NN1z68OM1jv93L9H35GCtnflBRxUZoKQ==
expires
Sat, 19 Nov 2022 04:31:23 GMT
metrics.js
tags.news.com.au/prod/metrics/
187 KB
63 KB
Script
General
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-199.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
757066733cc5808a89fa43b99da0148bc8fad6820af900f0ab67d6109ee1af11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:25 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"789aa25e8122305509df6e8b6103f3c6:1666763008.613847"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=47105
nielsen.js
tags.news.com.au/prod/nielsen/
25 KB
10 KB
Script
General
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-199.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:25 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=37848
content-length
9840
fbevents.js
connect.facebook.net/en_US/
103 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 19 Nov 2022 04:13:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
gzeUP3KXemZWdyJRbqZZGLtS1YwCEGWV5BvHjXi/rXK0aUoluNy4hNNRopPhTYANV6XvRH7O7UjQOUtUPOrUyg==
x-fb-trip-id
548340344
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ncg.js
au.tags.newscgp.com/prod/ncg/
155 KB
48 KB
Script
General
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.227.138.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-138-75.bom50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 03:22:03 GMT
Content-Encoding
gzip
Via
1.1 26e3b1554d4a19ad8d47f38c5d0ca430.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Mar 2022 03:18:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
BOM50-C1
Age
3087
ETag
W/"cd21e4d44772e851dcd7105fef09c01e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600
Connection
keep-alive
X-Amz-Cf-Id
LrHbnhOm9LbmX8QyeoQSu7mWH3R4MXHwjX3sTumv1B3MjPchfm3hBw==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/
3 KB
3 KB
Script
General
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2022-11-19T04%3A13%3A25.075Z&country=au&newsconnectId=&fpid=bfe2ef30bb338b9eedd84e8ab566b718
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.167.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-167-128.compute-1.amazonaws.com
Software
/
Resource Hash
d7a46e62bb3f58480a8a3818554d465b383dddd34f507a4504c40957c1fc35e3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:25 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2862
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/
1 KB
949 B
Script
General
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5e1f5e47fcd4c4a4923cf617a5025ac465087f7c99384f3e45121c2b5d6c5e9
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
UMrEOOoRVoPiBBX.XHkgU0Lo2Jl9BQ7R
content-encoding
gzip
via
1.1 varnish
date
Sat, 19 Nov 2022 04:13:25 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
FXZ740X792WN4M9N
age
324631
x-cache
HIT
content-length
520
x-amz-id-2
dyRXwCFfuyLEyiKBxhe0MP6ZJf1JgnDEyhFPm93wlxrhsLFMv2BuMtgZpBGNpvJD3g9O+wO/tuo=
x-served-by
cache-syd10178-SYD
last-modified
Mon, 07 Nov 2022 04:24:13 GMT
server
AmazonS3
x-timer
S1668831205.331759,VS0,VE0
etag
"1e637b4fd7dec49af4390ec7ed24432b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
339374
id5-api.js
cdn.id5-sync.com/api/1.0/
57 KB
17 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df51a5301fcae2ec9503d129a2341e80f6d52e9416ff2460c3048947f4f3852a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 10 Nov 2022 09:46:31 GMT
server
cloudflare
x-amz-request-id
7Q9JNWDA0BT0W9RM
age
52
etag
W/"f56ac574619f997d4b0c211e79bcc3af"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
76c61cf95dfaaabe-SYD
x-amz-id-2
yjrgXdQKJQqXZCbHERTilnPN8KflWzKFH+qkooeZHCM8c42Eqr1/AEbxQociievNYSYFDjHrYOqCshjG7L1uMA==
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/
71 KB
20 KB
Script
General
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.65.228.244 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-244.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Sat, 19 Nov 2022 04:13:26 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Fri, 18 Mar 2022 11:22:12 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
20617
expires
Sat, 19 Nov 2022 05:13:26 GMT
nca_aep.js
tags.news.com.au/prod/aep/
6 KB
3 KB
Script
General
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-199.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
dbed06d37303d9a2f40a4c7c800d2879e8788cbf872d160593a837fcc9d06603

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:25 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a588a197dac6c25da7e9aaae6669b7f8:1666070376.116114"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=48866
content-length
2296
tad.js
tags.news.com.au/prod/tad/
109 KB
33 KB
Script
General
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-199.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0410667774b2bd722b467b963b089b64713a930b990c7a0a7a7235a8dda77ff7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:25 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"c847a65d29a1adf9e2e448b94c4c12c6:1668398295.936066"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=19752
content-length
33818
gpt.js
securepubads.g.doubleclick.net/tag/js/
78 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
49ffe1baff54e97f4e54b695383d2f114a40fb1886465028824b97d801affd3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27246
x-xss-protection
0
server
sffe
etag
"1396 / 887 of 1000 / last-modified: 1668812924"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Nov 2022 04:13:25 GMT
apstag.js
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain
  • https://c.amazon-adsystem.com/aax2/apstag.js
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
178 KB
39 KB
Script
General
Full URL
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.33.100.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-21.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:10:46 GMT
content-encoding
br
via
1.1 17da3580ac51ce2ae5123bc46728adb2.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 20:51:50 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
161
etag
W/"fa24fe2b94a2fc864b1ec67f32e8db32"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
IQHz3kqFt3Cch9tzI8KTfL-Unn_sDze0pGSOAmGoTsRAqyc17Ux2Ig==

Redirect headers

date
Fri, 18 Nov 2022 23:30:23 GMT
via
1.1 2e665350ce36612d432303ac51dbf21a.cloudfront.net (CloudFront), 1.1 000be6a6f55d3278e3e48047baa61246.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2, HKG54-C1
age
16983
x-cache
Hit from cloudfront
content-type
text/html
location
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length
167
x-amz-cf-id
OMbfv1GIOpL5fFyVYdKQBh2WUkeD_4slGv8WdY4Oxi-sgYXjwxflig==
prebid.js
tags.news.com.au/prod/prebid/
366 KB
113 KB
Script
General
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-199.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:25 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a5e55cf5b1d1242200b67a7ae1da6953:1664416072.664196"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=33744
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/
78 KB
27 KB
Script
General
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-92.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1af93a79baedcd0b0141f5ea252e90b09939df173357ac3dbcba632498e5385d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
ClDIgD0zuwLI7F0xhBbpGkCt4wZOjpVN
content-encoding
gzip
via
1.1 998b911809b5181544e60111e0bda762.cloudfront.net (CloudFront)
date
Sat, 19 Nov 2022 03:24:21 GMT
last-modified
Thu, 13 Oct 2022 05:35:01 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
2944
x-amz-server-side-encryption
AES256
etag
W/"964c4cc68e0d531d901baf0d73f36918"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
kheB3bx8ZRjEUgh_kkLhtY9Ry4t31azP-JmQ2UdcQYnGQ54VdbtlTg==
nca_ipsos.js
tags.news.com.au/prod/ipsos/
25 KB
6 KB
Script
General
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-199.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1ad4794a2327551b3b4c89fc345ca763c117d50a001fc64f050dd4ce1ef7ddfc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:25 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"2b9045a036305d0268317898151e53de:1667439593.577923"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=33873
content-length
5801
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/
6 KB
3 KB
Script
General
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c77d9fedc0a692cdb6cfd3f9f2d9ad7e38f17d11d5d860c86bee2357b1f4bec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:25 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 19 Nov 2022 04:03:38 GMT
server
cloudflare
age
587
cf-polished
origSize=5850
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxePkSPoIsJNSIbSfTTAfHKW3uge4jz5j2h53%2BnIKFiplgNQFVBGcf%2BJwDk%2BB1%2BpmCKIZyObc9Gjsp1DolZmLBASdGuSRzy8gq0QjOe%2BHlsQjhTQhPYSIkyvdJ%2F9rr4tVi07elun"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
76c61cfd4c10a870-SYD
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.178 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-178.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:25 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 02:18:16 GMT
server
AkamaiNetStorage
etag
"479ba55551c0a2369f399625b1c2c4ea:1632190696.475182"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
899
expires
Sun, 04 Dec 2022 04:13:25 GMT
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/
32 KB
7 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-25.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24713e413b9683a29e14f18d8cfe3a6657f2d693c59aa833bc58706f490150c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:04:22 GMT
content-encoding
gzip
via
1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront)
x-amz-version-id
kh1iDIyaNI31SpMyBT6e5.y49U3u_d3U
last-modified
Sat, 19 Nov 2022 03:19:14 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
544
x-amz-server-side-encryption
AES256
etag
W/"c4a50f37b02f511ddc08ff3c6fe94ba2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
8oRJRZXwRHutGxAUTBV6I3wABkzamauyeLLRycKb7M_A4ELAZa2wzA==
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/
71 KB
21 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.171.89 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-52-171-89.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e4ce52ad6294cfec05864828f5df3325fc1f6627b957919fa931e94cb95453f8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:26 GMT
content-encoding
gzip
last-modified
Wed, 26 Oct 2022 09:30:14 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P1
etag
W/"4751c0d91e072d7402bb3f4c2846334e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
sx11YeqDCy1B6g3o7qOwz5QtFHz8EEJuACqP1QlP2PJF5uqu1QfXjg==
content-length
21406
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
2 B
202 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202211150419&cb=1668831205327
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.178 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-178.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:25 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Sat, 19 Nov 2022 04:23:25 GMT
csp-reports
login.newscorpaustralia.com/
0
0
Other
General
Full URL
https://login.newscorpaustralia.com/csp-reports
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.108.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-108-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/csp-report

Response headers

27213708
login.newscorpaustralia.com/akam/13/ Frame F52F
0
0

2Ik5SXnMB
login.newscorpaustralia.com/L2hE9Iup/VHLDoHn/XSyFiIz/zo/aVY1NmXSLOX5/OwoJHgE/D1U/ Frame F52F
0
0

indies-loader.js
ts2020-indies-client.web.app/
4 KB
2 KB
Script
General
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36a1d1c43e402933e481767a31986cd28968a959cd0fcfb614fa1b2da6a8b7cc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
cache-syd10140-SYD
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Sat, 19 Nov 2022 04:13:26 GMT
last-modified
Mon, 14 Nov 2022 00:03:09 GMT
x-timer
S1668831206.117796,VS0,VE0
etag
"cbb3dfd4f549aa029702fc7ca53f4c8dd52daaf8e9559703aa852d3760850ff6-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1470
x-cache-hits
108730
extended-access.js
subscriptions.heraldsun.com.au/google-loader/
257 KB
65 KB
Script
General
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.108.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-108-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:26 GMT
content-encoding
gzip
strict-transport-security
max-age=600
last-modified
Tue, 30 Aug 2022 05:33:14 GMT
x-amz-cf-pop
SIN5-C1
etag
"04df6ed36e659404b1589354c5fb8697"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1
accept-ranges
bytes
x-amz-cf-id
hQ4SSN4u1HuPyrnzxD_PPi7w3wIO6zd15torGpCXqaplLjiLRSBpqg==
content-length
66268
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1668831205708
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1668831205708
5 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1668831205708
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.220.189.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-189-161.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
32b8dbc9a12eb35617037a96d95c753ae190565b3cb0d508f914463873564689
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-0a72cfc58.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
kKwg7AGwT/0=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1561
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-apse-1-v042-0a41412e1.edge-apse.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
I46j1XdhQ+A=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1668831205708
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=308599185882.03894?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
42526
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:24:40 GMT
view
googleads4.g.doubleclick.net/pcs/
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrj07iIB6ngK6k6GXNzwvwtvtgtW0iUONapyv2f6uMrab-3RaC8TcCJN4j6UjHrj9seij4iGNmxuz-GnD0QWYH5qpqmSgbUOWYILULZECotCzw-xXQVeA3WslqFSGrBOWYfSlt0PJ4oLQVXM7v&sai=AMfl-YTGu_lLxBT7XY8dxtWZ5zlqB0s-1zZ2X-m3DTQdv5WRTE5ow_5Qq2EEw7acDgYgTb-KgSvUYcqHSQty1MsaeQ&sig=Cg0ArKJSzMdIedgPUeEOEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20221110.90332&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=308599185882.03894?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 04:13:26 GMT
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=DdzMV1DCzoxGBklVGl&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=12514&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=6545&t=Bxo6qyDF3DnGCOV4Y1PYnmbXyqG2&V=136&i=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=0&_acct=anon&sn=1&sv=DcYf4FcuTzWDboYwNqt97PC3_Ayv&sd=1&im=062b0732&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.69.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-69-0.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:26 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
iasPET.1.js
cdn.adsafeprotected.com/
22 KB
7 KB
Script
General
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-39.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 10:28:18 GMT
Content-Encoding
gzip
Via
1.1 6a453f38d14868702eadac9560675990.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
582309
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
KWOZ3AscA1jYVbdT2L_gjRhEOq40IXqc16aqyMxpXBPfPBWWZsiAiA==
v2hknF_uKnh2Z55cqVSE-8Jm_8x4DBfp4MClEdeFo2aSsVGnfTpcTuUKYvvAjorC8wAN7QVPY
bedsberry.com/
187 B
214 B
Fetch
General
Full URL
https://bedsberry.com/v2hknF_uKnh2Z55cqVSE-8Jm_8x4DBfp4MClEdeFo2aSsVGnfTpcTuUKYvvAjorC8wAN7QVPY
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
c75d7d8679b1a2199be30a56a6631ff43ce5c9fb252ce595ab1fac3e6b472ed2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 19 Nov 2022 04:13:26 GMT
via
1.1 google
x-buildnumber
694373797
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-spot-p3jq
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 19 Nov 2022 04:13:25 GMT
384959879014125
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/384959879014125?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
7961a57c03f893ef288a05d846d36c46fe177dd280e0906d3f74c76bbac851e8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 19 Nov 2022 04:13:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86147
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
ISE4WvGhnKYiF/EMrus5GKanI9b4K/iVLJcTJRa0M7lr07NvBfYcuRVWxUeeerkFK5UGZjx9j5UmzdEAoHv9lQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
sync.taboola.com/sg/stroerrtb-network/1/rtb-h/ Frame 1FE1
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=0560958b5fa541d3b7f9a...
  • https://sync.taboola.com/sg/stroerrtb-network/1/rtb-h/?taboola_hm=0560958b5fa541d3b7f9abd46b9a0e3b
0
223 B
Image
General
Full URL
https://sync.taboola.com/sg/stroerrtb-network/1/rtb-h/?taboola_hm=0560958b5fa541d3b7f9abd46b9a0e3b
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
411327

Redirect headers

location
https://sync.taboola.com/sg/stroerrtb-network/1/rtb-h/?taboola_hm=0560958b5fa541d3b7f9abd46b9a0e3b
date
Sat, 19 Nov 2022 04:13:27 GMT
content-length
0
101956
jadserve.postrelease.com/suid/ Frame 1FE1
43 B
539 B
Image
General
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.56.167.15 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-167-15.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:27 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 1FE1
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y3hX58Co8YEAADgJERgAAAAA
0
223 B
Image
General
Full URL
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y3hX58Co8YEAADgJERgAAAAA
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
411327

Redirect headers

X-SO-Cluster-ID
4
Date
Sat, 19 Nov 2022 04:13:27 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":4,"gdpr":false,"ipv4":"173.245.209.165","key":"Y3hX58Co8YEAADgJERgAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40043"}
X-SO-Key
Y3hX58Co8YEAADgJERgAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40043
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y3hX58Co8YEAADgJERgAAAAA
Cache-Control
private
X-SO-HostName
a-ad40043.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng29.dc4p.scaleout.jp
X-SO-IP
173.245.209.165
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 1FE1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LANF0GRY-1P-1MUQ
0
52 B
Image
General
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LANF0GRY-1P-1MUQ
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Sat, 19 Nov 2022 04:13:27 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1668831208.565207,VS0,VE94
x-cache
MISS
accept-ranges
bytes
x-served-by
cache-syd10152-SYD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LANF0GRY-1P-1MUQ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 1FE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGyq0EctX75xHicUsh2e_x4&google_cver=1
0
241 B
Image
General
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGyq0EctX75xHicUsh2e_x4&google_cver=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
95
date
Sat, 19 Nov 2022 04:13:27 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1668831207.352920,VS0,VE95
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10152-SYD

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGyq0EctX75xHicUsh2e_x4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1FE1
42 B
245 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63:$UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 04:13:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 1FE1
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63
date
Sat, 19 Nov 2022 04:13:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
411328
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 1FE1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06
0
60 B
Image
General
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Sat, 19 Nov 2022 04:13:27 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1668831207.404067,VS0,VE94
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10152-SYD

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
merge
ce.lijit.com/ Frame 1FE1
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
696 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=42&3pid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:27 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:27 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 1FE1
49 B
729 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d97b86c77-qf7vz
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 1FE1
43 B
697 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:27 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 1FE1
0
67 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d41&uid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.250.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-250-127.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:28 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1FE1
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=dce714bd-31bf-4d4c-b783-26c16807bc33
0
232 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=dce714bd-31bf-4d4c-b783-26c16807bc33
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
416492

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:27 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=dce714bd-31bf-4d4c-b783-26c16807bc33
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1765572
content-length
0
expires
Sat, 19 Nov 2022 00:00:00 GMT
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 1FE1
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&gdpr=0&gdpr_consent=&us_privacy=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
  • https://id5-sync.com/c/464/108/6/2.gif?puid=5da9f952-c53c-4992-b227-fb1f58a0d6b4&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/5/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/5/3.gif?puid=7870255768103140305&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F4%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F4%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/10/4/4.gif?puid=1273501310181649069&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&ttl=%%TTL%%
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOzQ7y5tmBh_Juv6qnh65sY6eS7JoPLBAQTDpJFg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F2%2F6.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/2/6.gif?puid=21716378-57ec-4100-90d0-4d398c6bffac&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/1/7.gif?puid=CDE2B453590C767E&gdpr=0&gdpr_consent=
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/285.gif?puid=LANF0GZ0-1H-D5IH&gdpr=0
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOzQ7y5tmBh_Juv6qnh65sY6eS7JoPLBAQTDpJFg
0
232 B
Image
General
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOzQ7y5tmBh_Juv6qnh65sY6eS7JoPLBAQTDpJFg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
413612

Redirect headers

location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOzQ7y5tmBh_Juv6qnh65sY6eS7JoPLBAQTDpJFg
date
Sat, 19 Nov 2022 04:13:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 1FE1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8&ssp=taboola&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10523645694172603081&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=5da9f952-c53c-4992-b227-fb1f58a0d6b4&ssp=taboola&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10523645694172603081&ssp=taboola&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232233304340002557663&ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10523645694172603081&ssp=taboola&gdpr=0&gdpr_consent=
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8
0
232 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:32 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
413963

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8
Date
Sat, 19 Nov 2022 04:13:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 1FE1
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d5101a8e-c355-4008-8992-2da8df386423
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d5101a8e-c355-4008-8992-2da8df386423&tbid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&query=taboola_hm%3Dd5101a8e-c355-...
0
78 B
Image
General
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d5101a8e-c355-4008-8992-2da8df386423&tbid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&query=taboola_hm%3Dd5101a8e-c355-4008-8992-2da8df386423&isDirect=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 19 Nov 2022 04:13:30 GMT
via
1.1 varnish
server
nginx
x-timer
S1668831210.168363,VS0,VE133
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10152-SYD

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d5101a8e-c355-4008-8992-2da8df386423&tbid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&query=taboola_hm%3Dd5101a8e-c355-4008-8992-2da8df386423&isDirect=0
date
Sat, 19 Nov 2022 04:13:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
414794
sd
u.openx.net/w/1.0/ Frame 1FE1
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&gdpr=0&gdpr_consent=
43 B
61 B
Image
General
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&gdpr=0&gdpr_consent=
date
Sat, 19 Nov 2022 04:13:28 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
xuid
eb2.3lift.com/ Frame 1FE1
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 19 Nov 2022 04:13:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Sat, 19 Nov 2022 04:13:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame 1FE1
49 B
384 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.70.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-70-27.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:28 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 1FE1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=_Svn7znXSxFNOfBUqkEPQ6310aU
0
223 B
Image
General
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=_Svn7znXSxFNOfBUqkEPQ6310aU
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
414794

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=_Svn7znXSxFNOfBUqkEPQ6310aU
Date
Sat, 19 Nov 2022 04:13:29 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
sync
x.bidswitch.net/ Frame 1FE1
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=453&user_id=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 04:13:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
t.adx.opera.com/ Frame 1FE1
35 B
468 B
Image
General
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:29 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 1FE1
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=1c6aefa5-c55c-476d-9668-09feef287781
0
232 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=1c6aefa5-c55c-476d-9668-09feef287781
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
415289

Redirect headers

date
Sat, 19 Nov 2022 04:13:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=1c6aefa5-c55c-476d-9668-09feef287781
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cds-pips.js
cdn.taboola.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Sat, 19 Nov 2022 04:13:25 GMT
x-amz-request-id
X0ZYP01DBVFV8BGR
age
3050
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
4Kz0IYrYemcpVmkh7tqXAdNXHjnvoIBG0gj4fKylvZEutp7Kxoecb4kvf6bm3AoltdeGYgepo18=
x-served-by
cache-syd10152-SYD
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1668831206.959984,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
93
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
6138
eid.es5.js
cdn.taboola.com/scripts/
15 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a4fe2266b924e98a73a8ea5a7357f33336079209df75e32b46bb9b3bd749f4d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
ItOUaDH3mvr.RqV2EVGxjh_uxHtuZobH
content-encoding
gzip
via
1.1 varnish
date
Sat, 19 Nov 2022 04:13:25 GMT
x-amz-request-id
0M9DCPFC5D68SFND
age
28080
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5498
x-amz-id-2
s79IFzd23I8/ofvLUJACdnwJHHPf/WW8Hf1tWWDPXnb9g45P10zAzp2qKtu2WYb/Prh1MvU5Ww4=
x-served-by
cache-syd10152-SYD
last-modified
Wed, 01 Jun 2022 11:14:10 GMT
server
AmazonS3
x-timer
S1668831206.959976,VS0,VE0
etag
"e0a372c62b47828b71ca168ba9d2b098"
vary
Accept-Encoding
content-type
application/javascript
abp
93
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
81308
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/
381 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 10:44:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62938
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Nov 2023 10:44:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
144 B
341 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
x-xss-protection
0
expires
Sat, 19 Nov 2022 04:13:26 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221119
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d394c8474dfabc643e183cc3421642ad0842d0a0c8144bc4c6077de64e6845
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 04:13:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4325
x-jsd-version
1.0.1528
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4544-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-0Yuu8EilQG0pLc40+fWjoPTTtbM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ww1SEDthS6XZ9s%2BOpRg9TQ8OP%2BRKo3XJr0UTcX%2BLLvW2yxK1n%2FOAkrcveUqsB9bCuVFzaGe78LR%2FtKJU1gksFzNoWAZhJpVvSZ0bZ0B8mP4rLV5T28vQN4FsRTnfPNJEHT8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
76c61cfedea7a971-SYD
door.js
au-script.dotmetrics.net/
9 KB
4 KB
Script
General
Full URL
https://au-script.dotmetrics.net/door.js?id=13062
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-97.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
2a9c082606e06f097d256a0b794e9d7ec1027a4bd8c93b1bb5625cfeff7a5d33

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:29 GMT
content-encoding
br
via
1.1 f5171077d7910626ec3cf65e0c222f3c.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
etag
"13062...216.2022111904"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
2cNeuTACcoGV2qheN9JHh3ebZbJShsUTaM3LTL0NtkJdHrRQ5ZW46A==
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/
35 B
362 B
Image
General
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=4a4d960152ba9d6cd13a076e260282fb&timewithTz=2022-11-19T04:13:25.075Z&country=au&newsconnectId=&fpid=bfe2ef30bb338b9eedd84e8ab566b718
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.167.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-167-128.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:26 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
/
pips.taboola.com/
4 B
183 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
cache-syd10136-SYD
date
Sat, 19 Nov 2022 04:13:26 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
65568.js
cdn.brandmetrics.com/scripts/bundle/
45 KB
15 KB
Script
General
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7141b95c3bb7533101c1074d98d7ec2f404a12f29aca043c1ca899d5272084ad

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:26 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 19 Nov 2022 04:02:46 GMT
server
cloudflare
age
640
cf-polished
origSize=46569
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKj8O%2Bu79lYasUNg8hkufq6UNUqWMXa%2FUTPAhquXIaskYfy4WPBTP1%2BFpxzL1ceFqs7idOrGygMEwWkf8b4HgF2%2F5vISBGigvWX38N6DRZwhrxS5IFfPmwjR8%2BLFZ6XXmN0m4Kul"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
76c61cfe0ca3a870-SYD
c.js
collector.brandmetrics.com/
0
76 B
Script
General
Full URL
https://collector.brandmetrics.com/c.js?siteid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au&rnd=550839
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:28 GMT
content-length
0
content-type
text/javascript;charset=utf-8
campaigns
resourcesssl.newscdn.com.au/indies/
896 B
974 B
XHR
General
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.58.140.194 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-194.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
e87455ae95f61cfbc0f7cb6fddf160a4359d212caca78f512ce2fe37dded02e0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

x-cache-hits
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Sat, 19 Nov 2022 04:13:26 GMT
x-powered-by
Express
content-length
503
x-served-by
cache-qpg1234-QPG
server
Google Frontend
x-timer
S1668831047.939218,VS0,VE292
etag
W/"380-buHeOXtmZuLHUq6FLZ+ztTi2ZXY"
x-i
true
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
93fb4570e64a2004a193d64b745fbf12
cache-control
private, max-age=1668
function-execution-id
z6ld9cmwek9h
accept-ranges
bytes
x-orig-accept-language
en-US,en;q=0.9,zh-TW;q=0.8,zh;q=0.7
x-country-code
SG
expires
Sat, 19 Nov 2022 04:41:14 GMT
campaigns
resourcesssl.newscdn.com.au/indies/ Frame
0
0
Preflight
General
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.58.140.194 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-194.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
private, max-age=1800
content-type
text/html
date
Sat, 19 Nov 2022 04:13:26 GMT
expires
Sat, 19 Nov 2022 04:43:26 GMT
function-execution-id
z6ldbhg7m2ji
server
Google Frontend
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-cache-hits
0
x-cloud-trace-context
b5098c90ca4118cf7a2d4f87b21a54f0
x-country-code
SG
x-i
true
x-powered-by
Express
x-served-by
cache-qpg1229-QPG
x-timer
S1668831206.279650,VS0,VE231
validate
a.vidora.com/v1/
0
241 B
Ping
General
Full URL
https://a.vidora.com/v1/validate?api_key=vidora_client_reports.A8E73214DD4B0739B34885EA8DA2C229
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.237.58.233 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-237-58-233.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 04:13:30 GMT
cache-control
no-cache
content-type
application/octet-stream
server
nginx
transfer-encoding
chunked
expires
Sat, 19 Nov 2022 04:13:29 GMT
/
cds.taboola.com/
0
82 B
XHR
General
Full URL
https://cds.taboola.com/?uid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 04:13:26 GMT
cache-control
no-store
server
nginx
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/
195 KB
55 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-25.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
Tw1ZrV6S6M8HrQmSnEoR4BpykB7j_69v
content-encoding
gzip
via
1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront)
date
Sat, 19 Nov 2022 03:21:12 GMT
x-amz-cf-pop
SIN2-P2
age
3135
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 28 Sep 2022 14:09:01 GMT
server
AmazonS3
etag
W/"81a9e2a298d0019660cb2966f0c24748"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
-ERxSeVw9FxUZKyHb-f2KhekPZr0DvqmKuadYYxKIu1bz9KSgHgBsQ==
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1668831206681&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1668831206679.1938170883&it=1668831205877&coo=false&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 19 Nov 2022 04:13:28 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/
18 KB
2 KB
XHR
General
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.171.89 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-52-171-89.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
l9D1IqPRm1y4Lw22.2rGXeIk3RrovmWM
content-encoding
gzip
date
Sat, 19 Nov 2022 04:13:27 GMT
last-modified
Fri, 11 Nov 2022 05:56:39 GMT
server
AmazonS3
x-amz-cf-pop
TPE52-C1
etag
"189bff3ecbc5fc21ff53bd3b46f8ee8b"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=279
accept-ranges
bytes
x-amz-cf-id
Gv7cyZvPBIXmNhb87PD373MEeGmcxx5YeT3B6CwpFNWubvFQFFOQUA==
content-length
1284
validate
assets.vidora.com/v1/
0
298 B
Ping
General
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-8.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 19 Nov 2022 04:13:26 GMT
via
1.1 5230066306741527c1870ae028182b78.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
mleQ0O2qN3fEgCHTSshNeREmAaMHNoBH60jF1ZvDjGvOav4VaRXgtA==
expires
Sat, 19 Nov 2022 04:13:25 GMT
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/
65 B
352 B
XHR
General
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-199.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:27 GMT
server
AkamaiNetStorage
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=1835
content-length
65
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 7610
12 KB
4 KB
Document
General
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-25.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1796
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sat, 19 Nov 2022 03:43:31 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 28 Sep 2022 14:09:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront)
x-amz-cf-id
YF6pqgcFf05gbNKW4UHkadauG0J6shu1dkCFBf_VJ5eye-qd9O9Bpg==
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
kefD87rpNa3sUBHNjAEOkjjRzic54A4V
x-cache
Hit from cloudfront
701.json
id5-sync.com/g/v2/
461 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
9b564967ed7d5dd89dd0c2088d1bdb806f6f331d2a254814464959c0de8fdfb2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 04:13:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
pub
pixel.adsafeprotected.com/services/
652 B
890 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=ecad4c17-a51d-013c-3a56-fbb837f385b4&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.71.123 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-71-123.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
77cd9462caccd2ec4b51b88746b66554c5e47d4765b5af278902a2be5a670bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:27 GMT
server
nginx
x-server-name
app02.sg.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
envelope
api.rlcdn.com/api/identity/
0
283 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 04:13:27 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
dest5.html
newscorpau.demdex.net/ Frame 38DE
7 KB
3 KB
Document
General
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.213.224.33 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-213-224-33.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-apse-1-v042-0f2b5f85f.edge-apse.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ob2+rCpAQUU=
content-encoding
gzip
date
Sat, 19 Nov 2022 04:13:27 GMT
last-modified
Fri, 28 Oct 2022 11:03:12 GMT
vary
accept-encoding
id
metrics.heraldsun.com.au/
48 B
466 B
XHR
General
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=87687283538456159243165546327420702623&ts=1668831206889
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
a64b5042dff35b293a978dd5e7ba3c40ad6e903fc1c690ed0483ba0ca8bb15d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 19 Nov 2022 04:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y3hX6QAAALJzdAN9
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=87708424576475003343163438819615137413
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3hX6QAAALJzdAN9
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3hX6QAAALJzdAN9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.220.189.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-189-161.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-0f78b17ee.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Vo+XO3f0SQk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3hX6QAAALJzdAN9
Date
Sat, 19 Nov 2022 04:13:29 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
trinity.json
syd-1-apex.go.sonobi.com/
0
0

translator
hbopenbid.pubmatic.com/
0
120 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sat, 19 Nov 2022 04:13:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/
37 B
577 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=277566&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211b7c0f282349dc%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%3Fpagetype%3Dhomepage%26sec1%3Dhome%26sec2%3D%26sec3%3D%26env%3D%26adl%3Dfalse%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.13.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22123a608a0e54878%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A1800%2C%22h%22%3A1000%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%221800x1000%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%7D%7D%2C%7B%22id%22%3A%22156d575bc928e9a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%7D%7D%2C%7B%22id%22%3A%2217694e80e09b06%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22320697%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%7D%7D%2C%7B%22id%22%3A%22181244fc1ebc4db%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22320695%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91af5e874c4333f50bfc4bc9adcb5650b25fc3b00aa7a9ee7bbc63bc2ecdb359

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLtxx%2F8ny6na42tXBvTVAYWIDsH1U9tbNUQ%2Fa0RxpwGswo6cz8Bw1WDmX7mdyXpIONgC48vGaVv%2Fo3uFt%2BbFBitjJ%2BjRKSHYWu9tmJjVIXSLv9%2BzrMezJk%2FO2Nm%2BX2J6qw4CXLe1"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76c61d04e87ca7ed-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/
18 B
318 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=72975610574
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 04:13:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
ads.playground.xyz/host-config/
0
344 B
XHR
General
Full URL
https://ads.playground.xyz/host-config/prebid?v=2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 04:13:27 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
e34daef2-f5f9-4515-b913-6fa1eff6a736
fastlane.json
fastlane.rubiconproject.com/a/api/
407 B
733 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=2&alt_size_ids=57%2C68&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=c3791b3a-8107-4d13-bbb4-2c261d364d99&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&slots=1&rand=0.8725482566926683
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
485c1bb3b3d4e4b0f1ba3adc7e19db129a20ab7c492e193f91dbd74797255f11

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
407
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
406 B
731 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=2de37169-f4fb-4df1-a5f7-0c3f3ed42dc9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&slots=1&rand=0.7422349283245921
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b73b8fa9ace8e17857424d7c5c99325bc73cb132657153d6272b4e7d19e8eceb

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
406
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
384 B
709 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=f1e71ebb-0d20-48eb-9dd4-a8d7792b0a80&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&slots=1&rand=0.6156140550821785
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ebe31eeb8162fd4bb5f83c53390e3fb951c6c077bfca4c169fe1c451e4618d70

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
384
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
386 B
943 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=f1dc4526-4bd3-4830-a582-f673ca591099&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&slots=1&rand=0.25898687627180106
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
295a40a304d4c00268f9af46d585024ea20a8b0d62a8ecb5f9f1f2542fe7a80d

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
386
expires
Wed, 17 Sep 1975 21:32:10 GMT
v2
mfad.inskinad.com/api/
162 B
797 B
XHR
General
Full URL
https://mfad.inskinad.com/api/v2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.52.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-52-228.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
0f08a1fce0c3e535b1f2637fe5e17e7d04c1fc905360c7c298aef3bc4bf727da

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

expires
0
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:28 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"a2-I/hJqNXNlUBUopdvsZp3qHTnia0"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
162
x-served-by
bifrost-production-shard001-us-east-1e-i-02c64268fea1e276c
prebid
ib.adnxs.com/ut/v3/
19 B
718 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:27 GMT
AN-X-Request-Uuid
47f0b35b-2beb-45f5-b1fd-2dd9f82c7d8b
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
swg.js
news.google.com/swg/js/v1/
152 KB
47 KB
Script
General
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f138.1e100.net
Software
sffe /
Resource Hash
c48f224fd876acd5f21e3a5c335be806b2ee912fbf9f705acf8497eba7c503db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47685
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 23:02:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:57:20 GMT
config
c.amazon-adsystem.com/cdn/prod/
0
315 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.158.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-158-57.hkg54.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 02:52:33 GMT
via
1.1 000be6a6f55d3278e3e48047baa61246.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
HKG54-C1
age
4854
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
gKs3kZudx4wTCnaGXVSCj12ZcfQR7zicEVrMeNINBhS5kkjdfBQzRg==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
101 B
439 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&pid=zX7Hj4rnfWpmy&cb=0&ws=1600x1200&v=22.1107.1609&t=4000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x50%22%2C%221000x100%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%2C%221000x150%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-2%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-2%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.54.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-54-4.jnb50.r.cloudfront.net
Software
Server /
Resource Hash
e8e27390a3f66b6511e34535dc56f9210ea24928edbe56ac0a6c007024f0ac85

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:28 GMT
via
1.1 2ca828f4081462e646042cb2c386acb2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JNB50-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
101
x-amz-cf-id
XXSmtD9Ea33Xn_89IQIJuH8YiV5KgXO32F5HMruGj2wzgn7csJN1bA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.158.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-158-57.hkg54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding
gzip
via
1.1 4d5fa6bed14944a743cd122ad4fe5d4a.cloudfront.net (CloudFront)
date
Sat, 19 Nov 2022 03:20:10 GMT
x-amz-cf-pop
HKG54-C1
age
3198
x-cache
Hit from cloudfront
last-modified
Fri, 18 Nov 2022 03:05:15 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
KWNBjhepVGygjlDZIXsXW2cLuvFDkjV6O5gA0Zv1gKHT9RakO7Y6kQ==
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 7610
44 B
721 B
Image
General
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=zlmk2tlq5oonviahbufztslgnyhcc1668831206&c16=sdkv,bj.6.0.0&uoo=&fp_id=wzgxgmzce8gf0rvjzkr08wndq0sl61668831206&fp_cr_tm=1668831206826&fp_acc_tm=1668831206826&fp_emm_tm=1668831206826&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.158.212 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-158-212.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:27 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
zlmk2tlq5oonviahbufztslgnyhcc1668831206.nuid.imrworldwide.com/ Frame 7610
35 B
350 B
Image
General
Full URL
https://zlmk2tlq5oonviahbufztslgnyhcc1668831206.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-93.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 14:37:57 GMT
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
48931
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
1myzqvd8tzznNdECxtcN7OApajdEKFSjbWmpcipdwAeOZnySAOlTiQ==
/
www.facebook.com/tr/
0
18 B
Image
General
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=Microdata&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1668831207185&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22meta%3Adescription%22%3A%22News%20and%20Breaking%20News%20-%20Headlines%20Online%20including%20Latest%20News%20from%20Australia%20and%20the%20World.%20Read%20more%20News%20Headlines%20and%20Breaking%20News%20Stories%20at%20Herald%20Sun%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Herald%20Sun%22%2C%22%40id%22%3A%22heraldsun.com.au%22%7D%2C%22isAccessibleForFree%22%3A%22True%22%2C%22isPartOf%22%3A%7B%22%40type%22%3A%5B%22CreativeWork%22%2C%22Product%22%5D%2C%22name%22%3A%22Herald%20Sun%22%2C%22productID%22%3A%22heraldsun.com.au%3Adigital%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.2.1668831206679.1938170883&it=1668831205877&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 19 Nov 2022 04:13:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
v1
lb.eu-1-id5-sync.com/lb/
33 B
407 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
0e56a77328a7ac0c307fff20cc40b71b466a5798b95f5020e44344f7ed6db0b5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sat, 19 Nov 2022 04:13:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/
34 B
288 B
XHR
General
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
ce198c1d3387ca52ac0766c5c62017c1b311c7a399207cf9b897923d0b6d5e38
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sat, 19 Nov 2022 04:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
34
vary
Origin
content-type
application/json
Serving
bs.serving-sys.com/
10 KB
3 KB
Script
General
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=6288423851991299495&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D7616150193870769722$$&ns=0&rnd=749216554135504&uinadv=%7B%7D
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.199.87 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-199-87.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cf7383a82a636456df602650c9a3247de483b7468f9587895862be1cee803e30

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:29 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
2469
expires
Sun, 05-Jun-2005 22:00:00 GMT
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame
0
0
Preflight
General
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.236.243.253 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-236-243-253.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Sat, 19 Nov 2022 04:13:28 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/
2 B
557 B
XHR
General
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.236.243.253 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-236-243-253.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Sat, 19 Nov 2022 04:13:29 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame 5466
12 KB
4 KB
Document
General
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.227.138.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-138-75.bom50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
3047
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 19 Nov 2022 03:22:49 GMT
ETag
W/"748ca6666533691c2a9fad2f102bc379"
Last-Modified
Mon, 21 Mar 2022 03:18:39 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 e221dd682c056cf3c41b7522a02aa0a6.cloudfront.net (CloudFront)
X-Amz-Cf-Id
_UX1dmXJaUWmMCsU7gQcGtMr-F5igp5RNYj1oon5DRRSX40NQOLeew==
X-Amz-Cf-Pop
BOM50-C1
X-Cache
Hit from cloudfront
lookuplist
au.audience.newscgp.com/
108 B
477 B
XHR
General
Full URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=bfe2ef30bb338b9eedd84e8ab566b718&&bust=16688312075980.5155481282583592&errors-in-body=1
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-91.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
c087f511d809ad2bebf4c54b615d93ecf492f796bffff9d13cffa4fd50499b54

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:28 GMT
via
1.1 db75d9999621c662b2eccf4f496b12aa.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
108
x-amz-cf-id
BxCRShkchmMiXUQpJ3sezwcLdyokPebgXGWLmNFNFU4eMWC0CZJOVA==
id
dpm.demdex.net/
5 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=87687283538456159243165546327420702623&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%01bfe2ef30bb338b9eedd84e8ab566b718%011&ts=1668831207685
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.189.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-189-161.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
34fc843ecd4e57d1126e02435f04baf5564652803cc261d984432e4abbdcb565
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-apse-2-v042-0469f4265.edge-apse.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
9Z5wAMlZTVg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1562
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ibs:dpid=358&dpuuid=7870255768103140305
dpm.demdex.net/ Frame 38DE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=7870255768103140305
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7870255768103140305
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.220.189.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-189-161.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-0469f4265.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
STgL5R74Rug=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:28 GMT
AN-X-Request-Uuid
832e5597-f930-4a37-a5b4-ba5b0b489435
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7870255768103140305
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=470&dpuuid=7481973582026346771
dpm.demdex.net/ Frame 38DE
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=7481973582026346771
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7481973582026346771
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.220.189.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-189-161.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-02385af16.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
R3AVvU+dSrw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7481973582026346771
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:27 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
s15042361141681
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/
5 KB
5 KB
Script
General
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/s15042361141681?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=19%2F10%2F2022%204%3A13%3A27%206%200&cid.&newsnkidcookie.&id=bfe2ef30bb338b9eedd84e8ab566b718&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=bfe2ef30bb338b9eedd84e8ab566b718&mid=87687283538456159243165546327420702623&aamlh=3&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPreviousValue=3.0&getPercentPageViewed=5.0.1&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D65&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=3%3A13%20PM%7CSaturday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=65&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cnsw%7Csydney%7C-33.88%7C151.22%7Cgmt%2B10%7Cunknown&v79=au&v80=bfe2ef30bb338b9eedd84e8ab566b718-00000000000000000000000000000000-1668831205259-292304&v110=2022-11-19%2004%3A13%3A21&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
adf2ebc8b002a6cb72ace9be8e489509bb81815cdc6a50afbf6d02d74e748d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-aam-tid
9We2n7jtTWs=
date
Sat, 19 Nov 2022 04:13:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
4969
x-xss-protection
1; mode=block
dcs
dcs-prod-apse-1-v042-04d879201.edge-apse.demdex.com 5 ms
pragma
no-cache
last-modified
Sun, 20 Nov 2022 04:13:28 GMT
server
jag
etag
3583787732266090496-4619666663596293241
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Fri, 18 Nov 2022 04:13:28 GMT
ibs:dpid=481&dpuuid=LANF0GZ0-1H-D5IH
dpm.demdex.net/ Frame 38DE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=6404&puid=87708424576475003343163438819615137413&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LANF0GZ0-1H-D5IH?gdpr=0
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=481&dpuuid=LANF0GZ0-1H-D5IH?gdpr=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.220.189.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-189-161.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v042-04d879201.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
bFJE5wNqQF4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=481&dpuuid=LANF0GZ0-1H-D5IH?gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=771&dpuuid=CAESEFg4qk8RGTU8Ta3-mlmey3A&google_cver=1
dpm.demdex.net/ Frame 38DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODc3MDg0MjQ1NzY0NzUwMDMzNDMxNjM0Mzg4MTk2MTUxMzc0MTM=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFg4qk8RGTU8Ta3-mlmey3A&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFg4qk8RGTU8Ta3-mlmey3A&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.220.189.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-189-161.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v042-07a5bb2db.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
eX7ae4gFRTE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFg4qk8RGTU8Ta3-mlmey3A&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=903&dpuuid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06
dpm.demdex.net/ Frame 38DE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.220.189.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-189-161.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-0a72cfc58.edge-apse.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
t4YVL2qlT60=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
189
usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame 38DE
0
0
Image
General
Full URL
https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ibs:dpid=23728&dpuuid=Y3hX6Na-JlG83cbzRPQ1RQAA%264749
dpm.demdex.net/ Frame 38DE
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3hX6Na-JlG83cbzRPQ1RQAA%264749
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3hX6Na-JlG83cbzRPQ1RQAA%264749
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.220.189.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-189-161.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-08b2b77fc.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ekGJ2PbcReo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jt0lSqOc7JVum7HXF8LOEr1TZq9kfBiAaCjSZ8Ye7YQvSmm0x5o4lYw4gbN2I71fhw6p9Jus1FhBix0QySyrHdtnd%2BLDThzF1kVyfzGL0V0EG9O49Gw6IQ9WViyOjTfUUdJCZjYO"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3hX6Na-JlG83cbzRPQ1RQAA%264749
cache-control
no-cache
cf-ray
76c61d0ffebb6a6c-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
ibs:dpid=30432&dpuuid=CI-b7412e1449c6e31df032364bb48446c1
dpm.demdex.net/ Frame 38DE
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=87708424576475003343163438819615137413&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-b7412e1449c6e31df032364bb48446c1
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-b7412e1449c6e31df032364bb48446c1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.220.189.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-189-161.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v042-07ac04a21.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
igUFek3IRyo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-b7412e1449c6e31df032364bb48446c1
Date
Sat, 19 Nov 2022 04:13:29 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
701.json
id5-sync.com/g/v2/
456 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
5a0df5a7e671b6a6d17df3f77711514479d609a0254b189b77c7d50336aef3fb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 04:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 38DE
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=87708424576475003343163438819615137413&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=87708424576475003343163438819615137413&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.220.189.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-189-161.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-0a72cfc58.edge-apse.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
M9RStO+VSj4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
303,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Sat, 19 Nov 2022 04:13:29 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
usermatch.gif
beacon.krxd.net/ Frame 38DE
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=87708424576475003343163438819615137413
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=87708424576475003343163438819615137413
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=87708424576475003343163438819615137413
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
52.88.253.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-253-169.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n006-pdx-prod.krxd.net
date
Sat, 19 Nov 2022 04:13:30 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1668831210
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=87708424576475003343163438819615137413
date
Sat, 19 Nov 2022 04:13:29 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a006-ash-prod.krxd.net
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame 38DE
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=87708424576475003343163438819615137413&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
960 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.220.189.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-189-161.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v042-0e63d76f7.edge-apse.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
XQ51JwdvTw0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
303,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Sat, 19 Nov 2022 04:13:29 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
gn
secure-sdk.imrworldwide.com/cgi-bin/
44 B
597 B
Image
General
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=wzgxgmzce8gf0rvjzkr08wndq0sl61668831206&fp_cr_tm=1668831206826&fp_acc_tm=1668831206826&fp_emm_tm=1668831206826&ve_id=&sessionId=zlmk2tlq5oonviahbufztslgnyhcc1668831206&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,9t7joiwdqpjeodld9viyh1bdv1p9o1668831207&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16688312068219933&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1668831205293&c3=st,c&c64=starttm,1668831208&adid=1668831205293&c58=isLive,false&c59=sesid,&c61=createtm,1668831208&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&sdd=&c62=sendTime,1668831208&rnd=471874
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.158.212 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-158-212.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:28 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 38DE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTNoWDZRQUFBTTFERFFBcg==&_test=Y3hX6QAAAM1DDQAr
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTNoWDZRQUFBTTFERFFBcg==&_test=Y3hX6QAAAM1DDQAr
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-syd10124-SYD
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668831209.449121,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTNoWDZRQUFBTTFERFFBcg==&_test=Y3hX6QAAAM1DDQAr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
iu3
s.amazon-adsystem.com/ Frame B013
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5&dcc=t
271 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
76d3d3afe9155d36343ffcfd2944db155511b33ac954cd529b13bc8e30fa0d2e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
271
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 19 Nov 2022 04:13:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MSPWCP8G9J9SWET3JRZ2

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 19 Nov 2022 04:13:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
PHV909W93666FSXR2EQP
publishertag.prebid.117.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Nov 2022 04:13:29 GMT
interact
edge.adobedc.net/ee/v1/
727 B
835 B
Fetch
General
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=eb91b4a9-bbc3-40fd-9fa5-939a8a957150
Requested by
Host: cdn1.adoberesources.net
URL: https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
102d7858b58ecf570036c946013900ce860e6ca989b1d74bbdd892f53589c8a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Sat, 19 Nov 2022 04:13:29 GMT
content-encoding
deflate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-rate-limit-remaining
599
x-adobe-edge
SGP3;3
x-xss-protection
1; mode=block
x-request-id
eb91b4a9-bbc3-40fd-9fa5-939a8a957150
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-konductor
22.11.2:836cd9b5
tap.php
pixel.rubiconproject.com/ Frame 38DE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y3hX6QAJHXBDTgAr
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y3hX6QAJHXBDTgAr&expires=90&_test=Y3hX6QAJHXBDTgAr
42 B
691 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y3hX6QAJHXBDTgAr&expires=90&_test=Y3hX6QAJHXBDTgAr
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-syd10124-SYD
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668831209.463949,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y3hX6QAJHXBDTgAr&expires=90&_test=Y3hX6QAJHXBDTgAr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 38DE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y3hX6QAJLiFtNwAO
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3hX6QAJLiFtNwAO&_test=Y3hX6QAJLiFtNwAO
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3hX6QAJLiFtNwAO&_test=Y3hX6QAJLiFtNwAO
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-syd10124-SYD
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668831209.454285,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3hX6QAJLiFtNwAO&_test=Y3hX6QAJLiFtNwAO
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
hit.gif
au-script.dotmetrics.net/
43 B
1 KB
Image
General
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1668831209175&pvs=1&pvid=32a4d6e8-4763-4f0d-8d1d-ff9377e9a4c2&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-97.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:29 GMT
dotmetrics-hit-status
01 OK
via
1.1 f5171077d7910626ec3cf65e0c222f3c.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
7pkxjylnkdgYrJn3D7nBgB6urFvCxgiSNUMslXKAHYd_ua2pdYH4ww==
hit.gif
rm-script.dotmetrics.net/
807 B
1 KB
Image
General
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1668831209175&pvs=1&pvid=32a4d6e8-4763-4f0d-8d1d-ff9377e9a4c2&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.131.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-131-60.icn54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 23:19:14 GMT
via
1.1 874b64d97046903d1eac41de7eeaf51e.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 10:59:12 GMT
server
AmazonS3
x-amz-cf-pop
ICN54-C2
age
17656
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
QGRMqt919iqUnzc_yQUfMoFdnQIyOnRJVaHHeGmXiqwD2GoXsLapPg==
setuid
ib.adnxs.com/ Frame 38DE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Y3hX6QAAAflyDgAT
  • https://ib.adnxs.com/setuid?entity=158&code=Y3hX6QAAAflyDgAT&_test=Y3hX6QAAAflyDgAT
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=158&code=Y3hX6QAAAflyDgAT&_test=Y3hX6QAAAflyDgAT
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:29 GMT
AN-X-Request-Uuid
bef09898-8d94-4374-b7ac-79e8ca3ff0b3
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-syd10124-SYD
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668831210.753374,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=Y3hX6QAAAflyDgAT&_test=Y3hX6QAAAflyDgAT
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/
2 B
557 B
XHR
General
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.236.243.253 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-236-243-253.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Sat, 19 Nov 2022 04:13:29 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
script.js
au-script.dotmetrics.net/Scripts/
79 KB
33 KB
Script
General
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=216
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13062
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-97.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
2f323c23ab941c9e378e9d2152511d980d7a88ead0645133a98ecfe2027bbf61

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:29 GMT
content-encoding
br
via
1.1 f5171077d7910626ec3cf65e0c222f3c.cloudfront.net (CloudFront)
last-modified
Wed, 16 Nov 2022 21:34:39 GMT
server
Kestrel
x-amz-cf-pop
SIN2-C1
etag
"1d8fa033b0c7c86"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
IMkcXlS93f0ZWTQtsd2cTU136JIKgX6LmlwV9_G1Kkklrl4r9fZsRw==
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame
0
0
Preflight
General
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.236.243.253 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-236-243-253.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Sat, 19 Nov 2022 04:13:29 GMT
Server
nginx
sd
us-u.openx.net/w/1.0/ Frame 38DE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y3hX6QAAALJzdAN9
43 B
180 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y3hX6QAAALJzdAN9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-syd10124-SYD
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668831209.345179,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y3hX6QAAALJzdAN9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 38DE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hX6QAAALJzdAN9
1 B
319 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hX6QAAALJzdAN9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 04:13:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-syd10124-SYD
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668831209.445873,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hX6QAAALJzdAN9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 38DE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3hX6QAJHXBDTgAr&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3hX6QAJHXBDTgAr&img=1&__user_check__=1&sync_id=8651446e-67c0-11ed-9b5c-1554f2220207
43 B
547 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3hX6QAJHXBDTgAr&img=1&__user_check__=1&sync_id=8651446e-67c0-11ed-9b5c-1554f2220207
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
103.71.26.125 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 04:13:30 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
6
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sat, 19 Nov 2022 04:13:30 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=6409&uid=Y3hX6QAJHXBDTgAr&img=1&__user_check__=1&sync_id=8651446e-67c0-11ed-9b5c-1554f2220207
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
91
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame 38DE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3hX6QAJHXBDTgAr&t=2592000&o=0
43 B
69 B
Image
General
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3hX6QAJHXBDTgAr&t=2592000&o=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-sin6.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:13:29 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
ihi1+7U8jY4pt0BOp8kesEnrOiM3YwpJ1eKtQo0m8F0RVFhIW+/9TtXwfzWvgj7EJVGDkyJUN+LzWksdoSHuKw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
content-type
image/gif
cache-control
public, max-age=0
priority
u=3,i
expires
Fri, 18 Nov 2022 20:13:29 PST

Redirect headers

x-served-by
cache-syd10124-SYD
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668831210.648038,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3hX6QAJHXBDTgAr&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ibs:dpid=147592
dpm.demdex.net/ Frame 38DE
Redirect Chain
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.220.189.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-189-161.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-014faf399.edge-apse.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
YFoySUPjQtM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-vcl-time-ms
94
date
Sat, 19 Nov 2022 04:13:29 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1668831210.749345,VS0,VE94
x-cache
MISS
location
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10152-SYD
SiteEvent.dotmetrics
au-script.dotmetrics.net/
399 B
1 KB
Script
General
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMwNjIsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS8iLCJydXJsIjoiIiwicHZpZCI6IjMyYTRkNmU4LTQ3NjMtNGYwZC04ZDFkLWZmOTM3N2U5YTRjMiIsInR6T2Zmc2V0IjowLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1668831209746
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-97.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
d048a29e1ee138d86b106d9da97c5b7e1e86b3b6488e9e7ca7595ffae2e75712

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:29 GMT
content-encoding
br
via
1.1 f5171077d7910626ec3cf65e0c222f3c.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
C4M2m1X3YNG-q0SR7FEH3Q8BRbL_rHuv77-4YSBVSx8_1QJ7zMXALQ==
0
sync.1rx.io/usersync/adobe/ Frame 38DE
0
99 B
Image
General
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.44 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:30 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
swg-button.css
news.google.com/swg/js/v1/
21 KB
6 KB
Stylesheet
General
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f138.1e100.net
Software
sffe /
Resource Hash
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6458
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 19:15:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:57:14 GMT
loader.svg
news.google.com/swg/js/v1/
0
1 KB
Other
General
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f138.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:25:47 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame 1E61
Redirect Chain
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=463564&publicationId=heraldsun.com.au
  • https://news.google.com/swg/ui/v1/serviceiframe?_=463564&publicationId=heraldsun.com.au
25 KB
8 KB
Document
General
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=463564&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f138.1e100.net
Software
ESF /
Resource Hash
c739881c84f5ef7269be58130c044754c348067bdc496be006974777266d5360
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AE4raHKv7mwWLqV3u_IZeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-AE4raHKv7mwWLqV3u_IZeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Sat, 19 Nov 2022 04:13:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-hp2l04YGLq35G537ciozfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
application/binary
cross-origin-resource-policy
same-site
date
Sat, 19 Nov 2022 04:13:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://news.google.com/swg/ui/v1/serviceiframe?_=463564&publicationId=heraldsun.com.au
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
entitlements
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/
2 B
524 B
Fetch
General
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f138.1e100.net
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="SubscribewithgoogleClientHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
report-to
{"group":"SubscribewithgoogleClientHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientHttp/external"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 22D7
4 KB
5 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.188.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-188-115.kix56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 07:58:38 GMT
Via
1.1 f920006e1f86f00004a3f48be19d9fd8.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
KIX56-C1
Age
72893
ETag
"98d98b3499058b76d58073cf8ede2f10"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
TgLhnPpM-XYCPEDUca-gxeijN9DG6gO532QZ7bK9-dGryzgkhByjAA==
uwt.js
static.ads-twitter.com/ Frame 89BB
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.108.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:30 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 15:55:14 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100040-IAD, cache-tyo11947-TYO
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame C1F8
13 KB
5 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.185 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:30 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 18:52:45 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=44229
accept-ranges
bytes
content-length
4581
js
www.googletagmanager.com/gtag/ Frame 1918
135 KB
52 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6de0f16ccf3011b5e7e64149e2ed8f374d036b631050936ac2d0a4aa57de3b7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53040
x-xss-protection
0
last-modified
Sat, 19 Nov 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 19 Nov 2022 04:13:30 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 1F03
4 KB
5 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.188.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-188-115.kix56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 07:58:38 GMT
Via
1.1 c4fefa035d4e095079e2e6d179023316.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
KIX56-C1
Age
72893
ETag
"98d98b3499058b76d58073cf8ede2f10"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
0llzVY6AP5lP3TuJ5K2P3yPSqdOOwIYsoSu7WCo_ritp6eLAvSjPMQ==
pixie.js
acdn.adnxs.com/dmp/up/ Frame 9212
9 KB
4 KB
Script
General
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.195 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-195.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 04:13:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
3340
Expires
Sun, 20 Nov 2022 04:13:33 GMT
activityi;dc_pre=CJnI-9uwufsCFUSL2AUdMzENSw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8954914827525.986
8228261.fls.doubleclick.net/ Frame 0A6D
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8954914827525.986?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CJnI-9uwufsCFUSL2AUdMzENSw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=895491482752...
402 B
333 B
Document
General
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJnI-9uwufsCFUSL2AUdMzENSw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8954914827525.986?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
cafe /
Resource Hash
cb5bfcb581114e8924f2b48b23419bae9d5fba33a4af67cc8a2f287989c3fce6
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
224
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:13:31 GMT
expires
Sat, 19 Nov 2022 04:13:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:13:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJnI-9uwufsCFUSL2AUdMzENSw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8954914827525.986?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CN3f-9uwufsCFfKP5godSPoFrg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7661949645015.849
8228261.fls.doubleclick.net/ Frame 5C99
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7661949645015.849?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CN3f-9uwufsCFfKP5godSPoFrg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=766194964501...
402 B
290 B
Document
General
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CN3f-9uwufsCFfKP5godSPoFrg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7661949645015.849?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
cafe /
Resource Hash
4767f6da5f94af07ae921a5db08d7eda86b12d30145e31136019a1b53e6d972a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
224
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:13:31 GMT
expires
Sat, 19 Nov 2022 04:13:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:13:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CN3f-9uwufsCFfKP5godSPoFrg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7661949645015.849?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame 02E1
135 KB
52 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6027bb8a977744e6d25514d03466544dbc1c9e5a322a7b9836e88992adacd2ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53039
x-xss-protection
0
last-modified
Sat, 19 Nov 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 19 Nov 2022 04:13:30 GMT
conversion.js
www.googleadservices.com/pagead/ Frame DB5C
45 KB
17 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
103a71dbc1e335cc7bcb983086a8fc6ff522fc13bb72ce004c117368639be1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16828
x-xss-protection
0
server
cafe
etag
17844902292435702305
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 19 Nov 2022 04:13:30 GMT
sync
ups.analytics.yahoo.com/ups/55953/ Frame 66FB
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MjZmNzdlMjUtNDFlMS00ZTkzLWJkMWEtNmVhOWExY2MxZDA2&gdpr=0&gdpr_consent=&ttd_tdid=26f77e25-41e1-4e93-bd1a-6ea9a...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&google_gid=CAESEEzHiZqy9lbo_V_096fcZwc&google_cver=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-G94fachE2uJHG6R4c7Drw8zshYdVsPw-~A&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&_origin=0&gdpr=0&gdpr_consent=
0
312 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
52.74.162.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&_origin=0&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
267
activity
au-gmtdmp.mookie1.com/t/v2/ Frame B95C
43 B
411 B
Image
General
Full URL
https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.202.227.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:30 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
px
secure.adnxs.com/ Frame 70DD
43 B
1010 B
Image
General
Full URL
https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:31 GMT
AN-X-Request-Uuid
0a6018f7-f545-4692-92fa-2bfb7a1749d3
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/
0
994 B
Image
General
Full URL
https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:31 GMT
AN-X-Request-Uuid
c91eb02a-f794-4f99-b1b5-1e3cf0f2c7bc
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/
0
994 B
Image
General
Full URL
https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:31 GMT
AN-X-Request-Uuid
b32a53b7-4f90-45af-b734-97b7c41d6fb0
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/
89 KB
29 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Nov 2022 04:13:30 GMT
13726
check.analytics.rlcdn.com/check/
25 B
385 B
XHR
General
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-73.sin2.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 04:13:31 GMT
via
1.1 a0111b438d5ff26611042379c81df136.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
x-amzn-trace-id
Root=1-637857eb-55e79f9509e1fac619f426b6
x-amzn-requestid
ad0430cd-94c6-4fa6-860c-acef118db8e8
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
b1KszHZZjoEFlNQ=
content-length
25
x-amz-cf-id
hIKCVUoyu_0zPt--hL_bKvUZMeMNOsLDadmyuqbgkg4amqJZVlUhhg==
pr
s.amazon-adsystem.com/v3/ Frame 2F5F
484 B
940 B
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e4f056c81ad12b62530367752bdfdb10c1b7fc2168f4d7a7ddc8d2390fbe7957
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
484
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 19 Nov 2022 04:13:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
3VQ07TNA31R0F65NHGF4
token
cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/ Frame
0
0
Preflight
General
Full URL
https://cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-46.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
age
31068
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 18 Nov 2022 19:35:43 GMT
via
1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-cf-id
9BSTfdX4wOcH9C2FgotFRschUNU1ZB1EkU_4FgtmqBZbTTqRUKzlSg==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
token
cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/ Frame C1F8
36 B
376 B
XHR
General
Full URL
https://cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-46.fra2.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 19 Nov 2022 00:52:30 GMT
content-encoding
gzip
via
1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
12062
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=17652
x-amz-cf-id
3-zQidsM9WikG3HYBs6_0vnq8SNWp5i6Bez6HrOSOZ0nE-fkYKSipQ==
/
p.adsymptotic.com/d/px/ Frame C1F8
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1668831210637&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1668831210637&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1668831210637%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1668831210637&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true&liSync=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=96fc8d88-6679-45de-b8d6-72f0c729e290
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=96fc8d88-6679-45de-b8d6-72f0c729e290&_expected_cookie=3c51a35e9f6bb0c8e03294fe...
43 B
141 B
Image
General
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=96fc8d88-6679-45de-b8d6-72f0c729e290&_expected_cookie=3c51a35e9f6bb0c8e03294fe9d275e59
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
104.18.99.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Sat, 19 Nov 2022 04:13:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76c61d269b89a7f0-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=96fc8d88-6679-45de-b8d6-72f0c729e290&_expected_cookie=3c51a35e9f6bb0c8e03294fe9d275e59
date
Sat, 19 Nov 2022 04:13:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76c61d2559cca7f0-SYD
content-length
0
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 1E61
0
25 B
Other
General
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-_A0KOiQTINq9UnaVLZr4IQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=463564&publicationId=heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 19 Nov 2022 04:13:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-_A0KOiQTINq9UnaVLZr4IQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ Frame 1E61
21 KB
6 KB
Stylesheet
General
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=463564&publicationId=heraldsun.com.au
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f138.1e100.net
Software
sffe /
Resource Hash
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6458
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 19:15:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:57:14 GMT
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABX... Frame 1E61
177 KB
63 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=463564&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
b4bd3b89146811d4168bfe525a981f93d27621b3add12e3836507b9b26e64a52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:22:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63543
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 03:52:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 19:22:50 GMT
adsct
t.co/i/ Frame 89BB
43 B
379 B
Image
General
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=01fad0c7-82bf-420e-af40-0bd5317d2983&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5534cec7-c634-4d16-b4fb-7b30399844f3&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time
149
date
Sat, 19 Nov 2022 04:13:30 GMT
strict-transport-security
max-age=0
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
5af960402fa861c6
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
5a6feca6275bb2a218406b2378938908b8d0f47a6dbdb62a441d770a3c5382e7
content-length
43
adsct
analytics.twitter.com/i/ Frame 89BB
43 B
397 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=01fad0c7-82bf-420e-af40-0bd5317d2983&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5534cec7-c634-4d16-b4fb-7b30399844f3&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time
145
date
Sat, 19 Nov 2022 04:13:30 GMT
strict-transport-security
max-age=631138519
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
7c7d1390433fa953
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
43a9aad42b21d299863075afaefaf8c075300a4bdb89b07223bee7dc97383647
content-length
43
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame DB5C
2 KB
978 B
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1668831210743&cv=9&fst=1668831210743&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
3c4044875180ca6cbf61422e98a09a55fb7e73eb3a0c4e711a2a4c5f239051d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
907
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 99B1
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19436
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 04:13:30 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 19 Nov 2022 09:37:26 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1E61
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=463564&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:50:00 GMT
x-content-type-options
nosniff
age
221011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 14:50:00 GMT
integrator.js
adservice.google.com.au/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
132 KB
36 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1613149616408091&correlator=4363656580479897&hxva=1&scor=2856115688698528&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ifi=1&adks=1616217045%2C2956706420%2C1415436295%2C1982096792%2C3785065344%2C3544675803&sfv=1-0-40&ists=1&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D82883654-67c0-11ed-a53f-0ab5b06f5b88%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D82883655-67c0-11ed-a53f-0ab5b06f5b88%26vw%3D40%2C50%2C60%26vw05%3D40%26grm%3D40%2C50%26vw10%3D40%26pub%3D40%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D82883656-67c0-11ed-a53f-0ab5b06f5b88%7Cpos%3D1%26refreshed%3Dfalse%26id%3D82883657-67c0-11ed-a53f-0ab5b06f5b88%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D82883658-67c0-11ed-a53f-0ab5b06f5b88%7Cpos%3D1%26id%3D82883659-67c0-11ed-a53f-0ab5b06f5b88&eri=1&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3Dbfe2ef30bb338b9eedd84e8ab566b718%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26pid%3Dnone%26adl%3Dfalse%26abtest%3Da%26pvid%3Dbfe2ef30bb338b9eedd84e8ab566b718-00000000000000000000000000000000-1668831205259-292304%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&sc=1&cookie_enabled=1&abxe=1&dt=1668831210986&lmt=1668831210&dlt=1668831202608&idt=4236&adxs=436%2C1123%2C1124%2C0%2C176%2C0&adys=48%2C462%2C10561%2C11794%2C4315%2C12514&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=20&vis=1&psz=1600x134%7C300x276%7C300x250%7C1600x720%7C1248x0%7C1600x12532&msz=728x93%7C300x276%7C300x250%7C1600x0%7C1248x0%7C1600x0&fws=512%2C512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1693765956.1668831211&ga_sid=1668831211&ga_hid=509562622&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
878c839873d61a899be69e9b1487aa3c41210476cc7cf6b51c3c674fb5d272c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37276
x-xss-protection
0
google-lineitem-id
6088428382,6088428382,-1,6088428382,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138413026295,138413026298,-1,138412773756,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8ED8
6 KB
3 KB
Document
General
Full URL
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:13:31 GMT
expires
Sun, 19 Nov 2023 04:13:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
up
insight.adsrvr.org/track/ Frame 9739
982 B
2 KB
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
085655a9980308b3424ccecea3c3d00db9d06bdf67e9e373774aed8a9abb939b

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 04:13:31 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 1918
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1668831211047&cv=11&fst=1668831211047&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&auid=1319331298.1668831211&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
07fa88d1d17b2bcd9ea0c5363741374ce7942356014e28cbf3bb4d68fc7c78e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
860
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
up
insight.adsrvr.org/track/ Frame 9331
982 B
2 KB
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
92045fcb8f980db16e7ee76e0d19bdcf17cf037c7ab37e9baf2c64eafd080df9

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 04:13:31 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame 02E1
2 KB
927 B
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1668831211087&cv=11&fst=1668831211087&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&auid=1319331298.1668831211&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
8035b93ca722dd5f7d39c4b49ac60c0387a2aa2b208818c01ae211fff0bc8af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
860
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 9739
487 B
964 B
Script
General
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.188.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-188-115.kix56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 15:17:37 GMT
Via
1.1 c4fefa035d4e095079e2e6d179023316.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
KIX56-C1
Age
46554
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
YfQukAMltIyWwdIe3bRF61adDLDVaSTLE4IMvfF487wfvdCqIoBnyg==
PugMaster
image6.pubmatic.com/AdServer/ Frame 99B1
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=18354794&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
040cc79a6b38407c7193079f5bd34ba27527ff3ae349f170257584d0a297c233

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 19 Nov 2022 04:13:31 GMT
content-length
1652
content-type
text/html; charset=UTF-8
dc_pre=CJnI-9uwufsCFUSL2AUdMzENSw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8954914827525.986
adservice.google.com/ddm/fls/z/ Frame 0A6D
42 B
107 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJnI-9uwufsCFUSL2AUdMzENSw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8954914827525.986
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJnI-9uwufsCFUSL2AUdMzENSw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8954914827525.986?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 9331
487 B
964 B
Script
General
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.188.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-188-115.kix56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 15:17:37 GMT
Via
1.1 f920006e1f86f00004a3f48be19d9fd8.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
KIX56-C1
Age
46554
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
qXGq_rVHYyN_XmmbH61RGpScoweJl9-93AJwQ633eUpgC3Zszf49LA==
dc_pre=CN3f-9uwufsCFfKP5godSPoFrg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7661949645015.849
adservice.google.com/ddm/fls/z/ Frame 5C99
42 B
262 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CN3f-9uwufsCFfKP5godSPoFrg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7661949645015.849
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CN3f-9uwufsCFfKP5godSPoFrg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7661949645015.849?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixie
ib.adnxs.com/ Frame 9212
42 B
351 B
Image
General
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1668831211316&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1668831211316&et=1668831211316&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 04:13:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
tme
lm.serving-sys.com/lm/
0
186 B
Ping
General
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.8.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-8-30.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
tme
lm.serving-sys.com/lm/
0
186 B
Ping
General
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.8.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-8-30.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
event
prebid-a.rubiconproject.com/
0
125 B
XHR
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.92.111 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-92-111.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 04:13:32 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.92.111 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-92-111.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sat, 19 Nov 2022 04:13:32 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
usermatch
ssum-sec.casalemedia.com/ Frame B399
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63705d2ac344689f765757c92ef9366d3a3de9fd59350e3558409c7cd05a2745

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76c61d20cb16a973-SYD
content-encoding
br
content-type
text/html
date
Sat, 19 Nov 2022 04:13:31 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Op61CB8KbvCmmhDOJ4Ifrhrux0tYsiEho3xSyAtAKAHIVeZrTKwymjho6CCNDx0jo6YIEGJbpQKy2cOe42jfPiEcSNQgSbjbQ3ciOZuzVvA14WXaLLJVqpvJ9jMR%2FNLi4lsi8Sle6Z3r8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8526
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19435
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 04:13:31 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 19 Nov 2022 09:37:26 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A803
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.195 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-195.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 19 Nov 2022 04:13:31 GMT
ETag
"623de86a-cf34"
Expires
Sun, 20 Nov 2022 04:13:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame F37C
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.58.244.87 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-244-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Nov 2022 04:13:32 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 0EBF
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
414
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
76c61d20dc74aaff-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 04:13:31 GMT
expires
Sat, 19 Nov 2022 08:13:31 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=7870255768103140305
43 B
60 B
Image
General
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=7870255768103140305
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:31 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
70551982-0984-4ab9-bc10-170d0ecee5bf

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:31 GMT
AN-X-Request-Uuid
110f9f96-0259-43f3-92e6-9fd181ad90d1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.playground.xyz/usersync?partner=appnexus&uid=7870255768103140305
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 5BB9
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&r=https%3A%2F%2Fmatch.adsrvr.org%2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
70 B
690 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 19 Nov 2022 04:13:31 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 19 Nov 2022 04:13:30 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
rum
dsum-sec.casalemedia.com/ Frame 405E
43 B
766 B
Document
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&expiration=1671423211&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 19 Nov 2022 04:13:31 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
pixel
cm3.adform.net/ Frame 005B
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://cm3.adform.net/pixel?adform_pid=3&adform_pc=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8&adform_v=1
43 B
163 B
Document
General
Full URL
https://cm3.adform.net/pixel?adform_pid=3&adform_pc=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8&adform_v=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.21 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
43
content-type
image/gif
date
Sat, 19 Nov 2022 04:13:33 GMT
etag
"5e73c678-2b"
last-modified
Thu, 19 Mar 2020 19:22:32 GMT
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 19 Nov 2022 04:13:32 GMT
Location
//cm3.adform.net/pixel?adform_pid=3&adform_pc=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8&adform_v=1
Server
nginx
generic
match.adsrvr.org/track/cmf/ Frame F977
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&r=https%3A%2F%2Fmatch.adsrvr.org%2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
70 B
690 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 19 Nov 2022 04:13:31 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 19 Nov 2022 04:13:31 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
/
avd.innity.com/bounce/ Frame 7757
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://avd.innity.com/uidsync/mapuid/?pid=689&puuid=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8
  • https://avd.innity.com/bounce/?%2Fuidsync%2Fmapuid%2F%3Fpid%3D689%26puuid%3D8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8
43 B
452 B
Document
General
Full URL
https://avd.innity.com/bounce/?%2Fuidsync%2Fmapuid%2F%3Fpid%3D689%26puuid%3D8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Content-Length
43
Content-Type
image/gif
Date
Sat, 19 Nov 2022 04:13:33 GMT
Expires
Wed, 04 Aug 1985 12:59:00 GMT
Last-Modified
Sat, 19 Nov 2022 04:13:33 GMT
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Pragma
no-cache
Server
Apache

Redirect headers

Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Nov 2022 04:13:33 GMT
Location
/bounce/?%2Fuidsync%2Fmapuid%2F%3Fpid%3D689%26puuid%3D8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8
Server
Apache
rum
dsum-sec.casalemedia.com/ Frame FE1C
43 B
766 B
Document
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&expiration=1671423211&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 19 Nov 2022 04:13:31 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ZT_YJdSPgzE.L... Frame 1E61
135 KB
45 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ZT_YJdSPgzE.L.B1.O/am=JgMABA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI62EJXJ0_yV0gNE7fl0Gu5fDJ-9OQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
f6119043c5e00b7e1c5316e5aa030fee8c6a98501427ca196cca517d3cb1763e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:35:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46280
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 03:52:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 19:35:19 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B43E
2 KB
1015 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3170f52c670a0185c1129b7947e6645fb628a91db6611e119d2e369857b712dc

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76c61d219c5fa973-SYD
content-encoding
br
content-type
text/html
date
Sat, 19 Nov 2022 04:13:32 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0V5xhsj68LYzkftsLoIH%2FpMxpBdBcWZdOz0JqIYO%2Fh5FKDgRH3ldsuRMIppw%2FECgePuw%2B77FXmItxutKoBp0DaJHlR0yfcik3ADTkDmgdHl3Nw%2F%2FYRmW7FumivH9HkkAY3yA3HKc4yTtEA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
match
c1.adform.net/serving/cookie/ Frame DD8A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&gdpr=0&gdpr_consent=
35 B
467 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 19 Nov 2022 04:13:32 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 19 Nov 2022 04:13:31 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 012C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1d46378-57ec-4800-8d70-5a76eca4c044&gdpr=0&gdpr_consent=
42 B
325 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1d46378-57ec-4800-8d70-5a76eca4c044&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 04:13:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 19 Nov 2022 04:13:32 GMT
Expires
Sat, 19 Nov 2022 04:13:31 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 169 32252b7 master hkg-pixel-x19 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1d46378-57ec-4800-8d70-5a76eca4c044&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 6D37
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 19 Nov 2022 04:13:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
Y4J9VTN6JGW38JZBT0DT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 99B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AOpfuXGbSnGg-x_Huam4Pg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
10 KB
10 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:32 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=19434
accept-ranges
bytes
content-length
5549
expires
Sat, 19 Nov 2022 09:37:26 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 99B1
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDAwRUE1RkI5LTcxOUItNEE3MS1BMEZCLTFGQzdCOUE5QjgzRRAAGg0I7K_hmwYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=3f7e0e1bc96a5303cc38ac54e049ff595d4f0251d5fb287374ab5c5dbdc7715b791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzZjdlMGUxYmM5NmE1MzAzY2MzOGFjNTRlMDQ5ZmY1OTVkNGYwMjUxZDVmYjI4NzM3NGFiNWM1ZGJkYzc3MTViNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzZjdlMGUxYmM5NmE1MzAzY2MzOGFjNTRlMDQ5ZmY1OTVkNGYwMjUxZDVmYjI4NzM3NGFiNWM1ZGJkYzc3MTViNzkxNDI2YjU0MTdkY2UyMRAAGgwI7a_hmwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=5473304b-9771-4ace-948d-f0972f018614
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=5473304b-9771-4ace-948d-f0972f018614
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:34 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=5473304b-9771-4ace-948d-f0972f018614
date
Sat, 19 Nov 2022 04:13:34 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 99B1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f9846378-57ec-4a00-8c02-1a5299d64253
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f9846378-57ec-4a00-8c02-1a5299d64253
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 19 Nov 2022 04:13:32 GMT
Server
MT3 169 32252b7 master hkg-pixel-x18 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f9846378-57ec-4a00-8c02-1a5299d64253
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 19 Nov 2022 04:13:31 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 99B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDBFQTVGQjktNzE5Qi00QTcxLUEwRkItMUZDN0I5QTlCODNF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 04:13:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 99B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKhJMt-aSH81AKSGbcruVOs&google_cver=1
42 B
376 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKhJMt-aSH81AKSGbcruVOs&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 04:13:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKhJMt-aSH81AKSGbcruVOs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 99B1
43 B
612 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.142.175.23 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
23.175.142.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:32 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 18 Nov 2022 04:13:32 GMT
00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 99B1
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.128.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-128-115.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 99B1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&gdpr=0&gdpr_consent=
42 B
97 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 04:13:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
esp.js
cdn.id5-sync.com/api/1.0/
58 KB
17 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
848360150c7285fb18cb4639a4bb09a3664499b3076d27648f1fd1ff8a7f538f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 10 Nov 2022 09:46:31 GMT
server
cloudflare
x-amz-request-id
6BEARFGRENW3B8VM
age
274
etag
W/"903cd4a80ebccf0d9e448e2b133b585d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
76c61d21c9e1aabe-SYD
x-amz-id-2
XYjoTevR2F+iNS8fUzTnkYrk91aPgxeNla7sWso74QdK942z5ZLJrUPoajPjtF7hF89BZCuQwtI=
view
securepubads.g.doubleclick.net/pcs/ Frame CAA0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFQoCIIvyX95pYhk5V-wGxPv7qtb_6T4tgxCiw-mVRkpfjXptpFijZvi_94U0n_5LN_EbPGi5Kg3SARA-RYy_NqGkQux7-4WN_5mI4bSAKyyLB_3ji3VT4bz2j83v-gWW0xQ3dZRlIDNY1LWC7tytohUq5kcf_-lonbjQxmMCsNKPOE1ecxIi0ChKDE-czzBIF7JR78wEMsQDRrAfDsAh1y3IkhpXyn39uXkkkoroajiJunaosZKaXqN1vDTtRudy4Er0gczylU9QCAKmF4HSBUIvrdV29eqTRt3OUvDZm7H8LK2myn5u5ztAhBX2kubsmOAoTcCjZY20Vll5ouBQp&sai=AMfl-YTtIC3wMxsSIQn6JO6i11B2AG8e6tvA7tAFqPRlN_wRvoXHT5KIS6FJZOk43_uV_x-dngVD4r8pVVL_-oL67qgZSH4f_XD3agLIS12DPQ4FPyZZDIQlr7INiki0Kyo6rg&sig=Cg0ArKJSzCKmhfNsGEDWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
invoke.do
invoke.bonzai.co/mizu/ Frame CAA0
9 KB
10 KB
Script
General
Full URL
https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=2667891553612180355&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=266920143196706123&rnd=1343796421
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.70.29 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-70-29.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
0c589b3023cbbd607b573f78e7dc41332c4bb0a4fdf8e34672c91e830ee1cdf4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Sat, 19 Nov 2022 04:13:32 GMT
server
Jetty(8.1.7.v20120910)
content-length
9620
content-type
text/html;charset=ISO-8859-1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CAA0
154 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:13:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3789
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4kF3mcqLUO5w2Nb9P1zvILxBlOGjrjoCA2-AeVXSNiSTc8dzQt_SYzRGUQlyXUaGM-ASVHXp5NT-NuZkx7WPs6dNDPYNXaVA1XpCXN3wisuR_QHzgUo5yjOhYZW9tGViz6RxbhM6z85FNEk7lrJB5cW602ag9lsWX6mLCTMibw_ni6FbFFiESw0Espsyp3iS2hMrlFzYLTLC1AkqO-ceJ5THApiUh5Wczp1zWSslZO5Df1y_18pe7TYDzz_oJdBpdz0KTA7Kufs1usFdojL8eh9RdnWsTjJk4GMJ-1XrNP6LyKkhdPFM5Cr3cUmveemMSyWuF35vt8xyf0NreACTG&sai=AMfl-YRFXUU9B1DJdYuxoAA__xgtEHJFxS0AJnX4PsKt7fUXorgGa3dwtRqLvawr_6ZtAPSGy-H4w28wAkzeZEtjMeCzWpyInCf_CHJuIZT9zDsEYjQ6_Rk9yti7sW0ZmMRViQ&sig=Cg0ArKJSzDpHlq4uaraNEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
dcmads.js
www.googletagservices.com/dcm/ Frame 3789
28 KB
11 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:28:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:28:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3789
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:13:32 GMT
async_usersync
ib.adnxs.com/ Frame A803
0
747 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:31 GMT
AN-X-Request-Uuid
4570e836-ff8c-40cf-bbbc-2333fcc2c720
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame B399
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3hX6Na_JlG83cbzRPQ1RQAAEo0AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED_FHTmskTIREB98iNJafW8&google_cver=1
43 B
876 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED_FHTmskTIREB98iNJafW8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsauHRG956cra8mq95j9sGZWr06PQlC1ON0yBKQg5gMGrUdGXZ5x8m7HgL%2FXHOyDB3Y6O26NZcIXt1XtCgF1pITg3ReJfuzwoxwOhx4d7q6rOlm5uWOmUmHCJdfC5g3vz9PLWTqlXPksog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76c61d242c15a8bc-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED_FHTmskTIREB98iNJafW8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B399
70 B
690 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame B399
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3hX6Na_JlG83cbzRPQ1RQAAEo0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CC2MT1GZZ8GRRMCSQ55D
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B399
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3hX6Na-JlG83cbzRPQ1RQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B399
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=_Svn7znXSxFNOfBUqkEPQ6310aU
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=_Svn7znXSxFNOfBUqkEPQ6310aU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=_Svn7znXSxFNOfBUqkEPQ6310aU
Date
Sat, 19 Nov 2022 04:13:32 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame B399
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=pLyNl6e438y_ut6epL6XnKDt286_7tidoOvSQAs0
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=pLyNl6e438y_ut6epL6XnKDt286_7tidoOvSQAs0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=pLyNl6e438y_ut6epL6XnKDt286_7tidoOvSQAs0
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum.casalemedia.com/ Frame B399
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7870255768103140305
43 B
870 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7870255768103140305
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8YOREiRPhPWLKcU38lGHpyCDB960vHcfXzY1Tg2lvg9dhS7ia53h6xLX9KHPPH03JutY7FA8qXenmx4kVlIZkhv7kuTifFqZTojuqF4C%2Fig7zarYxU66w%2FWBQsvnIw99Wf6PheS"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76c61d2568fbaacb-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:32 GMT
AN-X-Request-Uuid
f0a700cf-ac9c-4f62-b354-3550e49aaece
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7870255768103140305
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B399
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7870255768103140305
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7870255768103140305
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:32 GMT
AN-X-Request-Uuid
f55ce9bd-d2a6-49e5-9b3a-a746432573ba
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7870255768103140305
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
mfad.inskinad.com/udb/9874/sync/ Frame B399
43 B
577 B
Image
General
Full URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=Y3hX6Na-JlG83cbzRPQ1RQAA%264749
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.52.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-52-228.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
undefined
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
43
x-served-by
bifrost-production-shard001-us-east-1a-i-09016df2ed09e7e58
container.html
e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6E5E
6 KB
3 KB
Document
General
Full URL
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:13:31 GMT
expires
Sun, 19 Nov 2023 04:13:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 51BB
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvA3Mj-xn7caIHZAdtzpsLPSbCQ4ZvrAuD3KLzC804Q45X4A30KJteNbpbNjXqeJFmxeNneDRVuzPQzgK7HKPSBlmDFELLnSPmymDEAfDxD5nyrFkDwzCR0oNm0rJNLaI5PLG5DP55ZEN-IflGrADZo88-l1ULCRTHFQc4NzfzdQR7e5cLN-Dx9TiYYNG394PEz1ICFNtzPoPQzKJpJoepGOvz9k-6DE9vc-uupxOawXgGKVo-Ry0U4dBeSy39enKTxvhJvlfjvottR9ti70IJHaeIV5f9oPh6h-61W6R-y_YFe5naGw1maC3J0HvW2YrL3ETQWTi4xnUJNRqU_RkfN&sai=AMfl-YSdd74ltL8sdwESYVxUBLocSnORZxTnrYolWOfNx1yBkumYNYZxyRRX1rGDZRRxFnlWtKWUomTHOm7OcZTBJ1F15V4umqt2mFvWwtWrEYpxYc4MsZzJP6SBlPcGxIgoGQ&sig=Cg0ArKJSzGuXECK3GYStEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 51BB
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:21:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
42710
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:21:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 51BB
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
42740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:21:12 GMT
l
www.google.com/ads/measurement/ Frame 51BB
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsCLXBBeP5fzyv9ZZHGpLSLPvObH_f3fUGNQUFMOZjTMdnz7evLK1OxSppkjCpIc5e2aVDlDOxTHp2I5jjpqGxs9-K-Q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 51BB
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:13:32 GMT
9682221703987969050
tpc.googlesyndication.com/simgad/ Frame 51BB
95 B
442 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9682221703987969050
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:50:09 GMT
x-content-type-options
nosniff
age
26603
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 01:21:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Nov 2023 20:50:09 GMT
container.html
e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 81C9
6 KB
3 KB
Document
General
Full URL
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:13:31 GMT
expires
Sun, 19 Nov 2023 04:13:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/707564276/ Frame 1918
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1668831211047&cv=11&fst=1668830400000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4124927355&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/707564276/ Frame 1918
42 B
108 B
Image
General
Full URL
https://www.google.com.au/pagead/1p-user-list/707564276/?random=1668831211047&cv=11&fst=1668830400000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4124927355&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/820018408/ Frame 02E1
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/820018408/?random=1668831211087&cv=11&fst=1668830400000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4186301870&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/820018408/ Frame 02E1
42 B
548 B
Image
General
Full URL
https://www.google.com.au/pagead/1p-user-list/820018408/?random=1668831211087&cv=11&fst=1668830400000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4186301870&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/859754747/ Frame DB5C
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1668831210743&cv=9&fst=1668830400000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=1877304245&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/859754747/ Frame DB5C
42 B
108 B
Image
General
Full URL
https://www.google.com.au/pagead/1p-user-list/859754747/?random=1668831210743&cv=9&fst=1668830400000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=1877304245&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
increment
id5-sync.com/api/esp/
0
329 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sat, 19 Nov 2022 04:13:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
Y3hX6Na_JlG83cbzRPQ1RQAAEo0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B43E
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y3hX6Na_JlG83cbzRPQ1RQAAEo0AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.128.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-128-115.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame B43E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=21716378-57ec-4100-90d0-4d398c6bffac
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=21716378-57ec-4100-90d0-4d398c6bffac
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 19 Nov 2022 04:13:32 GMT
Server
MT3 169 32252b7 master hkg-pixel-x22 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=21716378-57ec-4100-90d0-4d398c6bffac
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 19 Nov 2022 04:13:31 GMT
rum
dsum-sec.casalemedia.com/ Frame B43E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7481973582026346771
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7481973582026346771
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7481973582026346771
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Y3hX6Na_JlG83cbzRPQ1RQAAEo0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B43E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y3hX6Na_JlG83cbzRPQ1RQAAEo0AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y3hX6Na_JlG83cbzRPQ1RQAAEo0AAAIB
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y3hX6Na_JlG83cbzRPQ1RQAAEo0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
18.141.128.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-128-115.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y3hX6Na_JlG83cbzRPQ1RQAAEo0AAAIB
date
Sat, 19 Nov 2022 04:13:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame B43E
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0864220407de434a988e1985&expiration=[EXPIRATION]
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0864220407de434a988e1985&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0864220407de434a988e1985&expiration=[EXPIRATION]
date
Sat, 19 Nov 2022 04:13:33 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
tp_out
d.adroll.com/cm/index/ Frame B43E
42 B
181 B
Image
General
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.150.143 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-150-143.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:32 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame B43E
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1684469612&external_user_id=e4012292-057d-4f7f-b41f-234a05fff162
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1684469612&external_user_id=e4012292-057d-4f7f-b41f-234a05fff162
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Sat, 19 Nov 2022 04:13:32 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1684469612&external_user_id=e4012292-057d-4f7f-b41f-234a05fff162
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
ibs:dpid=23728&dpuuid=Y3hX6Na-JlG83cbzRPQ1RQAA%264749
dpm.demdex.net/ Frame B43E
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3hX6Na-JlG83cbzRPQ1RQAA%264749?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.189.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-189-161.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v042-059a81b83.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
M3Ef0fTfRz8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
htw-pixel.gif
cdn.indexww.com/ht/ Frame B43E
43 B
353 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y3hX6Na-JlG83cbzRPQ1RQAA%264749
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:32 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
20611
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c61d2538ebaad8-SYD
content-length
43
expires
Sun, 20 Nov 2022 04:13:32 GMT
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ZT_YJdSPgzE.L... Frame 1E61
1 KB
739 B
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ZT_YJdSPgzE.L.B1.O/am=JgMABA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI62EJXJ0_yV0gNE7fl0Gu5fDJ-9OQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
ba8c3058c6d474be354158989412b2ded878b66af54256ac5bc39a8b76e381d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:35:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
713
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 03:52:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 19:35:19 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 1E61
583 B
439 B
XHR
General
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=865198276001873784&bl=boq_subscribewithgoogleclientserver_20221116.06_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=15213&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f138.1e100.net
Software
ESF /
Resource Hash
9e52b7301629f97c1efa5b8dff86ec52b954b2478bf79d6a3b427ae0fa23e43d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 19 Nov 2022 04:13:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame ED73
624 B
307 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNT3xAIQ_or1Ahj5uLHYATAB&v=APEucNUP2q6YHUmWt23wBXh90tKpMTgevChxAsZnUroWZYYDYT1iyA6TAhsDOk5IDiPZxon0Fsd99YRdlWT-Z5t5VuzsVFK4Ww
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:13:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 6E5E
67 KB
33 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDitqVcE5F4rjjpet48nKy7ZWkVifvYxhvc_sRT961A9Ag_yUTHQ2UWuxJlNklvE5S5-insoLD4RDblILiDSwywRLaS1Gw_emWDDPilTo3rB3IyiH8p5QujprdCzmguC03EOnu828bnfIWUWtM70MRMn-7EeMhBJlFKyJJGVdFw9EKtd0&dbm_d=AKAmf-DBbznipkqJ1glJE89FgPmXbf7OkXGvN9shJvcciqJ8W_je-hVvZW8qPvz6zhElWBZZ7VYZmEyDZHxPEWJ-i3lOLmEq6j69z9F1NKn3AGqCyHfSn7WdLkMEwpIQEygNHKuIobM_u-_RyB6-wqp8QG5Y8Mhi9jHK9skvnoJfXtLr9VzSS3jMPU5Y9wTsrSsShklXrWgMedhKfUTafsUyzWnLMvwCwFe9B5p5bv2Isi9qn8nX1WMYY_kvsvyohyljbSLDcaLZL2fRkx2gekKyQkwUa1XJFjW1nCWtdDe50EClNYKrOwkDXcZQjxM5roqdwpOT0jg5Rpcab31r8m63GhBsBqeeU-n28hQ_sKFx45b5Akl-2yeyMmxjUPBcZ8yhOs_I7IOOqKPJrn9yIKA9R4zmLOQbl_Htbh4P0RaUizoYRKqmY5_rV7T0AdcwqitoZutNXym5-4jOjTVBOCg_KhOwpkyZhnjcR3SghzsiTL0aKEW2-9_nomBh4PAK_AL0u4mOnLfAG8wMFU2sDns0EA5KeBRHZxBR1RBzu4suyIiuU6THFPmLbCIrqF_Z9MQBLNoxReXzywdhjeztQRVhyyPqxoUXlhLYUWdpOPvkpmb2XjcGaqioa3NcKAO8p5FP310Dn2-SxtsRgfmHUxB-Zyiu9_7Unhytnez08kRfwuAGrbGnneHmJmnYRokxv726ACb-UxMfOnXDPYGspHBnEy_YyCbmQ_ucgwat5RVegREsH84rnYmOIjCbxl2Z_KgvcbKup_81cTVCvnzlwvZC2_fNvr_7HLDyG6vSapb0O9dP-sdBeV83HKK3SJ15KydxJv7_HxEvrL4b2sVvduDzt589q1piDVPYDIaxCUiWKyXw5ysrJ0QdVNVwEKDYlUYBqqG0Tcq1aUx6ebvRbPqxNFn9xZybMMkW9den_dvARwbad2dMR2CFZP1VhMLQKY_vLPRvlPjfiFfx_3ps0VM2O9qga80av8mtqcFpJ02DzK73pe2u_pDSFNL-_b8h-96YEPnppnIn1YAqG1RibgAQeB3I-6pHSsVyR_pkE_RJzBqPILi02NjNQcrjLB1attc1FAeYCiPSW1nI5R6TMQkDyrTJISdA-z7cnPv3IvTVjLgf171s20hrtetBAXDaA212Xw-Ns4ZvhwdkeQMYS3G0TkkNlE_dUZRulor9UZRrEcyDt6HRtx7Co-74Lxt9R3qnDLdszNvGUIHW_yjUk6vsDzk9EragSGR9YjSuwG2tKaJVpe1EcWlLSUriwOi0VF0mMcEtdZlKFJLvG2i9Zme0jHvKgN-aV7vr_dN8git5etd9Daub0c22TR4FdXaiHSBB8pcru4gcYVzpDW19U6sLdJU5RCq0PtRYRm2xq6wxvo5bwHJbE8LcLCSCnwlgxMKSdtq8UZsfYMMJ4wKlRN1sWKkGPPxn-zBYgoNOyfK3DjX75EJ5QCQmcFeDOf6ExpRmSetFBsWuwUy1owWhleaczyK7YOkF-ROGIFw3ySl5QaCffP75tG2PGaJtxDNXdeCTYbkjLR-q69kE83xgcMsWkVEw6uIQKY7rjIjikDR-Q313d-8Ougb8RmQamGMk8-ciZmryeUpw_N8aGoPqupM-6h44gQ33S8Ch8DGaa6Umc8W1ZOde7y0Rm9gxDR5wcZ3zFhb1kq7tSFWJaybJLXQCJ1Vr5qjbM1Jg_Cu6dpJG1EtP4xcZ_cGm_1yj1M-swnNZPuFsdP_DVl5Sf3gEZCGzuypkDLDXR3iaO8UKSvi07a4_R2rmmTa859qw1TdMWKCuXYnoVzPWhtSUavOrPVtDmNcWw68S6RzhWJyR10oG168axSnDRVszwpmP01vPn5qD4Zzd6D1Eity7lm2cz1ac2KSIxbP_xY3IyUGuxVQoDpAFFsxBUFxSMbsPdMh3lt1rP79bWxrPEvxU49R4xjRn3-iNSXg5yYrrGknjis8efXp8iaaNhrAPoDJ1va849SP8g7bgY0gwAqhlXcg1wTH3i6ax3g79K3VVGcLjc0i7tUE3i35Q5j7x_xGNbGi-2LJX223VhEohw_PIVBFagjbxwkGTL7Ndc9Jf2hyuQq0BHvsVJ8NM6E-au3_tOkOAT3IvYCTgyvao_8EtSomCqFHQQuC6ybUZYRvuSEk_9BiW7IlNPzJzfm9ep5LbrQ8vjLGvhuCrrLdhBpfJ098w4UxZ64zPtWKhyWmrQad5fLyMDG8dDyqT1-EucyO3dIqPNy3Xmt5nSnwaLF5pJyq5EfVgXiUOXjuPOWVvrNhJFgTF1XAEmaR12jzj2blrXVhn2dQhpkB1lpkyXariiK_qDeT_-OXlnKqSqH6PqjwJG_Qx1Jxk43iEoEbI9s74PAPQqpOvZDzAaFscH-ths--5OFb_mudWolfIvgsF-GO5byA8qJd56hLmaxhmua1Q7Eh0RMfeXw1zHiOJM5UL9u-LV-apAcUc9rOF2tEcYJkZPnfkkImoJT_1blKACNOUAZnqcr9d1lf5_56HH8o5IfONsBM4ppcHfVDjwm-6bkAMspk9G9fryLUxH-EgHJ3cA0PaYGZcx_nFsb1ay7Mmr1aPXuiQoN6NNGB-OWq0cMW59kRlflVVQQCCQbMBWHSsyoGwlsWwKSpcrBG-X-0nj5Ezfw3fovHRATYimhz8c6ggrAGCAtGpb2ixkQzVxuep6seJpfvf5KlF1plfAVKxssygngxSxTUszS4fxjYGs_UxoIWNeZOSixTzsLDIW8D4FSXHO2ceyi2TZhCDHjnB07K8-QMzDjemJ8LKnUcvVO22kpKI6cQAJgRWbbr7877lcGk5oJsbsfPDv7XJdc88sFJ3EI_JpFVGDwBkPA94ZME9_lKdaNT6Y30opRss8JjtYK7GVNt_ycEOkz9c7VfdJpe0CW9LMn2OLphLkcy6Nq103-I0zdVUglKQ64DZZTuRIIkC7GbRFs8vgMEm7MvF-nJYskBpWCuqP6RyS_E9Xnetq3rt6uYP4GF8J8PVgC4hHC3mokKskjVgv70fNS2xTyKvZZeV_QmN-SqoCJ4_BMEoyQDtmypB292A0VpNEQFnqJuZpeycJP2h3W4fvvksFChvGKSopA6TXkNJhAQFmOoQpb5e3kdOBdGHGM2TVdVBk1tL7jjyTwl3iO536-vrr06B4qyXP2zgHzjigKM13IbtDIUVhWuU5mu3DqnfnZ60dDTcG9P9DZFpK1sdZuQJprDlj7HON7y4ggSv6g&cid=CAQSPADq26N9tufG-leXgmdLOGrEYOkZaHwwcMmOo7qC_vC_r3hjzrasRVxF3bMkagWKP3XZYKH-YgCKmcwwHBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
276d9995ab4bc21118c5ca5f3b03a461e9a4c00d3414612cecf73cb50cdfbf2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E5E
42 B
173 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-An2BGjFjJYHWnFCD8unA5vFepkNQya83Dd7-WT-TZmEnzcxY1sff72cN_Ow3EdT6eVw8TIUUKxZghMLTeriXe7R6UqDv7d9WRjYU91zinzT9dgxGo
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6E5E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
42740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:21:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6E5E
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
42740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:21:12 GMT
l
www.google.com/ads/measurement/ Frame 6E5E
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWr02LGgvXtQk08K0w8bgwC0lAlyPl_FY1JOrC7rHSEFqjsUNoFfqU90dBuji6EHd9lmRz86VPUauLenIBaWKan5_iQw
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6E5E
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:13:32 GMT
usync.js
eus.rubiconproject.com/ Frame F37C
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.58.244.87 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-244-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
24f9eb501b7091efdda1c8e6599f576de3dcf3b4bfe58777fd5581344a76c07a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 04:13:32 GMT
Content-Encoding
gzip
Last-Modified
Sat, 19 Nov 2022 03:33:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83967
Connection
keep-alive
Content-Length
10066
Expires
Sun, 20 Nov 2022 03:32:59 GMT
impl_v92.js
www.googletagservices.com/dcm/ Frame 3789
60 KB
23 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 08:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Nov 2023 08:32:25 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 60E6
624 B
285 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLmAgqYCEIen57ECGLOQuckBMAE&v=APEucNUpasIY6iYpn1xc9e5iKEyvTVM7rUfY_rrmGvUxucNadXW95PO8a4U5gvTMfdGkXhFxm1Jfo0Kow2n5oW16jBQXBFtvbA
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:13:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 81C9
69 KB
31 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYyjhuoiAXf5MU9u2KuKvpulry4edL4fx44rr06ka5NX-OF0GaXP-mC4UK7GHrwhbjkdFGp_N0Wfy6AxfN8CKS7CA6DA&cry=1&dbm_d=AKAmf-CmkdHk7XnkuZGIyBrHn_4jWUEi0DmRu2ZwclNSDnb3w6qHIfbiN5fBE716kMF6OVxsO7HmjSzyP21oP1ilDzQOBS7o6JjXnjEenGBf--MivcGNrgDWBjEUwWRLXkzpRscgmo_0KXxFBcIpuGOcDWXWvRlIooc9zF3P4G-_x3aXFVG1M-n7psMOuBxL1EQtdhsbxzql7KB8deUiFmZyNzvsGXYG4rCiJRafSxuDCsY4Xg50ZZ-UdK5ZARLKA_XM1YAuiLORBjRoUc1FGbgMvjIEgcoVxMKO1G7dYJoFJi2YBJRypc2vqt-pf3CtAMfVyj1Vm3Fse6I4sA_d_Jun8jMVOtP_YLLHM9wcCR_HVRhqL_Y9-vam6xBBSphobyYFo9VTHc6j-S1bq7tg-XRitAkfb1cjA89hG0IF_fYzHUpR0wkRDfeZppVNo9riFSw65JbKzz9x_Vp5RMHasfX9CpZfbPp1IhEqZa5Qk0IgPQrpdeSr-z2cUee3NwXATsfptCDLRNgo6nPDalpoDHTlhEwJ3uHBaS9JjpcaLGaY1aVocHfK68shUGmJ4GQaMBJ994vqpMdGlm8OAkkmf6ZqMPbp8jlUEzfdXD7t53ZaY3JegrgXotZZwxVdoTRzCq9DaWAG7hGTHVG-A1M5QtzRnAcJizhwRPXWIP0hM7ADoVJ5L0XGTerQQ4JCDh5gaBYBoVw3g2mBlia2h62UU52HgqPYFYzNyvrtRwUehMjPRsc2rPySqtu5H2IwKC1lKhS5PfLh-Y31fSRgm16KUCeWBgvFiMF1E8mMjFn29EYNtiisHESoypUEVN6Tj_UZKpNIKvzuK7esw4XSiaChVUtisMMBP368AhUqGj8in-wW9ARmWqMYHd6RtmPB6W_qFCP6kaYP5V3pmI-LSt-M-LdxTgNZmolt1T4_N8hDz4Q1tZ34-epOwUngmyIIHfjMpEVFxuS3gU2nsHlkLOCru_AuXS4e9KJfVC0Z-R_X_p_2k96gwym9RLqIVcQmpuequ8Fzl_8mv5MgKGMEuuV__Te3-jbrebFucb1AZgbC4FDLUwp88RYp7TqiMdDmVZSILMZtBPrcApdPjATu13hZSiWSAbL3GO_Ekqtk0Y-m3dxWlFkFxuCRynyxTp9hf9h9QIL1DHgDtWCOy_OeY4fqH17So4qKh_kyjW8WFkCLqsIuyYKo9fpLzbCbDAValV5vAXRtGSAWkfiV9hTQJXtg1TGh4joWZGmXKN8Alc7QzTJmo_Uni6yxNODIOZNOzSUOCtp2mCnCTSj8r9xxAxh_rynbrXpuBZ2jIVilJZ0VvSjYfoB7BI6X5gdUlph-YKjo70LrxR6N967dsXPBKC_y1stYjxoJInNO-eZVaHmlEzWiBhBdmC-ViLmowCady5N-cR2gveldNyulzdAOPyFUULGj_3rPmuc5hBltAK9i0psnPJnnLgtvwWRpOV6Guc367KiMyXVuQQc09JoeGYretrShXpRjdA-Oz7j0NJIJz6YCp9xRhTMkBEHCiZKm_XH4cYmLe9zTiQ94nugmHKdVnR9zPCuwy8juO6bGubanMP9zPZKRJSsqVzNC8SkXm9cQ6o4U4_flbZeesxesyuOnTtE4xAwhenRHTravN2t5J-1QFQEHIsDX8dj5w0w9VCYq_WeG6yD0lnH_OhpOHLAnLwgS4Ku23GZBYpdhaW9pOGeO2h79Mbx9jgrmGcw5z_c1gHzO-l_x_bsn2Amy86vsvQy_WyvE9GOowf955ErxUwtoinN6fWwLkU2IkpGnOMpHBqkSo_032AIj2ZZCnaTGiU1fsjkY3Rua_MR_cE3SsfKbMcY1WcnD2fCrIuAvJy_fR2ZK8lIiq3euHl2Gcg-2QQV5bvlo-NZPi1CwsMD3dc2c-CASuuWJ8HIqctgvgVSBul7Fc3gyIDKLoBJraxWgagaW7KQySaFSvyZn9iOQVBVrhomUOOIXCSQD5c3cBdC3ItMOVsoprxhJME2PzVn1uzcGnG5g4l5lulc1HltvjzqXVLTgq6flNco4D5z2j8ZI27b7hntTAW9eUawRhcOQO7p0YuGYGYhjndhQCLpIqIJ2su_fx5d5SwZTH9MQ1fdZwP-q058-A_8r9PErQ-mAkbKuS_5rGM6_nCrPf9ptoTlWVRL2TeZRHhEjJeg4_smG-9RbRXCIe_b_2JI5ztGnrzugTtVZ-SqXU5RJqiB1Z6QR5uuHCehNgjEeg1sTMX47u7EdDQaDAkfNEVgpoM97z60W01nWLBctwhhhGbdVJicxyQ6rxT90xzM7-SJgd1T7XLOldZjUrHvsViMlxdzY_nd4IkhRwLm2CFErk8dUz8MvtDy-cuV11Zz-WL4Txjc6H7Bb2ZfGHUFcu8HHQKU0RMe5OdykDiVluwwpR6CNz7T6r5u_fNvcGIdpNpE2LFwmmf9ew36KkHX6_3I-FsXcgNeN_Xnv9fbi7-9Gl9lUUVuSdmJ0eN8Bi6XAEI9r6Ac-T6W8WcMH3WcdBcyiyaW9fW04t5gEl9OupSGpGEb_OI2Qobg9I0olfMlm3JNpVWlvZAWTCuUJ5154FioQzVDUKBtpfCK_mQcFP4vjvDpLfSa2f0AM3h2SI7ARvdcTePySAxxRlKSpYKFCDwRFjZKqr8Zu3rifo3rzvb56vqIzU4elTfNl5lVhgqngYK4At80Pjf7QSfPu3pOfNI6DDSUTwmPMIIj6R61eHz5wmb7ubrB3nCXPR8wioRI5-DhEV8iTBaM1IdYzdT0EUGTFcHzYDC31jpNGS9IPFxCLtcV2Zz5U27AYX3LdWYFMoTBgH3gfoOqtIIXE0ABN2nVtEHCiHVyxxwou0VV0r7z2v4hW9bsiXRTCjFrE-E91wlgPpPflJL6mAnnegfv6S2EPSBoCXQG7fuFET19uy7MFWzprdiw1im2mrHCv-YYMYxJUQ6qLmNupgm13iAQGOQeR8sS8ovIhCNz-m2fHhFSRuvKtZ_f-Pgl7bT9sMDVn8SnlmrBkBO1eHqO49XPkNy_jbI2b8PWDHCG-HCESVmTPeATgdDMs8O02F-wBYKt-u3g20sc79F1Npq7l0PTJZqBI8hn_21XiGly2YixQ2e05KEqSocxF5kOJpZTTUOpT6cS7cN8zEk9MjqlY_1yxDg1863DilgpRXVSEBdsYl026nW_8Mffq6YY0NkTUB_5iytY_OBCHWkZa7iW6tJmnjnhr2xJgYmcM6zR20S_3pLnCq-CRRC9EirWGHADwY8zoSrplavoozaj4Jfqsb8ZzVKaYTDXpXxJtrT6XnQuyEpxBTiLSaFsit9Gq9B1cygVziviw-myznrlYDc_knijeZjXu6sdZsJnpx60wSRvCmxoZVWj2DPW77GkaUd3zOKqwdV_zan2IgvlC9rrqQ18H&cid=CAQSPADq26N9tufG-leXgmdLOGrEYOkZaHwwcMmOo7qC_vC_r3hjzrasRVxF3bMkagWKP3XZYKH-YgCKmcwwHBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bfe2ef30bb338b9eedd84e8ab566b718-1668831201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
616c888792dfcc8c545cc0d0fd1121fcf1a38611671c32439033ef7dcf967879
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32012
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 81C9
42 B
107 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AdT6kj4SugMYI27Neh2YPosvoDeJumyx5nTmdu28hD3WC-phMHro-WoVPRUJZl4Z_Z2Vu2BvX97yVeCCZA1qCYTmPNF0D_jcBbiGCjlS38-oBXRPo
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 81C9
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
42740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:21:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 81C9
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
42740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:21:12 GMT
l
www.google.com/ads/measurement/ Frame 81C9
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1wR4G5rF6xMYI9A5NtWYInrxuU3cA28e4P92eqn6lKoI7gM2_NtI309zGFh1DJmSc35ZLOLJsc_CSKJW3WSif7oUFuw
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 81C9
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:13:32 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ZT_YJdSPgzE.L... Frame 1E61
17 KB
7 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.ZT_YJdSPgzE.L.B1.O/am=JgMABA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI62EJXJ0_yV0gNE7fl0Gu5fDJ-9OQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
c7935fa059e0e8b123b5670156ab7009349ab76c129a4f7a9427c9b37d0d9661
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:35:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7246
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 03:52:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 19:35:19 GMT
log
play.google.com/ Frame 1E61
131 B
421 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f100.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 19 Nov 2022 04:13:33 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 19 Nov 2022 04:13:33 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f100.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 19 Nov 2022 04:13:32 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1E61
131 B
419 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f100.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 19 Nov 2022 04:13:33 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 19 Nov 2022 04:13:33 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f100.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 19 Nov 2022 04:13:32 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1E61
131 B
421 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f100.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 19 Nov 2022 04:13:33 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 19 Nov 2022 04:13:33 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f100.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 19 Nov 2022 04:13:32 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
truncated
/ Frame 51BB
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4947ff1129f412919b7744bf1cadb1d3f0ef08481b65ff35311b4c5a8247d5ca

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
log
play.google.com/ Frame 1E61
131 B
819 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.TI-nwusQ2mI.es5.O/am=JgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7roXl_76E7P12ReyU-QyraIMXIgA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f100.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 19 Nov 2022 04:13:33 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 19 Nov 2022 04:13:33 GMT
truncated
/ Frame CAA0
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb46287d59efe657cd8de744ba09faf97c15e52a4358c301c0e43336188d9e95

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame FAC4
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138413026295&pubOrder=3068195175&cb=1375891392&custom=homepage&custom3=168400391&adsafe_par&impId=82883654-67c0-11ed-a53f-0ab5b06f5b88
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.71.123 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-71-123.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
2571adca77b6933097561b08ba9b65b2ea8fe1bddf1918f8c7fabd26ad89423f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
async_usersync
ib.adnxs.com/ Frame A803
0
747 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:32 GMT
AN-X-Request-Uuid
9f0321fc-4e94-4395-915c-9da709979616
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
px.ads.linkedin.com/ Frame F37C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LANF0GZ0-1H-D5IH
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LANF0GZ0-1H-D5IH
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:33 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: FE206329699F48DD8280E71D6AEF2618 Ref B: SYD03EDGE1405 Ref C: 2022-11-19T04:13:33Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtywum4XrOMfEXmVw5vA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LANF0GZ0-1H-D5IH
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame F37C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vfi9s_DjRm-boSyVgtswaA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vfi9s_DjRm-boSyVgtswaA
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vfi9s_DjRm-boSyVgtswaA
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
55D504SCPG4ZV6B8QEJD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vfi9s_DjRm-boSyVgtswaA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F37C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Y1omDWOTFPtn8Eu8176Nkcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=76135572664420416
42 B
691 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=76135572664420416
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 19 Nov 2022 04:13:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=76135572664420416
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame F37C
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GRRFCZ9ZPW9JSS7XKT9F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F37C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2YwZWE3OTkyYTA2MjQ0NDQyODZjMjJkMjZkZjdjOTdjMTA0YTE1Yg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2YwZWE3OTkyYTA2MjQ0NDQyODZjMjJkMjZkZjdjOTdjMTA0YTE1Yg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2YwZWE3OTkyYTA2MjQ0NDQyODZjMjJkMjZkZjdjOTdjMTA0YTE1Yg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F37C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF2xLBdeNG4Oep0cNLl4ibY&google_cver=1
42 B
691 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF2xLBdeNG4Oep0cNLl4ibY&google_cver=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF2xLBdeNG4Oep0cNLl4ibY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F37C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFORjBHWjAtMUgtRDVJSA==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFORjBHWjAtMUgtRDVJSA==
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFORjBHWjAtMUgtRDVJSA==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F37C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&gdpr=0&gdpr_consent=&expires=30
42 B
691 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
rum
dsum-sec.casalemedia.com/ Frame ED73
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNT3xAIQ_or1Ahj5uLHYATAB&v=APEucNUP2q6YHUmWt23wBXh90tKpMTgevChxAsZnUroWZYYDYT1iyA6TAhsDOk5IDiPZxon0Fsd99YRdlWT-Z5t5VuzsVFK4Ww
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame ED73
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3hX6Na-JlG83cbzRPQ1RQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNT3xAIQ_or1Ahj5uLHYATAB&v=APEucNUP2q6YHUmWt23wBXh90tKpMTgevChxAsZnUroWZYYDYT1iyA6TAhsDOk5IDiPZxon0Fsd99YRdlWT-Z5t5VuzsVFK4Ww
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame ED73
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPWnjOCZCgAW9epnWIIlTqc&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPWnjOCZCgAW9epnWIIlTqc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNT3xAIQ_or1Ahj5uLHYATAB&v=APEucNUP2q6YHUmWt23wBXh90tKpMTgevChxAsZnUroWZYYDYT1iyA6TAhsDOk5IDiPZxon0Fsd99YRdlWT-Z5t5VuzsVFK4Ww
Protocol
HTTP/1.1
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:33 GMT
AN-X-Request-Uuid
4bb87e5f-0b7a-40e6-899e-69e10782f1f3
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPWnjOCZCgAW9epnWIIlTqc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ED73
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3MDI1NTc2ODEwMzE0MDMwNQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3MDI1NTc2ODEwMzE0MDMwNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNT3xAIQ_or1Ahj5uLHYATAB&v=APEucNUP2q6YHUmWt23wBXh90tKpMTgevChxAsZnUroWZYYDYT1iyA6TAhsDOk5IDiPZxon0Fsd99YRdlWT-Z5t5VuzsVFK4Ww
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:33 GMT
AN-X-Request-Uuid
8dfaf8e8-0033-41fc-b866-9899ea7e03b3
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3MDI1NTc2ODEwMzE0MDMwNQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 60E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLmAgqYCEIen57ECGLOQuckBMAE&v=APEucNUpasIY6iYpn1xc9e5iKEyvTVM7rUfY_rrmGvUxucNadXW95PO8a4U5gvTMfdGkXhFxm1Jfo0Kow2n5oW16jBQXBFtvbA
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 60E6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3hX6Na-JlG83cbzRPQ1RQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLmAgqYCEIen57ECGLOQuckBMAE&v=APEucNUpasIY6iYpn1xc9e5iKEyvTVM7rUfY_rrmGvUxucNadXW95PO8a4U5gvTMfdGkXhFxm1Jfo0Kow2n5oW16jBQXBFtvbA
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxBo0u_O8vJ4qT2TZPp4ms&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 60E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPWnjOCZCgAW9epnWIIlTqc&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPWnjOCZCgAW9epnWIIlTqc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLmAgqYCEIen57ECGLOQuckBMAE&v=APEucNUpasIY6iYpn1xc9e5iKEyvTVM7rUfY_rrmGvUxucNadXW95PO8a4U5gvTMfdGkXhFxm1Jfo0Kow2n5oW16jBQXBFtvbA
Protocol
HTTP/1.1
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:33 GMT
AN-X-Request-Uuid
da925de7-5a2c-4d66-99d6-6d1146ec60c0
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPWnjOCZCgAW9epnWIIlTqc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 60E6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3MDI1NTc2ODEwMzE0MDMwNQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3MDI1NTc2ODEwMzE0MDMwNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLmAgqYCEIen57ECGLOQuckBMAE&v=APEucNUpasIY6iYpn1xc9e5iKEyvTVM7rUfY_rrmGvUxucNadXW95PO8a4U5gvTMfdGkXhFxm1Jfo0Kow2n5oW16jBQXBFtvbA
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:13:33 GMT
AN-X-Request-Uuid
4e9f64f0-3fe9-458f-9513-6a73367af891
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3MDI1NTc2ODEwMzE0MDMwNQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame A6CD
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138412773756&pubOrder=3068195175&cb=1958050697&custom=homepage&custom3=168400391&adsafe_par&impId=82883657-67c0-11ed-a53f-0ab5b06f5b88
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.71.123 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-71-123.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
099fbd50da7aa6ac75242c9c4483c898e224e15cca9e7b7d30cdc89fb7fe3979

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 51BB
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviYdrM6VaQATiO3471smkcK-qlZJROrtZ7d3H5lgohUY0VwzZIbRzE8h7JbR01KSOPFK3_jd4pWJOsZ-VrHsz76n9v7y3ArOcrLwtPjyOfhq_-s5kQpsMbx758ZWWtEdYGRVeWYHyn9b6JzRMX0GHQ4nL6972N_Kir_n3TwTkUehRj_PhKtq7c6UOMj100qAZZrfPONv-mTHFoQspfr_W9Jrp-OvsTV4QLrD7nnutJyKGb_MF5qzr4s7OhvC4SfuDYNE_hIb12ngcJ1eDKFslN6R2s1Vbqw94HF0jrRd1uHXdW9J8MrZW5sUK9xnIN7WZXyIWE&sai=AMfl-YQ3Mua4VErjW339AXGfYKbmlSlzGTkMd1r4uji9B4sxhUnVQwEw6_lwogSR-AUcu6BiKGvBDpSwbdlVWsrrE20p6c_2Hz1e0NRxziDwK7zVUPsvc6nhq-o9vrNNoDb9aA&sig=Cg0ArKJSzGavOz7NdYbxEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 04:13:33 GMT
2667891553612180355_1667548731684_script.js
massets.bonzai.co/ Frame CAA0
337 KB
131 KB
Script
General
Full URL
https://massets.bonzai.co/2667891553612180355_1667548731684_script.js
Requested by
Host: invoke.bonzai.co
URL: https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=2667891553612180355&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=266920143196706123&rnd=1343796421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-66.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c49928247ac43f83ebf63fc22f836d61be1b1be432e965be1e6d3e7eda2c433

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 21:41:59 GMT
content-encoding
gzip
via
1.1 65866bb6c20ad09669a6cfc294087ec0.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 07:58:59 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
973895
etag
"76dc5ccc2ae10c4dbf5f749e6e552304"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31104000
accept-ranges
bytes
content-length
133432
x-amz-cf-id
dkGvALR8se_JLhqJ5psgcrN2q4r3AgO-baxpDiaShoNotjbYP_MVrg==
rec
collector.bonzai.co/ Frame CAA0
43 B
268 B
Image
General
Full URL
https://collector.bonzai.co/rec?ev=pre-preimp&tk=d482df2ef01de98aa65fa9186a1a79&ad=2667891553612180355&brkp=1920x1080&brkpid=dtsMain&cw=970&ch=250
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.173.211 -, , ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:39 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
B28611619.347748519;dc_pre=CKfDp92wufsCFUGJcAodSd4Ktg;dc_trk_aid=538999851;dc_trk_cid=178895209;ord=1343796421;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/ Frame CAA0
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28611619.347748519;dc_trk_aid=538999851;dc_trk_cid=178895209;ord=1343796421;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
  • https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28611619.347748519;dc_pre=CKfDp92wufsCFUGJcAodSd4Ktg;dc_trk_aid=538999851;dc_trk_cid=178895209;ord=1343796421;dc_lat=;dc_rdid=;tag...
42 B
63 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28611619.347748519;dc_pre=CKfDp92wufsCFUGJcAodSd4Ktg;dc_trk_aid=538999851;dc_trk_cid=178895209;ord=1343796421;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.253.118.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f149.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28611619.347748519;dc_pre=CKfDp92wufsCFUGJcAodSd4Ktg;dc_trk_aid=538999851;dc_trk_cid=178895209;ord=1343796421;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rec
collector.bonzai.co/ Frame CAA0
43 B
267 B
Image
General
Full URL
https://collector.bonzai.co/rec?mode=test&adid=2667891553612180355&tk=d482df2ef01de98aa65fa9186a1a79&domain=www.heraldsun.com.au&pagename=/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.173.211 -, , ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:39 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
B28611619.347749104;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1593749571;ord=qkgr0i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvby2PUaaL0ifjATsW06b6NE1Uc...
ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/ Frame 3789
58 KB
27 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28611619.347749104;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1593749571;ord=qkgr0i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvby2PUaaL0ifjATsW06b6NE1UcYJ235Zil3uNQYgQM-yjG3eLlQuZIbb4QwckZBmvIeM4E4W3iPxhJ0KFGujqVC2i0tI6ePRGO4DkL_0x7iQ_1Po7MJBBm-QVoBd0gKOJtLoemCp76a0uQkvv-qPZbGkqiWtpJU_z2VHagR_zKZMJ4S5QPAg3HL8NmATz4tjj7058achc5Qbh3TotUrqMDHFXRUx0sPG4JObUht9ep8r9u2c5IuKi238doC4QJGt0hHSYkBK6UBXfg8UAXNlUT7hMxmvN1d1oih2PdXw6ZJPJ-0sgcNNXgQ2Ufz_293w%26sai%3DAMfl-YRK2M4VGmrSNkPXBbMT9xlFRbHOj4Tz49yHyM7PwYI8VToSNOPg_WHHtQDAGFXm4njclLOncMawOV9C5BpykZAVL6DtvD8k2oSr6q_q0naAdJFriukhGZxANh-iIlqQ1Q%26sig%3DCg0ArKJSzN84kQRFOV4XEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=-0f4GGloGP;stc=1;chaa=1;sttr=628;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f149.1e100.net
Software
cafe /
Resource Hash
728c3e981116ebbbc537f4b6960b49c1d572036bd286cde39df4817aa483c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27876
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 6E5E
29 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDitqVcE5F4rjjpet48nKy7ZWkVifvYxhvc_sRT961A9Ag_yUTHQ2UWuxJlNklvE5S5-insoLD4RDblILiDSwywRLaS1Gw_emWDDPilTo3rB3IyiH8p5QujprdCzmguC03EOnu828bnfIWUWtM70MRMn-7EeMhBJlFKyJJGVdFw9EKtd0&dbm_d=AKAmf-DBbznipkqJ1glJE89FgPmXbf7OkXGvN9shJvcciqJ8W_je-hVvZW8qPvz6zhElWBZZ7VYZmEyDZHxPEWJ-i3lOLmEq6j69z9F1NKn3AGqCyHfSn7WdLkMEwpIQEygNHKuIobM_u-_RyB6-wqp8QG5Y8Mhi9jHK9skvnoJfXtLr9VzSS3jMPU5Y9wTsrSsShklXrWgMedhKfUTafsUyzWnLMvwCwFe9B5p5bv2Isi9qn8nX1WMYY_kvsvyohyljbSLDcaLZL2fRkx2gekKyQkwUa1XJFjW1nCWtdDe50EClNYKrOwkDXcZQjxM5roqdwpOT0jg5Rpcab31r8m63GhBsBqeeU-n28hQ_sKFx45b5Akl-2yeyMmxjUPBcZ8yhOs_I7IOOqKPJrn9yIKA9R4zmLOQbl_Htbh4P0RaUizoYRKqmY5_rV7T0AdcwqitoZutNXym5-4jOjTVBOCg_KhOwpkyZhnjcR3SghzsiTL0aKEW2-9_nomBh4PAK_AL0u4mOnLfAG8wMFU2sDns0EA5KeBRHZxBR1RBzu4suyIiuU6THFPmLbCIrqF_Z9MQBLNoxReXzywdhjeztQRVhyyPqxoUXlhLYUWdpOPvkpmb2XjcGaqioa3NcKAO8p5FP310Dn2-SxtsRgfmHUxB-Zyiu9_7Unhytnez08kRfwuAGrbGnneHmJmnYRokxv726ACb-UxMfOnXDPYGspHBnEy_YyCbmQ_ucgwat5RVegREsH84rnYmOIjCbxl2Z_KgvcbKup_81cTVCvnzlwvZC2_fNvr_7HLDyG6vSapb0O9dP-sdBeV83HKK3SJ15KydxJv7_HxEvrL4b2sVvduDzt589q1piDVPYDIaxCUiWKyXw5ysrJ0QdVNVwEKDYlUYBqqG0Tcq1aUx6ebvRbPqxNFn9xZybMMkW9den_dvARwbad2dMR2CFZP1VhMLQKY_vLPRvlPjfiFfx_3ps0VM2O9qga80av8mtqcFpJ02DzK73pe2u_pDSFNL-_b8h-96YEPnppnIn1YAqG1RibgAQeB3I-6pHSsVyR_pkE_RJzBqPILi02NjNQcrjLB1attc1FAeYCiPSW1nI5R6TMQkDyrTJISdA-z7cnPv3IvTVjLgf171s20hrtetBAXDaA212Xw-Ns4ZvhwdkeQMYS3G0TkkNlE_dUZRulor9UZRrEcyDt6HRtx7Co-74Lxt9R3qnDLdszNvGUIHW_yjUk6vsDzk9EragSGR9YjSuwG2tKaJVpe1EcWlLSUriwOi0VF0mMcEtdZlKFJLvG2i9Zme0jHvKgN-aV7vr_dN8git5etd9Daub0c22TR4FdXaiHSBB8pcru4gcYVzpDW19U6sLdJU5RCq0PtRYRm2xq6wxvo5bwHJbE8LcLCSCnwlgxMKSdtq8UZsfYMMJ4wKlRN1sWKkGPPxn-zBYgoNOyfK3DjX75EJ5QCQmcFeDOf6ExpRmSetFBsWuwUy1owWhleaczyK7YOkF-ROGIFw3ySl5QaCffP75tG2PGaJtxDNXdeCTYbkjLR-q69kE83xgcMsWkVEw6uIQKY7rjIjikDR-Q313d-8Ougb8RmQamGMk8-ciZmryeUpw_N8aGoPqupM-6h44gQ33S8Ch8DGaa6Umc8W1ZOde7y0Rm9gxDR5wcZ3zFhb1kq7tSFWJaybJLXQCJ1Vr5qjbM1Jg_Cu6dpJG1EtP4xcZ_cGm_1yj1M-swnNZPuFsdP_DVl5Sf3gEZCGzuypkDLDXR3iaO8UKSvi07a4_R2rmmTa859qw1TdMWKCuXYnoVzPWhtSUavOrPVtDmNcWw68S6RzhWJyR10oG168axSnDRVszwpmP01vPn5qD4Zzd6D1Eity7lm2cz1ac2KSIxbP_xY3IyUGuxVQoDpAFFsxBUFxSMbsPdMh3lt1rP79bWxrPEvxU49R4xjRn3-iNSXg5yYrrGknjis8efXp8iaaNhrAPoDJ1va849SP8g7bgY0gwAqhlXcg1wTH3i6ax3g79K3VVGcLjc0i7tUE3i35Q5j7x_xGNbGi-2LJX223VhEohw_PIVBFagjbxwkGTL7Ndc9Jf2hyuQq0BHvsVJ8NM6E-au3_tOkOAT3IvYCTgyvao_8EtSomCqFHQQuC6ybUZYRvuSEk_9BiW7IlNPzJzfm9ep5LbrQ8vjLGvhuCrrLdhBpfJ098w4UxZ64zPtWKhyWmrQad5fLyMDG8dDyqT1-EucyO3dIqPNy3Xmt5nSnwaLF5pJyq5EfVgXiUOXjuPOWVvrNhJFgTF1XAEmaR12jzj2blrXVhn2dQhpkB1lpkyXariiK_qDeT_-OXlnKqSqH6PqjwJG_Qx1Jxk43iEoEbI9s74PAPQqpOvZDzAaFscH-ths--5OFb_mudWolfIvgsF-GO5byA8qJd56hLmaxhmua1Q7Eh0RMfeXw1zHiOJM5UL9u-LV-apAcUc9rOF2tEcYJkZPnfkkImoJT_1blKACNOUAZnqcr9d1lf5_56HH8o5IfONsBM4ppcHfVDjwm-6bkAMspk9G9fryLUxH-EgHJ3cA0PaYGZcx_nFsb1ay7Mmr1aPXuiQoN6NNGB-OWq0cMW59kRlflVVQQCCQbMBWHSsyoGwlsWwKSpcrBG-X-0nj5Ezfw3fovHRATYimhz8c6ggrAGCAtGpb2ixkQzVxuep6seJpfvf5KlF1plfAVKxssygngxSxTUszS4fxjYGs_UxoIWNeZOSixTzsLDIW8D4FSXHO2ceyi2TZhCDHjnB07K8-QMzDjemJ8LKnUcvVO22kpKI6cQAJgRWbbr7877lcGk5oJsbsfPDv7XJdc88sFJ3EI_JpFVGDwBkPA94ZME9_lKdaNT6Y30opRss8JjtYK7GVNt_ycEOkz9c7VfdJpe0CW9LMn2OLphLkcy6Nq103-I0zdVUglKQ64DZZTuRIIkC7GbRFs8vgMEm7MvF-nJYskBpWCuqP6RyS_E9Xnetq3rt6uYP4GF8J8PVgC4hHC3mokKskjVgv70fNS2xTyKvZZeV_QmN-SqoCJ4_BMEoyQDtmypB292A0VpNEQFnqJuZpeycJP2h3W4fvvksFChvGKSopA6TXkNJhAQFmOoQpb5e3kdOBdGHGM2TVdVBk1tL7jjyTwl3iO536-vrr06B4qyXP2zgHzjigKM13IbtDIUVhWuU5mu3DqnfnZ60dDTcG9P9DZFpK1sdZuQJprDlj7HON7y4ggSv6g&cid=CAQSPADq26N9tufG-leXgmdLOGrEYOkZaHwwcMmOo7qC_vC_r3hjzrasRVxF3bMkagWKP3XZYKH-YgCKmcwwHBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
42533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:24:40 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 6E5E
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDitqVcE5F4rjjpet48nKy7ZWkVifvYxhvc_sRT961A9Ag_yUTHQ2UWuxJlNklvE5S5-insoLD4RDblILiDSwywRLaS1Gw_emWDDPilTo3rB3IyiH8p5QujprdCzmguC03EOnu828bnfIWUWtM70MRMn-7EeMhBJlFKyJJGVdFw9EKtd0&dbm_d=AKAmf-DBbznipkqJ1glJE89FgPmXbf7OkXGvN9shJvcciqJ8W_je-hVvZW8qPvz6zhElWBZZ7VYZmEyDZHxPEWJ-i3lOLmEq6j69z9F1NKn3AGqCyHfSn7WdLkMEwpIQEygNHKuIobM_u-_RyB6-wqp8QG5Y8Mhi9jHK9skvnoJfXtLr9VzSS3jMPU5Y9wTsrSsShklXrWgMedhKfUTafsUyzWnLMvwCwFe9B5p5bv2Isi9qn8nX1WMYY_kvsvyohyljbSLDcaLZL2fRkx2gekKyQkwUa1XJFjW1nCWtdDe50EClNYKrOwkDXcZQjxM5roqdwpOT0jg5Rpcab31r8m63GhBsBqeeU-n28hQ_sKFx45b5Akl-2yeyMmxjUPBcZ8yhOs_I7IOOqKPJrn9yIKA9R4zmLOQbl_Htbh4P0RaUizoYRKqmY5_rV7T0AdcwqitoZutNXym5-4jOjTVBOCg_KhOwpkyZhnjcR3SghzsiTL0aKEW2-9_nomBh4PAK_AL0u4mOnLfAG8wMFU2sDns0EA5KeBRHZxBR1RBzu4suyIiuU6THFPmLbCIrqF_Z9MQBLNoxReXzywdhjeztQRVhyyPqxoUXlhLYUWdpOPvkpmb2XjcGaqioa3NcKAO8p5FP310Dn2-SxtsRgfmHUxB-Zyiu9_7Unhytnez08kRfwuAGrbGnneHmJmnYRokxv726ACb-UxMfOnXDPYGspHBnEy_YyCbmQ_ucgwat5RVegREsH84rnYmOIjCbxl2Z_KgvcbKup_81cTVCvnzlwvZC2_fNvr_7HLDyG6vSapb0O9dP-sdBeV83HKK3SJ15KydxJv7_HxEvrL4b2sVvduDzt589q1piDVPYDIaxCUiWKyXw5ysrJ0QdVNVwEKDYlUYBqqG0Tcq1aUx6ebvRbPqxNFn9xZybMMkW9den_dvARwbad2dMR2CFZP1VhMLQKY_vLPRvlPjfiFfx_3ps0VM2O9qga80av8mtqcFpJ02DzK73pe2u_pDSFNL-_b8h-96YEPnppnIn1YAqG1RibgAQeB3I-6pHSsVyR_pkE_RJzBqPILi02NjNQcrjLB1attc1FAeYCiPSW1nI5R6TMQkDyrTJISdA-z7cnPv3IvTVjLgf171s20hrtetBAXDaA212Xw-Ns4ZvhwdkeQMYS3G0TkkNlE_dUZRulor9UZRrEcyDt6HRtx7Co-74Lxt9R3qnDLdszNvGUIHW_yjUk6vsDzk9EragSGR9YjSuwG2tKaJVpe1EcWlLSUriwOi0VF0mMcEtdZlKFJLvG2i9Zme0jHvKgN-aV7vr_dN8git5etd9Daub0c22TR4FdXaiHSBB8pcru4gcYVzpDW19U6sLdJU5RCq0PtRYRm2xq6wxvo5bwHJbE8LcLCSCnwlgxMKSdtq8UZsfYMMJ4wKlRN1sWKkGPPxn-zBYgoNOyfK3DjX75EJ5QCQmcFeDOf6ExpRmSetFBsWuwUy1owWhleaczyK7YOkF-ROGIFw3ySl5QaCffP75tG2PGaJtxDNXdeCTYbkjLR-q69kE83xgcMsWkVEw6uIQKY7rjIjikDR-Q313d-8Ougb8RmQamGMk8-ciZmryeUpw_N8aGoPqupM-6h44gQ33S8Ch8DGaa6Umc8W1ZOde7y0Rm9gxDR5wcZ3zFhb1kq7tSFWJaybJLXQCJ1Vr5qjbM1Jg_Cu6dpJG1EtP4xcZ_cGm_1yj1M-swnNZPuFsdP_DVl5Sf3gEZCGzuypkDLDXR3iaO8UKSvi07a4_R2rmmTa859qw1TdMWKCuXYnoVzPWhtSUavOrPVtDmNcWw68S6RzhWJyR10oG168axSnDRVszwpmP01vPn5qD4Zzd6D1Eity7lm2cz1ac2KSIxbP_xY3IyUGuxVQoDpAFFsxBUFxSMbsPdMh3lt1rP79bWxrPEvxU49R4xjRn3-iNSXg5yYrrGknjis8efXp8iaaNhrAPoDJ1va849SP8g7bgY0gwAqhlXcg1wTH3i6ax3g79K3VVGcLjc0i7tUE3i35Q5j7x_xGNbGi-2LJX223VhEohw_PIVBFagjbxwkGTL7Ndc9Jf2hyuQq0BHvsVJ8NM6E-au3_tOkOAT3IvYCTgyvao_8EtSomCqFHQQuC6ybUZYRvuSEk_9BiW7IlNPzJzfm9ep5LbrQ8vjLGvhuCrrLdhBpfJ098w4UxZ64zPtWKhyWmrQad5fLyMDG8dDyqT1-EucyO3dIqPNy3Xmt5nSnwaLF5pJyq5EfVgXiUOXjuPOWVvrNhJFgTF1XAEmaR12jzj2blrXVhn2dQhpkB1lpkyXariiK_qDeT_-OXlnKqSqH6PqjwJG_Qx1Jxk43iEoEbI9s74PAPQqpOvZDzAaFscH-ths--5OFb_mudWolfIvgsF-GO5byA8qJd56hLmaxhmua1Q7Eh0RMfeXw1zHiOJM5UL9u-LV-apAcUc9rOF2tEcYJkZPnfkkImoJT_1blKACNOUAZnqcr9d1lf5_56HH8o5IfONsBM4ppcHfVDjwm-6bkAMspk9G9fryLUxH-EgHJ3cA0PaYGZcx_nFsb1ay7Mmr1aPXuiQoN6NNGB-OWq0cMW59kRlflVVQQCCQbMBWHSsyoGwlsWwKSpcrBG-X-0nj5Ezfw3fovHRATYimhz8c6ggrAGCAtGpb2ixkQzVxuep6seJpfvf5KlF1plfAVKxssygngxSxTUszS4fxjYGs_UxoIWNeZOSixTzsLDIW8D4FSXHO2ceyi2TZhCDHjnB07K8-QMzDjemJ8LKnUcvVO22kpKI6cQAJgRWbbr7877lcGk5oJsbsfPDv7XJdc88sFJ3EI_JpFVGDwBkPA94ZME9_lKdaNT6Y30opRss8JjtYK7GVNt_ycEOkz9c7VfdJpe0CW9LMn2OLphLkcy6Nq103-I0zdVUglKQ64DZZTuRIIkC7GbRFs8vgMEm7MvF-nJYskBpWCuqP6RyS_E9Xnetq3rt6uYP4GF8J8PVgC4hHC3mokKskjVgv70fNS2xTyKvZZeV_QmN-SqoCJ4_BMEoyQDtmypB292A0VpNEQFnqJuZpeycJP2h3W4fvvksFChvGKSopA6TXkNJhAQFmOoQpb5e3kdOBdGHGM2TVdVBk1tL7jjyTwl3iO536-vrr06B4qyXP2zgHzjigKM13IbtDIUVhWuU5mu3DqnfnZ60dDTcG9P9DZFpK1sdZuQJprDlj7HON7y4ggSv6g&cid=CAQSPADq26N9tufG-leXgmdLOGrEYOkZaHwwcMmOo7qC_vC_r3hjzrasRVxF3bMkagWKP3XZYKH-YgCKmcwwHBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
42533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:24:40 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6E5E
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdjEWS1pJHsKzeDdK7SrfRu21A8QYGJLVnb6FhWnSPwmb2KZtKULYtSEoCWI0OcuxcB1gAIvpK8cD9VRv_MsQVIMrYT4uN1kEktg4mb5M8SAwAh-eIVUjqgQ9UcZcmno93JYRvKUopSAchKIYgJGmnhmA6zDQ6SThGKTp1Gk8PeJIZbjq3ZrSASf2Tgwt-aQ6y1qAF2ZrtMT3KMgtWr6bWTHZhsmcSEPcwi9SHayTWsg7KxRsLKWjIj4biNTeYrYkI9aI0Te39d79wAj_orsz7M8tRVCq1oDjKgAYMqVZYYwlajjGzAoYohYrR_Iz-yWFsms0nSNmN2TRR-99peaSKNyDOVI962LCSfszBTFWVZoC7bp3Kxh6LP0hv5YVsmqKGjgegOZYmy1nlI6QJdEFnQtHm5B2Dwf4rJEKiFn1gVbL6gNHKesKFLWriWQqGHpx5l74HHGX9K7J7JID3nHy01u1wNr_SRRGO1Tb-UNAMaBl0KV1wgHWmj6-CgpXdpyHGP6BP3ePPMnoGCpQjFS4uh4DEQJoyZzstTD0syJR0yYcaYmB31uIJ-2yMTEOeytCnhF2QR2QZubK_SVqOdQSTN-6_l-DwOfVISbrKLNGLsZwyTskSNY9mN7fMSKTtce-PJwcSAel_hRITWanRuxZhlZ2t7lP95rhd1ODGnz83JJZVhx7DSoLfgN1z92xR34E4ZzDuxndyfv0eDBkxSgFVCRn9XITAFalyqqkxJoPmRcAg2KQ1A8qwz_wl1kcgeNFPsDorm98ouqJHIaSYY1YIhD30-kmxqUmJSs47frOgVbNpa9E60GPWYRn3kGdO7lmIIoy_69nOrfoNeN-gLNJyQPY0ja46j3lPzjnbQMR-m2e1sXhuebMB2EPCaQO5W1iI9AAC8G_dpWKTFUE-Fym4V0p9lgpojath60S_KYoR4EWrhH5UG9HmktE9ZnMJkUjwN5cuB_-ozfpViQEZUVqTKbeqLxPT_UHQ-wffPg3g5kWRQrvaLaTwzranDf9bbHxaq8pN36cqeaWqnuFX52bHesfnMxZEDB5PxZG1_jzhGW47P_yaS9aLjCiQL1-m2XvXa_ZupwEbN6XTRDLvIeyb7E3xoR6VPnjMOSffQe_uYzKA6WyZw9WGFYpBHX6iBM_mZYRXcYBxtyVTYRKpykniMethU8urKJPIIWuBpm7k23uKyIhvfqh0-mtEYS_SCvDdISBOzePOFp0jlrc96EYq-fYTDS4ocG5-WuXja6fo0EXzBTHI2UrloCAyibEXnH8YregHPaT_0s_1BEUDwgZWu6s&sai=AMfl-YS9GPDEdRcHWJDsF4dtblfVpWvL3n79cJebJtOJUGeBJtv_sUXMfXCNJEyJBQpNe94JNu3Rfeperr8MlqGqUY4uUF8eAi1KzlZooC1lMEwqKd3TDxQ7APXM9lY3mYp7CLzU7yYX2zq5hp07Nw5oNhMsdbsTpBHQBUa52Gs8mgRwgIr2JzR-SP-jY6hRd-zXQGgOp6pjmgk4EIffgLupFZj3jeUxqOMM7PTQFA1VS0UYdkMCkhcDVNxZwu_6MrfLR5xD8y5fiO7rB-0Id1w0qfKk5qdmZiI7zjhaWSQ&sig=Cg0ArKJSzJRgxVoPk0vNEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.92824&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDitqVcE5F4rjjpet48nKy7ZWkVifvYxhvc_sRT961A9Ag_yUTHQ2UWuxJlNklvE5S5-insoLD4RDblILiDSwywRLaS1Gw_emWDDPilTo3rB3IyiH8p5QujprdCzmguC03EOnu828bnfIWUWtM70MRMn-7EeMhBJlFKyJJGVdFw9EKtd0&dbm_d=AKAmf-DBbznipkqJ1glJE89FgPmXbf7OkXGvN9shJvcciqJ8W_je-hVvZW8qPvz6zhElWBZZ7VYZmEyDZHxPEWJ-i3lOLmEq6j69z9F1NKn3AGqCyHfSn7WdLkMEwpIQEygNHKuIobM_u-_RyB6-wqp8QG5Y8Mhi9jHK9skvnoJfXtLr9VzSS3jMPU5Y9wTsrSsShklXrWgMedhKfUTafsUyzWnLMvwCwFe9B5p5bv2Isi9qn8nX1WMYY_kvsvyohyljbSLDcaLZL2fRkx2gekKyQkwUa1XJFjW1nCWtdDe50EClNYKrOwkDXcZQjxM5roqdwpOT0jg5Rpcab31r8m63GhBsBqeeU-n28hQ_sKFx45b5Akl-2yeyMmxjUPBcZ8yhOs_I7IOOqKPJrn9yIKA9R4zmLOQbl_Htbh4P0RaUizoYRKqmY5_rV7T0AdcwqitoZutNXym5-4jOjTVBOCg_KhOwpkyZhnjcR3SghzsiTL0aKEW2-9_nomBh4PAK_AL0u4mOnLfAG8wMFU2sDns0EA5KeBRHZxBR1RBzu4suyIiuU6THFPmLbCIrqF_Z9MQBLNoxReXzywdhjeztQRVhyyPqxoUXlhLYUWdpOPvkpmb2XjcGaqioa3NcKAO8p5FP310Dn2-SxtsRgfmHUxB-Zyiu9_7Unhytnez08kRfwuAGrbGnneHmJmnYRokxv726ACb-UxMfOnXDPYGspHBnEy_YyCbmQ_ucgwat5RVegREsH84rnYmOIjCbxl2Z_KgvcbKup_81cTVCvnzlwvZC2_fNvr_7HLDyG6vSapb0O9dP-sdBeV83HKK3SJ15KydxJv7_HxEvrL4b2sVvduDzt589q1piDVPYDIaxCUiWKyXw5ysrJ0QdVNVwEKDYlUYBqqG0Tcq1aUx6ebvRbPqxNFn9xZybMMkW9den_dvARwbad2dMR2CFZP1VhMLQKY_vLPRvlPjfiFfx_3ps0VM2O9qga80av8mtqcFpJ02DzK73pe2u_pDSFNL-_b8h-96YEPnppnIn1YAqG1RibgAQeB3I-6pHSsVyR_pkE_RJzBqPILi02NjNQcrjLB1attc1FAeYCiPSW1nI5R6TMQkDyrTJISdA-z7cnPv3IvTVjLgf171s20hrtetBAXDaA212Xw-Ns4ZvhwdkeQMYS3G0TkkNlE_dUZRulor9UZRrEcyDt6HRtx7Co-74Lxt9R3qnDLdszNvGUIHW_yjUk6vsDzk9EragSGR9YjSuwG2tKaJVpe1EcWlLSUriwOi0VF0mMcEtdZlKFJLvG2i9Zme0jHvKgN-aV7vr_dN8git5etd9Daub0c22TR4FdXaiHSBB8pcru4gcYVzpDW19U6sLdJU5RCq0PtRYRm2xq6wxvo5bwHJbE8LcLCSCnwlgxMKSdtq8UZsfYMMJ4wKlRN1sWKkGPPxn-zBYgoNOyfK3DjX75EJ5QCQmcFeDOf6ExpRmSetFBsWuwUy1owWhleaczyK7YOkF-ROGIFw3ySl5QaCffP75tG2PGaJtxDNXdeCTYbkjLR-q69kE83xgcMsWkVEw6uIQKY7rjIjikDR-Q313d-8Ougb8RmQamGMk8-ciZmryeUpw_N8aGoPqupM-6h44gQ33S8Ch8DGaa6Umc8W1ZOde7y0Rm9gxDR5wcZ3zFhb1kq7tSFWJaybJLXQCJ1Vr5qjbM1Jg_Cu6dpJG1EtP4xcZ_cGm_1yj1M-swnNZPuFsdP_DVl5Sf3gEZCGzuypkDLDXR3iaO8UKSvi07a4_R2rmmTa859qw1TdMWKCuXYnoVzPWhtSUavOrPVtDmNcWw68S6RzhWJyR10oG168axSnDRVszwpmP01vPn5qD4Zzd6D1Eity7lm2cz1ac2KSIxbP_xY3IyUGuxVQoDpAFFsxBUFxSMbsPdMh3lt1rP79bWxrPEvxU49R4xjRn3-iNSXg5yYrrGknjis8efXp8iaaNhrAPoDJ1va849SP8g7bgY0gwAqhlXcg1wTH3i6ax3g79K3VVGcLjc0i7tUE3i35Q5j7x_xGNbGi-2LJX223VhEohw_PIVBFagjbxwkGTL7Ndc9Jf2hyuQq0BHvsVJ8NM6E-au3_tOkOAT3IvYCTgyvao_8EtSomCqFHQQuC6ybUZYRvuSEk_9BiW7IlNPzJzfm9ep5LbrQ8vjLGvhuCrrLdhBpfJ098w4UxZ64zPtWKhyWmrQad5fLyMDG8dDyqT1-EucyO3dIqPNy3Xmt5nSnwaLF5pJyq5EfVgXiUOXjuPOWVvrNhJFgTF1XAEmaR12jzj2blrXVhn2dQhpkB1lpkyXariiK_qDeT_-OXlnKqSqH6PqjwJG_Qx1Jxk43iEoEbI9s74PAPQqpOvZDzAaFscH-ths--5OFb_mudWolfIvgsF-GO5byA8qJd56hLmaxhmua1Q7Eh0RMfeXw1zHiOJM5UL9u-LV-apAcUc9rOF2tEcYJkZPnfkkImoJT_1blKACNOUAZnqcr9d1lf5_56HH8o5IfONsBM4ppcHfVDjwm-6bkAMspk9G9fryLUxH-EgHJ3cA0PaYGZcx_nFsb1ay7Mmr1aPXuiQoN6NNGB-OWq0cMW59kRlflVVQQCCQbMBWHSsyoGwlsWwKSpcrBG-X-0nj5Ezfw3fovHRATYimhz8c6ggrAGCAtGpb2ixkQzVxuep6seJpfvf5KlF1plfAVKxssygngxSxTUszS4fxjYGs_UxoIWNeZOSixTzsLDIW8D4FSXHO2ceyi2TZhCDHjnB07K8-QMzDjemJ8LKnUcvVO22kpKI6cQAJgRWbbr7877lcGk5oJsbsfPDv7XJdc88sFJ3EI_JpFVGDwBkPA94ZME9_lKdaNT6Y30opRss8JjtYK7GVNt_ycEOkz9c7VfdJpe0CW9LMn2OLphLkcy6Nq103-I0zdVUglKQ64DZZTuRIIkC7GbRFs8vgMEm7MvF-nJYskBpWCuqP6RyS_E9Xnetq3rt6uYP4GF8J8PVgC4hHC3mokKskjVgv70fNS2xTyKvZZeV_QmN-SqoCJ4_BMEoyQDtmypB292A0VpNEQFnqJuZpeycJP2h3W4fvvksFChvGKSopA6TXkNJhAQFmOoQpb5e3kdOBdGHGM2TVdVBk1tL7jjyTwl3iO536-vrr06B4qyXP2zgHzjigKM13IbtDIUVhWuU5mu3DqnfnZ60dDTcG9P9DZFpK1sdZuQJprDlj7HON7y4ggSv6g&cid=CAQSPADq26N9tufG-leXgmdLOGrEYOkZaHwwcMmOo7qC_vC_r3hjzrasRVxF3bMkagWKP3XZYKH-YgCKmcwwHBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 19 Nov 2022 04:13:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 04:13:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6E5E
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDitqVcE5F4rjjpet48nKy7ZWkVifvYxhvc_sRT961A9Ag_yUTHQ2UWuxJlNklvE5S5-insoLD4RDblILiDSwywRLaS1Gw_emWDDPilTo3rB3IyiH8p5QujprdCzmguC03EOnu828bnfIWUWtM70MRMn-7EeMhBJlFKyJJGVdFw9EKtd0&dbm_d=AKAmf-DBbznipkqJ1glJE89FgPmXbf7OkXGvN9shJvcciqJ8W_je-hVvZW8qPvz6zhElWBZZ7VYZmEyDZHxPEWJ-i3lOLmEq6j69z9F1NKn3AGqCyHfSn7WdLkMEwpIQEygNHKuIobM_u-_RyB6-wqp8QG5Y8Mhi9jHK9skvnoJfXtLr9VzSS3jMPU5Y9wTsrSsShklXrWgMedhKfUTafsUyzWnLMvwCwFe9B5p5bv2Isi9qn8nX1WMYY_kvsvyohyljbSLDcaLZL2fRkx2gekKyQkwUa1XJFjW1nCWtdDe50EClNYKrOwkDXcZQjxM5roqdwpOT0jg5Rpcab31r8m63GhBsBqeeU-n28hQ_sKFx45b5Akl-2yeyMmxjUPBcZ8yhOs_I7IOOqKPJrn9yIKA9R4zmLOQbl_Htbh4P0RaUizoYRKqmY5_rV7T0AdcwqitoZutNXym5-4jOjTVBOCg_KhOwpkyZhnjcR3SghzsiTL0aKEW2-9_nomBh4PAK_AL0u4mOnLfAG8wMFU2sDns0EA5KeBRHZxBR1RBzu4suyIiuU6THFPmLbCIrqF_Z9MQBLNoxReXzywdhjeztQRVhyyPqxoUXlhLYUWdpOPvkpmb2XjcGaqioa3NcKAO8p5FP310Dn2-SxtsRgfmHUxB-Zyiu9_7Unhytnez08kRfwuAGrbGnneHmJmnYRokxv726ACb-UxMfOnXDPYGspHBnEy_YyCbmQ_ucgwat5RVegREsH84rnYmOIjCbxl2Z_KgvcbKup_81cTVCvnzlwvZC2_fNvr_7HLDyG6vSapb0O9dP-sdBeV83HKK3SJ15KydxJv7_HxEvrL4b2sVvduDzt589q1piDVPYDIaxCUiWKyXw5ysrJ0QdVNVwEKDYlUYBqqG0Tcq1aUx6ebvRbPqxNFn9xZybMMkW9den_dvARwbad2dMR2CFZP1VhMLQKY_vLPRvlPjfiFfx_3ps0VM2O9qga80av8mtqcFpJ02DzK73pe2u_pDSFNL-_b8h-96YEPnppnIn1YAqG1RibgAQeB3I-6pHSsVyR_pkE_RJzBqPILi02NjNQcrjLB1attc1FAeYCiPSW1nI5R6TMQkDyrTJISdA-z7cnPv3IvTVjLgf171s20hrtetBAXDaA212Xw-Ns4ZvhwdkeQMYS3G0TkkNlE_dUZRulor9UZRrEcyDt6HRtx7Co-74Lxt9R3qnDLdszNvGUIHW_yjUk6vsDzk9EragSGR9YjSuwG2tKaJVpe1EcWlLSUriwOi0VF0mMcEtdZlKFJLvG2i9Zme0jHvKgN-aV7vr_dN8git5etd9Daub0c22TR4FdXaiHSBB8pcru4gcYVzpDW19U6sLdJU5RCq0PtRYRm2xq6wxvo5bwHJbE8LcLCSCnwlgxMKSdtq8UZsfYMMJ4wKlRN1sWKkGPPxn-zBYgoNOyfK3DjX75EJ5QCQmcFeDOf6ExpRmSetFBsWuwUy1owWhleaczyK7YOkF-ROGIFw3ySl5QaCffP75tG2PGaJtxDNXdeCTYbkjLR-q69kE83xgcMsWkVEw6uIQKY7rjIjikDR-Q313d-8Ougb8RmQamGMk8-ciZmryeUpw_N8aGoPqupM-6h44gQ33S8Ch8DGaa6Umc8W1ZOde7y0Rm9gxDR5wcZ3zFhb1kq7tSFWJaybJLXQCJ1Vr5qjbM1Jg_Cu6dpJG1EtP4xcZ_cGm_1yj1M-swnNZPuFsdP_DVl5Sf3gEZCGzuypkDLDXR3iaO8UKSvi07a4_R2rmmTa859qw1TdMWKCuXYnoVzPWhtSUavOrPVtDmNcWw68S6RzhWJyR10oG168axSnDRVszwpmP01vPn5qD4Zzd6D1Eity7lm2cz1ac2KSIxbP_xY3IyUGuxVQoDpAFFsxBUFxSMbsPdMh3lt1rP79bWxrPEvxU49R4xjRn3-iNSXg5yYrrGknjis8efXp8iaaNhrAPoDJ1va849SP8g7bgY0gwAqhlXcg1wTH3i6ax3g79K3VVGcLjc0i7tUE3i35Q5j7x_xGNbGi-2LJX223VhEohw_PIVBFagjbxwkGTL7Ndc9Jf2hyuQq0BHvsVJ8NM6E-au3_tOkOAT3IvYCTgyvao_8EtSomCqFHQQuC6ybUZYRvuSEk_9BiW7IlNPzJzfm9ep5LbrQ8vjLGvhuCrrLdhBpfJ098w4UxZ64zPtWKhyWmrQad5fLyMDG8dDyqT1-EucyO3dIqPNy3Xmt5nSnwaLF5pJyq5EfVgXiUOXjuPOWVvrNhJFgTF1XAEmaR12jzj2blrXVhn2dQhpkB1lpkyXariiK_qDeT_-OXlnKqSqH6PqjwJG_Qx1Jxk43iEoEbI9s74PAPQqpOvZDzAaFscH-ths--5OFb_mudWolfIvgsF-GO5byA8qJd56hLmaxhmua1Q7Eh0RMfeXw1zHiOJM5UL9u-LV-apAcUc9rOF2tEcYJkZPnfkkImoJT_1blKACNOUAZnqcr9d1lf5_56HH8o5IfONsBM4ppcHfVDjwm-6bkAMspk9G9fryLUxH-EgHJ3cA0PaYGZcx_nFsb1ay7Mmr1aPXuiQoN6NNGB-OWq0cMW59kRlflVVQQCCQbMBWHSsyoGwlsWwKSpcrBG-X-0nj5Ezfw3fovHRATYimhz8c6ggrAGCAtGpb2ixkQzVxuep6seJpfvf5KlF1plfAVKxssygngxSxTUszS4fxjYGs_UxoIWNeZOSixTzsLDIW8D4FSXHO2ceyi2TZhCDHjnB07K8-QMzDjemJ8LKnUcvVO22kpKI6cQAJgRWbbr7877lcGk5oJsbsfPDv7XJdc88sFJ3EI_JpFVGDwBkPA94ZME9_lKdaNT6Y30opRss8JjtYK7GVNt_ycEOkz9c7VfdJpe0CW9LMn2OLphLkcy6Nq103-I0zdVUglKQ64DZZTuRIIkC7GbRFs8vgMEm7MvF-nJYskBpWCuqP6RyS_E9Xnetq3rt6uYP4GF8J8PVgC4hHC3mokKskjVgv70fNS2xTyKvZZeV_QmN-SqoCJ4_BMEoyQDtmypB292A0VpNEQFnqJuZpeycJP2h3W4fvvksFChvGKSopA6TXkNJhAQFmOoQpb5e3kdOBdGHGM2TVdVBk1tL7jjyTwl3iO536-vrr06B4qyXP2zgHzjigKM13IbtDIUVhWuU5mu3DqnfnZ60dDTcG9P9DZFpK1sdZuQJprDlj7HON7y4ggSv6g&cid=CAQSPADq26N9tufG-leXgmdLOGrEYOkZaHwwcMmOo7qC_vC_r3hjzrasRVxF3bMkagWKP3XZYKH-YgCKmcwwHBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 22:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 22:07:48 GMT
84050525708786424
s0.2mdn.net/simgad/ Frame 6E5E
66 KB
66 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/84050525708786424
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
4aac67f4304d0441add7f66c28f2accad6d43bfff91ef8bbfbc262dc27ecaa0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:33 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67452
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 05:19:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 04:13:33 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 81C9
29 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYyjhuoiAXf5MU9u2KuKvpulry4edL4fx44rr06ka5NX-OF0GaXP-mC4UK7GHrwhbjkdFGp_N0Wfy6AxfN8CKS7CA6DA&cry=1&dbm_d=AKAmf-CmkdHk7XnkuZGIyBrHn_4jWUEi0DmRu2ZwclNSDnb3w6qHIfbiN5fBE716kMF6OVxsO7HmjSzyP21oP1ilDzQOBS7o6JjXnjEenGBf--MivcGNrgDWBjEUwWRLXkzpRscgmo_0KXxFBcIpuGOcDWXWvRlIooc9zF3P4G-_x3aXFVG1M-n7psMOuBxL1EQtdhsbxzql7KB8deUiFmZyNzvsGXYG4rCiJRafSxuDCsY4Xg50ZZ-UdK5ZARLKA_XM1YAuiLORBjRoUc1FGbgMvjIEgcoVxMKO1G7dYJoFJi2YBJRypc2vqt-pf3CtAMfVyj1Vm3Fse6I4sA_d_Jun8jMVOtP_YLLHM9wcCR_HVRhqL_Y9-vam6xBBSphobyYFo9VTHc6j-S1bq7tg-XRitAkfb1cjA89hG0IF_fYzHUpR0wkRDfeZppVNo9riFSw65JbKzz9x_Vp5RMHasfX9CpZfbPp1IhEqZa5Qk0IgPQrpdeSr-z2cUee3NwXATsfptCDLRNgo6nPDalpoDHTlhEwJ3uHBaS9JjpcaLGaY1aVocHfK68shUGmJ4GQaMBJ994vqpMdGlm8OAkkmf6ZqMPbp8jlUEzfdXD7t53ZaY3JegrgXotZZwxVdoTRzCq9DaWAG7hGTHVG-A1M5QtzRnAcJizhwRPXWIP0hM7ADoVJ5L0XGTerQQ4JCDh5gaBYBoVw3g2mBlia2h62UU52HgqPYFYzNyvrtRwUehMjPRsc2rPySqtu5H2IwKC1lKhS5PfLh-Y31fSRgm16KUCeWBgvFiMF1E8mMjFn29EYNtiisHESoypUEVN6Tj_UZKpNIKvzuK7esw4XSiaChVUtisMMBP368AhUqGj8in-wW9ARmWqMYHd6RtmPB6W_qFCP6kaYP5V3pmI-LSt-M-LdxTgNZmolt1T4_N8hDz4Q1tZ34-epOwUngmyIIHfjMpEVFxuS3gU2nsHlkLOCru_AuXS4e9KJfVC0Z-R_X_p_2k96gwym9RLqIVcQmpuequ8Fzl_8mv5MgKGMEuuV__Te3-jbrebFucb1AZgbC4FDLUwp88RYp7TqiMdDmVZSILMZtBPrcApdPjATu13hZSiWSAbL3GO_Ekqtk0Y-m3dxWlFkFxuCRynyxTp9hf9h9QIL1DHgDtWCOy_OeY4fqH17So4qKh_kyjW8WFkCLqsIuyYKo9fpLzbCbDAValV5vAXRtGSAWkfiV9hTQJXtg1TGh4joWZGmXKN8Alc7QzTJmo_Uni6yxNODIOZNOzSUOCtp2mCnCTSj8r9xxAxh_rynbrXpuBZ2jIVilJZ0VvSjYfoB7BI6X5gdUlph-YKjo70LrxR6N967dsXPBKC_y1stYjxoJInNO-eZVaHmlEzWiBhBdmC-ViLmowCady5N-cR2gveldNyulzdAOPyFUULGj_3rPmuc5hBltAK9i0psnPJnnLgtvwWRpOV6Guc367KiMyXVuQQc09JoeGYretrShXpRjdA-Oz7j0NJIJz6YCp9xRhTMkBEHCiZKm_XH4cYmLe9zTiQ94nugmHKdVnR9zPCuwy8juO6bGubanMP9zPZKRJSsqVzNC8SkXm9cQ6o4U4_flbZeesxesyuOnTtE4xAwhenRHTravN2t5J-1QFQEHIsDX8dj5w0w9VCYq_WeG6yD0lnH_OhpOHLAnLwgS4Ku23GZBYpdhaW9pOGeO2h79Mbx9jgrmGcw5z_c1gHzO-l_x_bsn2Amy86vsvQy_WyvE9GOowf955ErxUwtoinN6fWwLkU2IkpGnOMpHBqkSo_032AIj2ZZCnaTGiU1fsjkY3Rua_MR_cE3SsfKbMcY1WcnD2fCrIuAvJy_fR2ZK8lIiq3euHl2Gcg-2QQV5bvlo-NZPi1CwsMD3dc2c-CASuuWJ8HIqctgvgVSBul7Fc3gyIDKLoBJraxWgagaW7KQySaFSvyZn9iOQVBVrhomUOOIXCSQD5c3cBdC3ItMOVsoprxhJME2PzVn1uzcGnG5g4l5lulc1HltvjzqXVLTgq6flNco4D5z2j8ZI27b7hntTAW9eUawRhcOQO7p0YuGYGYhjndhQCLpIqIJ2su_fx5d5SwZTH9MQ1fdZwP-q058-A_8r9PErQ-mAkbKuS_5rGM6_nCrPf9ptoTlWVRL2TeZRHhEjJeg4_smG-9RbRXCIe_b_2JI5ztGnrzugTtVZ-SqXU5RJqiB1Z6QR5uuHCehNgjEeg1sTMX47u7EdDQaDAkfNEVgpoM97z60W01nWLBctwhhhGbdVJicxyQ6rxT90xzM7-SJgd1T7XLOldZjUrHvsViMlxdzY_nd4IkhRwLm2CFErk8dUz8MvtDy-cuV11Zz-WL4Txjc6H7Bb2ZfGHUFcu8HHQKU0RMe5OdykDiVluwwpR6CNz7T6r5u_fNvcGIdpNpE2LFwmmf9ew36KkHX6_3I-FsXcgNeN_Xnv9fbi7-9Gl9lUUVuSdmJ0eN8Bi6XAEI9r6Ac-T6W8WcMH3WcdBcyiyaW9fW04t5gEl9OupSGpGEb_OI2Qobg9I0olfMlm3JNpVWlvZAWTCuUJ5154FioQzVDUKBtpfCK_mQcFP4vjvDpLfSa2f0AM3h2SI7ARvdcTePySAxxRlKSpYKFCDwRFjZKqr8Zu3rifo3rzvb56vqIzU4elTfNl5lVhgqngYK4At80Pjf7QSfPu3pOfNI6DDSUTwmPMIIj6R61eHz5wmb7ubrB3nCXPR8wioRI5-DhEV8iTBaM1IdYzdT0EUGTFcHzYDC31jpNGS9IPFxCLtcV2Zz5U27AYX3LdWYFMoTBgH3gfoOqtIIXE0ABN2nVtEHCiHVyxxwou0VV0r7z2v4hW9bsiXRTCjFrE-E91wlgPpPflJL6mAnnegfv6S2EPSBoCXQG7fuFET19uy7MFWzprdiw1im2mrHCv-YYMYxJUQ6qLmNupgm13iAQGOQeR8sS8ovIhCNz-m2fHhFSRuvKtZ_f-Pgl7bT9sMDVn8SnlmrBkBO1eHqO49XPkNy_jbI2b8PWDHCG-HCESVmTPeATgdDMs8O02F-wBYKt-u3g20sc79F1Npq7l0PTJZqBI8hn_21XiGly2YixQ2e05KEqSocxF5kOJpZTTUOpT6cS7cN8zEk9MjqlY_1yxDg1863DilgpRXVSEBdsYl026nW_8Mffq6YY0NkTUB_5iytY_OBCHWkZa7iW6tJmnjnhr2xJgYmcM6zR20S_3pLnCq-CRRC9EirWGHADwY8zoSrplavoozaj4Jfqsb8ZzVKaYTDXpXxJtrT6XnQuyEpxBTiLSaFsit9Gq9B1cygVziviw-myznrlYDc_knijeZjXu6sdZsJnpx60wSRvCmxoZVWj2DPW77GkaUd3zOKqwdV_zan2IgvlC9rrqQ18H&cid=CAQSPADq26N9tufG-leXgmdLOGrEYOkZaHwwcMmOo7qC_vC_r3hjzrasRVxF3bMkagWKP3XZYKH-YgCKmcwwHBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
42533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:24:40 GMT
6797043039012255111
s0.2mdn.net/simgad/ Frame 81C9
41 KB
42 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/6797043039012255111
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYyjhuoiAXf5MU9u2KuKvpulry4edL4fx44rr06ka5NX-OF0GaXP-mC4UK7GHrwhbjkdFGp_N0Wfy6AxfN8CKS7CA6DA&cry=1&dbm_d=AKAmf-CmkdHk7XnkuZGIyBrHn_4jWUEi0DmRu2ZwclNSDnb3w6qHIfbiN5fBE716kMF6OVxsO7HmjSzyP21oP1ilDzQOBS7o6JjXnjEenGBf--MivcGNrgDWBjEUwWRLXkzpRscgmo_0KXxFBcIpuGOcDWXWvRlIooc9zF3P4G-_x3aXFVG1M-n7psMOuBxL1EQtdhsbxzql7KB8deUiFmZyNzvsGXYG4rCiJRafSxuDCsY4Xg50ZZ-UdK5ZARLKA_XM1YAuiLORBjRoUc1FGbgMvjIEgcoVxMKO1G7dYJoFJi2YBJRypc2vqt-pf3CtAMfVyj1Vm3Fse6I4sA_d_Jun8jMVOtP_YLLHM9wcCR_HVRhqL_Y9-vam6xBBSphobyYFo9VTHc6j-S1bq7tg-XRitAkfb1cjA89hG0IF_fYzHUpR0wkRDfeZppVNo9riFSw65JbKzz9x_Vp5RMHasfX9CpZfbPp1IhEqZa5Qk0IgPQrpdeSr-z2cUee3NwXATsfptCDLRNgo6nPDalpoDHTlhEwJ3uHBaS9JjpcaLGaY1aVocHfK68shUGmJ4GQaMBJ994vqpMdGlm8OAkkmf6ZqMPbp8jlUEzfdXD7t53ZaY3JegrgXotZZwxVdoTRzCq9DaWAG7hGTHVG-A1M5QtzRnAcJizhwRPXWIP0hM7ADoVJ5L0XGTerQQ4JCDh5gaBYBoVw3g2mBlia2h62UU52HgqPYFYzNyvrtRwUehMjPRsc2rPySqtu5H2IwKC1lKhS5PfLh-Y31fSRgm16KUCeWBgvFiMF1E8mMjFn29EYNtiisHESoypUEVN6Tj_UZKpNIKvzuK7esw4XSiaChVUtisMMBP368AhUqGj8in-wW9ARmWqMYHd6RtmPB6W_qFCP6kaYP5V3pmI-LSt-M-LdxTgNZmolt1T4_N8hDz4Q1tZ34-epOwUngmyIIHfjMpEVFxuS3gU2nsHlkLOCru_AuXS4e9KJfVC0Z-R_X_p_2k96gwym9RLqIVcQmpuequ8Fzl_8mv5MgKGMEuuV__Te3-jbrebFucb1AZgbC4FDLUwp88RYp7TqiMdDmVZSILMZtBPrcApdPjATu13hZSiWSAbL3GO_Ekqtk0Y-m3dxWlFkFxuCRynyxTp9hf9h9QIL1DHgDtWCOy_OeY4fqH17So4qKh_kyjW8WFkCLqsIuyYKo9fpLzbCbDAValV5vAXRtGSAWkfiV9hTQJXtg1TGh4joWZGmXKN8Alc7QzTJmo_Uni6yxNODIOZNOzSUOCtp2mCnCTSj8r9xxAxh_rynbrXpuBZ2jIVilJZ0VvSjYfoB7BI6X5gdUlph-YKjo70LrxR6N967dsXPBKC_y1stYjxoJInNO-eZVaHmlEzWiBhBdmC-ViLmowCady5N-cR2gveldNyulzdAOPyFUULGj_3rPmuc5hBltAK9i0psnPJnnLgtvwWRpOV6Guc367KiMyXVuQQc09JoeGYretrShXpRjdA-Oz7j0NJIJz6YCp9xRhTMkBEHCiZKm_XH4cYmLe9zTiQ94nugmHKdVnR9zPCuwy8juO6bGubanMP9zPZKRJSsqVzNC8SkXm9cQ6o4U4_flbZeesxesyuOnTtE4xAwhenRHTravN2t5J-1QFQEHIsDX8dj5w0w9VCYq_WeG6yD0lnH_OhpOHLAnLwgS4Ku23GZBYpdhaW9pOGeO2h79Mbx9jgrmGcw5z_c1gHzO-l_x_bsn2Amy86vsvQy_WyvE9GOowf955ErxUwtoinN6fWwLkU2IkpGnOMpHBqkSo_032AIj2ZZCnaTGiU1fsjkY3Rua_MR_cE3SsfKbMcY1WcnD2fCrIuAvJy_fR2ZK8lIiq3euHl2Gcg-2QQV5bvlo-NZPi1CwsMD3dc2c-CASuuWJ8HIqctgvgVSBul7Fc3gyIDKLoBJraxWgagaW7KQySaFSvyZn9iOQVBVrhomUOOIXCSQD5c3cBdC3ItMOVsoprxhJME2PzVn1uzcGnG5g4l5lulc1HltvjzqXVLTgq6flNco4D5z2j8ZI27b7hntTAW9eUawRhcOQO7p0YuGYGYhjndhQCLpIqIJ2su_fx5d5SwZTH9MQ1fdZwP-q058-A_8r9PErQ-mAkbKuS_5rGM6_nCrPf9ptoTlWVRL2TeZRHhEjJeg4_smG-9RbRXCIe_b_2JI5ztGnrzugTtVZ-SqXU5RJqiB1Z6QR5uuHCehNgjEeg1sTMX47u7EdDQaDAkfNEVgpoM97z60W01nWLBctwhhhGbdVJicxyQ6rxT90xzM7-SJgd1T7XLOldZjUrHvsViMlxdzY_nd4IkhRwLm2CFErk8dUz8MvtDy-cuV11Zz-WL4Txjc6H7Bb2ZfGHUFcu8HHQKU0RMe5OdykDiVluwwpR6CNz7T6r5u_fNvcGIdpNpE2LFwmmf9ew36KkHX6_3I-FsXcgNeN_Xnv9fbi7-9Gl9lUUVuSdmJ0eN8Bi6XAEI9r6Ac-T6W8WcMH3WcdBcyiyaW9fW04t5gEl9OupSGpGEb_OI2Qobg9I0olfMlm3JNpVWlvZAWTCuUJ5154FioQzVDUKBtpfCK_mQcFP4vjvDpLfSa2f0AM3h2SI7ARvdcTePySAxxRlKSpYKFCDwRFjZKqr8Zu3rifo3rzvb56vqIzU4elTfNl5lVhgqngYK4At80Pjf7QSfPu3pOfNI6DDSUTwmPMIIj6R61eHz5wmb7ubrB3nCXPR8wioRI5-DhEV8iTBaM1IdYzdT0EUGTFcHzYDC31jpNGS9IPFxCLtcV2Zz5U27AYX3LdWYFMoTBgH3gfoOqtIIXE0ABN2nVtEHCiHVyxxwou0VV0r7z2v4hW9bsiXRTCjFrE-E91wlgPpPflJL6mAnnegfv6S2EPSBoCXQG7fuFET19uy7MFWzprdiw1im2mrHCv-YYMYxJUQ6qLmNupgm13iAQGOQeR8sS8ovIhCNz-m2fHhFSRuvKtZ_f-Pgl7bT9sMDVn8SnlmrBkBO1eHqO49XPkNy_jbI2b8PWDHCG-HCESVmTPeATgdDMs8O02F-wBYKt-u3g20sc79F1Npq7l0PTJZqBI8hn_21XiGly2YixQ2e05KEqSocxF5kOJpZTTUOpT6cS7cN8zEk9MjqlY_1yxDg1863DilgpRXVSEBdsYl026nW_8Mffq6YY0NkTUB_5iytY_OBCHWkZa7iW6tJmnjnhr2xJgYmcM6zR20S_3pLnCq-CRRC9EirWGHADwY8zoSrplavoozaj4Jfqsb8ZzVKaYTDXpXxJtrT6XnQuyEpxBTiLSaFsit9Gq9B1cygVziviw-myznrlYDc_knijeZjXu6sdZsJnpx60wSRvCmxoZVWj2DPW77GkaUd3zOKqwdV_zan2IgvlC9rrqQ18H&cid=CAQSPADq26N9tufG-leXgmdLOGrEYOkZaHwwcMmOo7qC_vC_r3hjzrasRVxF3bMkagWKP3XZYKH-YgCKmcwwHBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
f7f753fe067b9f7d47c45d93c2b7751af28bcce6cdc8b3263fbc274e3e92f582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 23:02:43 GMT
x-content-type-options
nosniff
age
18650
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42212
x-xss-protection
0
last-modified
Tue, 03 May 2022 00:30:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 23:02:43 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 81C9
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYyjhuoiAXf5MU9u2KuKvpulry4edL4fx44rr06ka5NX-OF0GaXP-mC4UK7GHrwhbjkdFGp_N0Wfy6AxfN8CKS7CA6DA&cry=1&dbm_d=AKAmf-CmkdHk7XnkuZGIyBrHn_4jWUEi0DmRu2ZwclNSDnb3w6qHIfbiN5fBE716kMF6OVxsO7HmjSzyP21oP1ilDzQOBS7o6JjXnjEenGBf--MivcGNrgDWBjEUwWRLXkzpRscgmo_0KXxFBcIpuGOcDWXWvRlIooc9zF3P4G-_x3aXFVG1M-n7psMOuBxL1EQtdhsbxzql7KB8deUiFmZyNzvsGXYG4rCiJRafSxuDCsY4Xg50ZZ-UdK5ZARLKA_XM1YAuiLORBjRoUc1FGbgMvjIEgcoVxMKO1G7dYJoFJi2YBJRypc2vqt-pf3CtAMfVyj1Vm3Fse6I4sA_d_Jun8jMVOtP_YLLHM9wcCR_HVRhqL_Y9-vam6xBBSphobyYFo9VTHc6j-S1bq7tg-XRitAkfb1cjA89hG0IF_fYzHUpR0wkRDfeZppVNo9riFSw65JbKzz9x_Vp5RMHasfX9CpZfbPp1IhEqZa5Qk0IgPQrpdeSr-z2cUee3NwXATsfptCDLRNgo6nPDalpoDHTlhEwJ3uHBaS9JjpcaLGaY1aVocHfK68shUGmJ4GQaMBJ994vqpMdGlm8OAkkmf6ZqMPbp8jlUEzfdXD7t53ZaY3JegrgXotZZwxVdoTRzCq9DaWAG7hGTHVG-A1M5QtzRnAcJizhwRPXWIP0hM7ADoVJ5L0XGTerQQ4JCDh5gaBYBoVw3g2mBlia2h62UU52HgqPYFYzNyvrtRwUehMjPRsc2rPySqtu5H2IwKC1lKhS5PfLh-Y31fSRgm16KUCeWBgvFiMF1E8mMjFn29EYNtiisHESoypUEVN6Tj_UZKpNIKvzuK7esw4XSiaChVUtisMMBP368AhUqGj8in-wW9ARmWqMYHd6RtmPB6W_qFCP6kaYP5V3pmI-LSt-M-LdxTgNZmolt1T4_N8hDz4Q1tZ34-epOwUngmyIIHfjMpEVFxuS3gU2nsHlkLOCru_AuXS4e9KJfVC0Z-R_X_p_2k96gwym9RLqIVcQmpuequ8Fzl_8mv5MgKGMEuuV__Te3-jbrebFucb1AZgbC4FDLUwp88RYp7TqiMdDmVZSILMZtBPrcApdPjATu13hZSiWSAbL3GO_Ekqtk0Y-m3dxWlFkFxuCRynyxTp9hf9h9QIL1DHgDtWCOy_OeY4fqH17So4qKh_kyjW8WFkCLqsIuyYKo9fpLzbCbDAValV5vAXRtGSAWkfiV9hTQJXtg1TGh4joWZGmXKN8Alc7QzTJmo_Uni6yxNODIOZNOzSUOCtp2mCnCTSj8r9xxAxh_rynbrXpuBZ2jIVilJZ0VvSjYfoB7BI6X5gdUlph-YKjo70LrxR6N967dsXPBKC_y1stYjxoJInNO-eZVaHmlEzWiBhBdmC-ViLmowCady5N-cR2gveldNyulzdAOPyFUULGj_3rPmuc5hBltAK9i0psnPJnnLgtvwWRpOV6Guc367KiMyXVuQQc09JoeGYretrShXpRjdA-Oz7j0NJIJz6YCp9xRhTMkBEHCiZKm_XH4cYmLe9zTiQ94nugmHKdVnR9zPCuwy8juO6bGubanMP9zPZKRJSsqVzNC8SkXm9cQ6o4U4_flbZeesxesyuOnTtE4xAwhenRHTravN2t5J-1QFQEHIsDX8dj5w0w9VCYq_WeG6yD0lnH_OhpOHLAnLwgS4Ku23GZBYpdhaW9pOGeO2h79Mbx9jgrmGcw5z_c1gHzO-l_x_bsn2Amy86vsvQy_WyvE9GOowf955ErxUwtoinN6fWwLkU2IkpGnOMpHBqkSo_032AIj2ZZCnaTGiU1fsjkY3Rua_MR_cE3SsfKbMcY1WcnD2fCrIuAvJy_fR2ZK8lIiq3euHl2Gcg-2QQV5bvlo-NZPi1CwsMD3dc2c-CASuuWJ8HIqctgvgVSBul7Fc3gyIDKLoBJraxWgagaW7KQySaFSvyZn9iOQVBVrhomUOOIXCSQD5c3cBdC3ItMOVsoprxhJME2PzVn1uzcGnG5g4l5lulc1HltvjzqXVLTgq6flNco4D5z2j8ZI27b7hntTAW9eUawRhcOQO7p0YuGYGYhjndhQCLpIqIJ2su_fx5d5SwZTH9MQ1fdZwP-q058-A_8r9PErQ-mAkbKuS_5rGM6_nCrPf9ptoTlWVRL2TeZRHhEjJeg4_smG-9RbRXCIe_b_2JI5ztGnrzugTtVZ-SqXU5RJqiB1Z6QR5uuHCehNgjEeg1sTMX47u7EdDQaDAkfNEVgpoM97z60W01nWLBctwhhhGbdVJicxyQ6rxT90xzM7-SJgd1T7XLOldZjUrHvsViMlxdzY_nd4IkhRwLm2CFErk8dUz8MvtDy-cuV11Zz-WL4Txjc6H7Bb2ZfGHUFcu8HHQKU0RMe5OdykDiVluwwpR6CNz7T6r5u_fNvcGIdpNpE2LFwmmf9ew36KkHX6_3I-FsXcgNeN_Xnv9fbi7-9Gl9lUUVuSdmJ0eN8Bi6XAEI9r6Ac-T6W8WcMH3WcdBcyiyaW9fW04t5gEl9OupSGpGEb_OI2Qobg9I0olfMlm3JNpVWlvZAWTCuUJ5154FioQzVDUKBtpfCK_mQcFP4vjvDpLfSa2f0AM3h2SI7ARvdcTePySAxxRlKSpYKFCDwRFjZKqr8Zu3rifo3rzvb56vqIzU4elTfNl5lVhgqngYK4At80Pjf7QSfPu3pOfNI6DDSUTwmPMIIj6R61eHz5wmb7ubrB3nCXPR8wioRI5-DhEV8iTBaM1IdYzdT0EUGTFcHzYDC31jpNGS9IPFxCLtcV2Zz5U27AYX3LdWYFMoTBgH3gfoOqtIIXE0ABN2nVtEHCiHVyxxwou0VV0r7z2v4hW9bsiXRTCjFrE-E91wlgPpPflJL6mAnnegfv6S2EPSBoCXQG7fuFET19uy7MFWzprdiw1im2mrHCv-YYMYxJUQ6qLmNupgm13iAQGOQeR8sS8ovIhCNz-m2fHhFSRuvKtZ_f-Pgl7bT9sMDVn8SnlmrBkBO1eHqO49XPkNy_jbI2b8PWDHCG-HCESVmTPeATgdDMs8O02F-wBYKt-u3g20sc79F1Npq7l0PTJZqBI8hn_21XiGly2YixQ2e05KEqSocxF5kOJpZTTUOpT6cS7cN8zEk9MjqlY_1yxDg1863DilgpRXVSEBdsYl026nW_8Mffq6YY0NkTUB_5iytY_OBCHWkZa7iW6tJmnjnhr2xJgYmcM6zR20S_3pLnCq-CRRC9EirWGHADwY8zoSrplavoozaj4Jfqsb8ZzVKaYTDXpXxJtrT6XnQuyEpxBTiLSaFsit9Gq9B1cygVziviw-myznrlYDc_knijeZjXu6sdZsJnpx60wSRvCmxoZVWj2DPW77GkaUd3zOKqwdV_zan2IgvlC9rrqQ18H&cid=CAQSPADq26N9tufG-leXgmdLOGrEYOkZaHwwcMmOo7qC_vC_r3hjzrasRVxF3bMkagWKP3XZYKH-YgCKmcwwHBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
42533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:24:40 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 81C9
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCvdYx0vZOQdiupxmWp5uBOPLR00mw5Kuy1r7NNruhE-fTbforYsGnClV3zrvhBI0oSk-4yU4L_vXZlf2MqRlFNoFixxFMgD4T3F6iTzmhY3XIzpWHuP_g8_SDYHDUhXa7TrXSPYypeLfEUktlJauEL5XXkUCitJXzZTqkKsF8EpWObui71-DvES8-nc4L6rK1ernH9GoKxeiy64eFpokVM6B0_4lZouWPanjR79x2XQ6jMQzJ_Nza0GNjUlULMUrsx-lmtA3LaV7CQqdU1RwXPZkR1JY9I1blXKr6du6w9Kk0eBUojit3LdCnGt7adjwzamA92RQ3aA83Eao8Pw3It6l9YP-Yo0FNkuIAFgPs9orPFM8d9X2ghQOCphTd2O-CJ51FMlGEDYbjc4dJobD-n-u-A7gWXB6LlbZK-CYgaS_FaVA1oVCdIqGZzIloYLsNZoVALpDRa7ZozHXGrV2wV-hFGDGe9l1Z_QBXYwMBUN8p23D8SSXcN68k9tZpKAhsYMwCYCTF3Mkfr5BK69mwUvgNPPbR7W8MiOPs7DdyTHv_0S9h-i6bZ-zwXA6dK03VpmYTMIivGgiVflGG9H0lCM1RuPacGAf5mdulgHooj15GEOpTJnxIh27GYwnayviM4nX5z2Rrf8BsOkrFRBo5SfwZ9QFs7SYXx6mqeIZS0K71OfbZi3vwlZ7uzjLb5ZqlTE9puz0QXY2aqyneMRdzmyfqbjqiC58ub9zcpdrFrkEMbr31NLlG6XBH4xO3OYzerAbbo0tYNRivonC_29n2QmXZJpHLB6VPoYCdiWvYot2ItAiss0DchoSFkhYNJFnrMeH5AKM5l5RtnzLloYhCT4AYK_M2oPDFa-sTbKoGCMF3Ge_YoLtCsF2MbKwGZLKfNN00AoZJKpP26mgsJmyogmowPtvrCpVYauFpktOq-stogvv7YWLOmzYW_z8omOM7RrpC3j4ukUuYNrm6BpcL2W_KjMk_8RDQ3FvKe8vOblXR7pQzin4lglPxC32MEHqSQ6RkMXNnxmCQjssw5YSaZPVuhCvk2BwUwdTtGTXCXErDl3c0nubAPh-AlsGA6tNh2BIWhcsps0eWfWx6XUS6cucc4stiZzbNS24Ri2KyFZaQ5iT1baNjUv88aKxkvBK-YTJYsXPGH9FpOC16IrnMMkxgiSA5db4NS4JakUmjSRR3HsJYKqkRuFvdFuFwk1veEzps6cqrqu1KIhMbkqebrtBcdkNWH5t2YYZYFuaF1Mnbuoma-Skm8gaVw3cE7BqlpYnTVkfN-ZPYGLHz5SLLP_cWlSY&sai=AMfl-YSIRQwAUaJCiMY2peE9AKhf3uqNOB-CADF6fGNTzrf9j3QLQDcQWwv1KMCxcQHcjt3mkUlMBzbJKOx_WVFQYKfgBUVZ0-q18DGhqzAER922D1wDNoS0_rhYzfYLlVRFmPVgJEH7dKcEALY2WEqD3JTXMZ4BbAsZxaMNVemgFPr0bP-HmPHYXpxuzPfNdzrzjJJP7VyFcmH20BnHdXmeGY17MLqKK-Y_Rorjy4sHfU0ngO_g_Y99DsgIZOw_2coitEwO0HA8MwRzHw&sig=Cg0ArKJSzBx3YKmfiXxCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.83756&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYyjhuoiAXf5MU9u2KuKvpulry4edL4fx44rr06ka5NX-OF0GaXP-mC4UK7GHrwhbjkdFGp_N0Wfy6AxfN8CKS7CA6DA&cry=1&dbm_d=AKAmf-CmkdHk7XnkuZGIyBrHn_4jWUEi0DmRu2ZwclNSDnb3w6qHIfbiN5fBE716kMF6OVxsO7HmjSzyP21oP1ilDzQOBS7o6JjXnjEenGBf--MivcGNrgDWBjEUwWRLXkzpRscgmo_0KXxFBcIpuGOcDWXWvRlIooc9zF3P4G-_x3aXFVG1M-n7psMOuBxL1EQtdhsbxzql7KB8deUiFmZyNzvsGXYG4rCiJRafSxuDCsY4Xg50ZZ-UdK5ZARLKA_XM1YAuiLORBjRoUc1FGbgMvjIEgcoVxMKO1G7dYJoFJi2YBJRypc2vqt-pf3CtAMfVyj1Vm3Fse6I4sA_d_Jun8jMVOtP_YLLHM9wcCR_HVRhqL_Y9-vam6xBBSphobyYFo9VTHc6j-S1bq7tg-XRitAkfb1cjA89hG0IF_fYzHUpR0wkRDfeZppVNo9riFSw65JbKzz9x_Vp5RMHasfX9CpZfbPp1IhEqZa5Qk0IgPQrpdeSr-z2cUee3NwXATsfptCDLRNgo6nPDalpoDHTlhEwJ3uHBaS9JjpcaLGaY1aVocHfK68shUGmJ4GQaMBJ994vqpMdGlm8OAkkmf6ZqMPbp8jlUEzfdXD7t53ZaY3JegrgXotZZwxVdoTRzCq9DaWAG7hGTHVG-A1M5QtzRnAcJizhwRPXWIP0hM7ADoVJ5L0XGTerQQ4JCDh5gaBYBoVw3g2mBlia2h62UU52HgqPYFYzNyvrtRwUehMjPRsc2rPySqtu5H2IwKC1lKhS5PfLh-Y31fSRgm16KUCeWBgvFiMF1E8mMjFn29EYNtiisHESoypUEVN6Tj_UZKpNIKvzuK7esw4XSiaChVUtisMMBP368AhUqGj8in-wW9ARmWqMYHd6RtmPB6W_qFCP6kaYP5V3pmI-LSt-M-LdxTgNZmolt1T4_N8hDz4Q1tZ34-epOwUngmyIIHfjMpEVFxuS3gU2nsHlkLOCru_AuXS4e9KJfVC0Z-R_X_p_2k96gwym9RLqIVcQmpuequ8Fzl_8mv5MgKGMEuuV__Te3-jbrebFucb1AZgbC4FDLUwp88RYp7TqiMdDmVZSILMZtBPrcApdPjATu13hZSiWSAbL3GO_Ekqtk0Y-m3dxWlFkFxuCRynyxTp9hf9h9QIL1DHgDtWCOy_OeY4fqH17So4qKh_kyjW8WFkCLqsIuyYKo9fpLzbCbDAValV5vAXRtGSAWkfiV9hTQJXtg1TGh4joWZGmXKN8Alc7QzTJmo_Uni6yxNODIOZNOzSUOCtp2mCnCTSj8r9xxAxh_rynbrXpuBZ2jIVilJZ0VvSjYfoB7BI6X5gdUlph-YKjo70LrxR6N967dsXPBKC_y1stYjxoJInNO-eZVaHmlEzWiBhBdmC-ViLmowCady5N-cR2gveldNyulzdAOPyFUULGj_3rPmuc5hBltAK9i0psnPJnnLgtvwWRpOV6Guc367KiMyXVuQQc09JoeGYretrShXpRjdA-Oz7j0NJIJz6YCp9xRhTMkBEHCiZKm_XH4cYmLe9zTiQ94nugmHKdVnR9zPCuwy8juO6bGubanMP9zPZKRJSsqVzNC8SkXm9cQ6o4U4_flbZeesxesyuOnTtE4xAwhenRHTravN2t5J-1QFQEHIsDX8dj5w0w9VCYq_WeG6yD0lnH_OhpOHLAnLwgS4Ku23GZBYpdhaW9pOGeO2h79Mbx9jgrmGcw5z_c1gHzO-l_x_bsn2Amy86vsvQy_WyvE9GOowf955ErxUwtoinN6fWwLkU2IkpGnOMpHBqkSo_032AIj2ZZCnaTGiU1fsjkY3Rua_MR_cE3SsfKbMcY1WcnD2fCrIuAvJy_fR2ZK8lIiq3euHl2Gcg-2QQV5bvlo-NZPi1CwsMD3dc2c-CASuuWJ8HIqctgvgVSBul7Fc3gyIDKLoBJraxWgagaW7KQySaFSvyZn9iOQVBVrhomUOOIXCSQD5c3cBdC3ItMOVsoprxhJME2PzVn1uzcGnG5g4l5lulc1HltvjzqXVLTgq6flNco4D5z2j8ZI27b7hntTAW9eUawRhcOQO7p0YuGYGYhjndhQCLpIqIJ2su_fx5d5SwZTH9MQ1fdZwP-q058-A_8r9PErQ-mAkbKuS_5rGM6_nCrPf9ptoTlWVRL2TeZRHhEjJeg4_smG-9RbRXCIe_b_2JI5ztGnrzugTtVZ-SqXU5RJqiB1Z6QR5uuHCehNgjEeg1sTMX47u7EdDQaDAkfNEVgpoM97z60W01nWLBctwhhhGbdVJicxyQ6rxT90xzM7-SJgd1T7XLOldZjUrHvsViMlxdzY_nd4IkhRwLm2CFErk8dUz8MvtDy-cuV11Zz-WL4Txjc6H7Bb2ZfGHUFcu8HHQKU0RMe5OdykDiVluwwpR6CNz7T6r5u_fNvcGIdpNpE2LFwmmf9ew36KkHX6_3I-FsXcgNeN_Xnv9fbi7-9Gl9lUUVuSdmJ0eN8Bi6XAEI9r6Ac-T6W8WcMH3WcdBcyiyaW9fW04t5gEl9OupSGpGEb_OI2Qobg9I0olfMlm3JNpVWlvZAWTCuUJ5154FioQzVDUKBtpfCK_mQcFP4vjvDpLfSa2f0AM3h2SI7ARvdcTePySAxxRlKSpYKFCDwRFjZKqr8Zu3rifo3rzvb56vqIzU4elTfNl5lVhgqngYK4At80Pjf7QSfPu3pOfNI6DDSUTwmPMIIj6R61eHz5wmb7ubrB3nCXPR8wioRI5-DhEV8iTBaM1IdYzdT0EUGTFcHzYDC31jpNGS9IPFxCLtcV2Zz5U27AYX3LdWYFMoTBgH3gfoOqtIIXE0ABN2nVtEHCiHVyxxwou0VV0r7z2v4hW9bsiXRTCjFrE-E91wlgPpPflJL6mAnnegfv6S2EPSBoCXQG7fuFET19uy7MFWzprdiw1im2mrHCv-YYMYxJUQ6qLmNupgm13iAQGOQeR8sS8ovIhCNz-m2fHhFSRuvKtZ_f-Pgl7bT9sMDVn8SnlmrBkBO1eHqO49XPkNy_jbI2b8PWDHCG-HCESVmTPeATgdDMs8O02F-wBYKt-u3g20sc79F1Npq7l0PTJZqBI8hn_21XiGly2YixQ2e05KEqSocxF5kOJpZTTUOpT6cS7cN8zEk9MjqlY_1yxDg1863DilgpRXVSEBdsYl026nW_8Mffq6YY0NkTUB_5iytY_OBCHWkZa7iW6tJmnjnhr2xJgYmcM6zR20S_3pLnCq-CRRC9EirWGHADwY8zoSrplavoozaj4Jfqsb8ZzVKaYTDXpXxJtrT6XnQuyEpxBTiLSaFsit9Gq9B1cygVziviw-myznrlYDc_knijeZjXu6sdZsJnpx60wSRvCmxoZVWj2DPW77GkaUd3zOKqwdV_zan2IgvlC9rrqQ18H&cid=CAQSPADq26N9tufG-leXgmdLOGrEYOkZaHwwcMmOo7qC_vC_r3hjzrasRVxF3bMkagWKP3XZYKH-YgCKmcwwHBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 19 Nov 2022 04:13:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 04:13:33 GMT
jload
pixel.adsafeprotected.com/ Frame 81C9
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=929007&advId=10623137&campId=27350338&pubId=6657124&chanId=170679895&placementId=335483598
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYyjhuoiAXf5MU9u2KuKvpulry4edL4fx44rr06ka5NX-OF0GaXP-mC4UK7GHrwhbjkdFGp_N0Wfy6AxfN8CKS7CA6DA&cry=1&dbm_d=AKAmf-CmkdHk7XnkuZGIyBrHn_4jWUEi0DmRu2ZwclNSDnb3w6qHIfbiN5fBE716kMF6OVxsO7HmjSzyP21oP1ilDzQOBS7o6JjXnjEenGBf--MivcGNrgDWBjEUwWRLXkzpRscgmo_0KXxFBcIpuGOcDWXWvRlIooc9zF3P4G-_x3aXFVG1M-n7psMOuBxL1EQtdhsbxzql7KB8deUiFmZyNzvsGXYG4rCiJRafSxuDCsY4Xg50ZZ-UdK5ZARLKA_XM1YAuiLORBjRoUc1FGbgMvjIEgcoVxMKO1G7dYJoFJi2YBJRypc2vqt-pf3CtAMfVyj1Vm3Fse6I4sA_d_Jun8jMVOtP_YLLHM9wcCR_HVRhqL_Y9-vam6xBBSphobyYFo9VTHc6j-S1bq7tg-XRitAkfb1cjA89hG0IF_fYzHUpR0wkRDfeZppVNo9riFSw65JbKzz9x_Vp5RMHasfX9CpZfbPp1IhEqZa5Qk0IgPQrpdeSr-z2cUee3NwXATsfptCDLRNgo6nPDalpoDHTlhEwJ3uHBaS9JjpcaLGaY1aVocHfK68shUGmJ4GQaMBJ994vqpMdGlm8OAkkmf6ZqMPbp8jlUEzfdXD7t53ZaY3JegrgXotZZwxVdoTRzCq9DaWAG7hGTHVG-A1M5QtzRnAcJizhwRPXWIP0hM7ADoVJ5L0XGTerQQ4JCDh5gaBYBoVw3g2mBlia2h62UU52HgqPYFYzNyvrtRwUehMjPRsc2rPySqtu5H2IwKC1lKhS5PfLh-Y31fSRgm16KUCeWBgvFiMF1E8mMjFn29EYNtiisHESoypUEVN6Tj_UZKpNIKvzuK7esw4XSiaChVUtisMMBP368AhUqGj8in-wW9ARmWqMYHd6RtmPB6W_qFCP6kaYP5V3pmI-LSt-M-LdxTgNZmolt1T4_N8hDz4Q1tZ34-epOwUngmyIIHfjMpEVFxuS3gU2nsHlkLOCru_AuXS4e9KJfVC0Z-R_X_p_2k96gwym9RLqIVcQmpuequ8Fzl_8mv5MgKGMEuuV__Te3-jbrebFucb1AZgbC4FDLUwp88RYp7TqiMdDmVZSILMZtBPrcApdPjATu13hZSiWSAbL3GO_Ekqtk0Y-m3dxWlFkFxuCRynyxTp9hf9h9QIL1DHgDtWCOy_OeY4fqH17So4qKh_kyjW8WFkCLqsIuyYKo9fpLzbCbDAValV5vAXRtGSAWkfiV9hTQJXtg1TGh4joWZGmXKN8Alc7QzTJmo_Uni6yxNODIOZNOzSUOCtp2mCnCTSj8r9xxAxh_rynbrXpuBZ2jIVilJZ0VvSjYfoB7BI6X5gdUlph-YKjo70LrxR6N967dsXPBKC_y1stYjxoJInNO-eZVaHmlEzWiBhBdmC-ViLmowCady5N-cR2gveldNyulzdAOPyFUULGj_3rPmuc5hBltAK9i0psnPJnnLgtvwWRpOV6Guc367KiMyXVuQQc09JoeGYretrShXpRjdA-Oz7j0NJIJz6YCp9xRhTMkBEHCiZKm_XH4cYmLe9zTiQ94nugmHKdVnR9zPCuwy8juO6bGubanMP9zPZKRJSsqVzNC8SkXm9cQ6o4U4_flbZeesxesyuOnTtE4xAwhenRHTravN2t5J-1QFQEHIsDX8dj5w0w9VCYq_WeG6yD0lnH_OhpOHLAnLwgS4Ku23GZBYpdhaW9pOGeO2h79Mbx9jgrmGcw5z_c1gHzO-l_x_bsn2Amy86vsvQy_WyvE9GOowf955ErxUwtoinN6fWwLkU2IkpGnOMpHBqkSo_032AIj2ZZCnaTGiU1fsjkY3Rua_MR_cE3SsfKbMcY1WcnD2fCrIuAvJy_fR2ZK8lIiq3euHl2Gcg-2QQV5bvlo-NZPi1CwsMD3dc2c-CASuuWJ8HIqctgvgVSBul7Fc3gyIDKLoBJraxWgagaW7KQySaFSvyZn9iOQVBVrhomUOOIXCSQD5c3cBdC3ItMOVsoprxhJME2PzVn1uzcGnG5g4l5lulc1HltvjzqXVLTgq6flNco4D5z2j8ZI27b7hntTAW9eUawRhcOQO7p0YuGYGYhjndhQCLpIqIJ2su_fx5d5SwZTH9MQ1fdZwP-q058-A_8r9PErQ-mAkbKuS_5rGM6_nCrPf9ptoTlWVRL2TeZRHhEjJeg4_smG-9RbRXCIe_b_2JI5ztGnrzugTtVZ-SqXU5RJqiB1Z6QR5uuHCehNgjEeg1sTMX47u7EdDQaDAkfNEVgpoM97z60W01nWLBctwhhhGbdVJicxyQ6rxT90xzM7-SJgd1T7XLOldZjUrHvsViMlxdzY_nd4IkhRwLm2CFErk8dUz8MvtDy-cuV11Zz-WL4Txjc6H7Bb2ZfGHUFcu8HHQKU0RMe5OdykDiVluwwpR6CNz7T6r5u_fNvcGIdpNpE2LFwmmf9ew36KkHX6_3I-FsXcgNeN_Xnv9fbi7-9Gl9lUUVuSdmJ0eN8Bi6XAEI9r6Ac-T6W8WcMH3WcdBcyiyaW9fW04t5gEl9OupSGpGEb_OI2Qobg9I0olfMlm3JNpVWlvZAWTCuUJ5154FioQzVDUKBtpfCK_mQcFP4vjvDpLfSa2f0AM3h2SI7ARvdcTePySAxxRlKSpYKFCDwRFjZKqr8Zu3rifo3rzvb56vqIzU4elTfNl5lVhgqngYK4At80Pjf7QSfPu3pOfNI6DDSUTwmPMIIj6R61eHz5wmb7ubrB3nCXPR8wioRI5-DhEV8iTBaM1IdYzdT0EUGTFcHzYDC31jpNGS9IPFxCLtcV2Zz5U27AYX3LdWYFMoTBgH3gfoOqtIIXE0ABN2nVtEHCiHVyxxwou0VV0r7z2v4hW9bsiXRTCjFrE-E91wlgPpPflJL6mAnnegfv6S2EPSBoCXQG7fuFET19uy7MFWzprdiw1im2mrHCv-YYMYxJUQ6qLmNupgm13iAQGOQeR8sS8ovIhCNz-m2fHhFSRuvKtZ_f-Pgl7bT9sMDVn8SnlmrBkBO1eHqO49XPkNy_jbI2b8PWDHCG-HCESVmTPeATgdDMs8O02F-wBYKt-u3g20sc79F1Npq7l0PTJZqBI8hn_21XiGly2YixQ2e05KEqSocxF5kOJpZTTUOpT6cS7cN8zEk9MjqlY_1yxDg1863DilgpRXVSEBdsYl026nW_8Mffq6YY0NkTUB_5iytY_OBCHWkZa7iW6tJmnjnhr2xJgYmcM6zR20S_3pLnCq-CRRC9EirWGHADwY8zoSrplavoozaj4Jfqsb8ZzVKaYTDXpXxJtrT6XnQuyEpxBTiLSaFsit9Gq9B1cygVziviw-myznrlYDc_knijeZjXu6sdZsJnpx60wSRvCmxoZVWj2DPW77GkaUd3zOKqwdV_zan2IgvlC9rrqQ18H&cid=CAQSPADq26N9tufG-leXgmdLOGrEYOkZaHwwcMmOo7qC_vC_r3hjzrasRVxF3bMkagWKP3XZYKH-YgCKmcwwHBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.71.123 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-71-123.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
7c84fe1d157b4390263a101cd6bcf62bca05141cf04135948556b0c981f1af2f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 81C9
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYyjhuoiAXf5MU9u2KuKvpulry4edL4fx44rr06ka5NX-OF0GaXP-mC4UK7GHrwhbjkdFGp_N0Wfy6AxfN8CKS7CA6DA&cry=1&dbm_d=AKAmf-CmkdHk7XnkuZGIyBrHn_4jWUEi0DmRu2ZwclNSDnb3w6qHIfbiN5fBE716kMF6OVxsO7HmjSzyP21oP1ilDzQOBS7o6JjXnjEenGBf--MivcGNrgDWBjEUwWRLXkzpRscgmo_0KXxFBcIpuGOcDWXWvRlIooc9zF3P4G-_x3aXFVG1M-n7psMOuBxL1EQtdhsbxzql7KB8deUiFmZyNzvsGXYG4rCiJRafSxuDCsY4Xg50ZZ-UdK5ZARLKA_XM1YAuiLORBjRoUc1FGbgMvjIEgcoVxMKO1G7dYJoFJi2YBJRypc2vqt-pf3CtAMfVyj1Vm3Fse6I4sA_d_Jun8jMVOtP_YLLHM9wcCR_HVRhqL_Y9-vam6xBBSphobyYFo9VTHc6j-S1bq7tg-XRitAkfb1cjA89hG0IF_fYzHUpR0wkRDfeZppVNo9riFSw65JbKzz9x_Vp5RMHasfX9CpZfbPp1IhEqZa5Qk0IgPQrpdeSr-z2cUee3NwXATsfptCDLRNgo6nPDalpoDHTlhEwJ3uHBaS9JjpcaLGaY1aVocHfK68shUGmJ4GQaMBJ994vqpMdGlm8OAkkmf6ZqMPbp8jlUEzfdXD7t53ZaY3JegrgXotZZwxVdoTRzCq9DaWAG7hGTHVG-A1M5QtzRnAcJizhwRPXWIP0hM7ADoVJ5L0XGTerQQ4JCDh5gaBYBoVw3g2mBlia2h62UU52HgqPYFYzNyvrtRwUehMjPRsc2rPySqtu5H2IwKC1lKhS5PfLh-Y31fSRgm16KUCeWBgvFiMF1E8mMjFn29EYNtiisHESoypUEVN6Tj_UZKpNIKvzuK7esw4XSiaChVUtisMMBP368AhUqGj8in-wW9ARmWqMYHd6RtmPB6W_qFCP6kaYP5V3pmI-LSt-M-LdxTgNZmolt1T4_N8hDz4Q1tZ34-epOwUngmyIIHfjMpEVFxuS3gU2nsHlkLOCru_AuXS4e9KJfVC0Z-R_X_p_2k96gwym9RLqIVcQmpuequ8Fzl_8mv5MgKGMEuuV__Te3-jbrebFucb1AZgbC4FDLUwp88RYp7TqiMdDmVZSILMZtBPrcApdPjATu13hZSiWSAbL3GO_Ekqtk0Y-m3dxWlFkFxuCRynyxTp9hf9h9QIL1DHgDtWCOy_OeY4fqH17So4qKh_kyjW8WFkCLqsIuyYKo9fpLzbCbDAValV5vAXRtGSAWkfiV9hTQJXtg1TGh4joWZGmXKN8Alc7QzTJmo_Uni6yxNODIOZNOzSUOCtp2mCnCTSj8r9xxAxh_rynbrXpuBZ2jIVilJZ0VvSjYfoB7BI6X5gdUlph-YKjo70LrxR6N967dsXPBKC_y1stYjxoJInNO-eZVaHmlEzWiBhBdmC-ViLmowCady5N-cR2gveldNyulzdAOPyFUULGj_3rPmuc5hBltAK9i0psnPJnnLgtvwWRpOV6Guc367KiMyXVuQQc09JoeGYretrShXpRjdA-Oz7j0NJIJz6YCp9xRhTMkBEHCiZKm_XH4cYmLe9zTiQ94nugmHKdVnR9zPCuwy8juO6bGubanMP9zPZKRJSsqVzNC8SkXm9cQ6o4U4_flbZeesxesyuOnTtE4xAwhenRHTravN2t5J-1QFQEHIsDX8dj5w0w9VCYq_WeG6yD0lnH_OhpOHLAnLwgS4Ku23GZBYpdhaW9pOGeO2h79Mbx9jgrmGcw5z_c1gHzO-l_x_bsn2Amy86vsvQy_WyvE9GOowf955ErxUwtoinN6fWwLkU2IkpGnOMpHBqkSo_032AIj2ZZCnaTGiU1fsjkY3Rua_MR_cE3SsfKbMcY1WcnD2fCrIuAvJy_fR2ZK8lIiq3euHl2Gcg-2QQV5bvlo-NZPi1CwsMD3dc2c-CASuuWJ8HIqctgvgVSBul7Fc3gyIDKLoBJraxWgagaW7KQySaFSvyZn9iOQVBVrhomUOOIXCSQD5c3cBdC3ItMOVsoprxhJME2PzVn1uzcGnG5g4l5lulc1HltvjzqXVLTgq6flNco4D5z2j8ZI27b7hntTAW9eUawRhcOQO7p0YuGYGYhjndhQCLpIqIJ2su_fx5d5SwZTH9MQ1fdZwP-q058-A_8r9PErQ-mAkbKuS_5rGM6_nCrPf9ptoTlWVRL2TeZRHhEjJeg4_smG-9RbRXCIe_b_2JI5ztGnrzugTtVZ-SqXU5RJqiB1Z6QR5uuHCehNgjEeg1sTMX47u7EdDQaDAkfNEVgpoM97z60W01nWLBctwhhhGbdVJicxyQ6rxT90xzM7-SJgd1T7XLOldZjUrHvsViMlxdzY_nd4IkhRwLm2CFErk8dUz8MvtDy-cuV11Zz-WL4Txjc6H7Bb2ZfGHUFcu8HHQKU0RMe5OdykDiVluwwpR6CNz7T6r5u_fNvcGIdpNpE2LFwmmf9ew36KkHX6_3I-FsXcgNeN_Xnv9fbi7-9Gl9lUUVuSdmJ0eN8Bi6XAEI9r6Ac-T6W8WcMH3WcdBcyiyaW9fW04t5gEl9OupSGpGEb_OI2Qobg9I0olfMlm3JNpVWlvZAWTCuUJ5154FioQzVDUKBtpfCK_mQcFP4vjvDpLfSa2f0AM3h2SI7ARvdcTePySAxxRlKSpYKFCDwRFjZKqr8Zu3rifo3rzvb56vqIzU4elTfNl5lVhgqngYK4At80Pjf7QSfPu3pOfNI6DDSUTwmPMIIj6R61eHz5wmb7ubrB3nCXPR8wioRI5-DhEV8iTBaM1IdYzdT0EUGTFcHzYDC31jpNGS9IPFxCLtcV2Zz5U27AYX3LdWYFMoTBgH3gfoOqtIIXE0ABN2nVtEHCiHVyxxwou0VV0r7z2v4hW9bsiXRTCjFrE-E91wlgPpPflJL6mAnnegfv6S2EPSBoCXQG7fuFET19uy7MFWzprdiw1im2mrHCv-YYMYxJUQ6qLmNupgm13iAQGOQeR8sS8ovIhCNz-m2fHhFSRuvKtZ_f-Pgl7bT9sMDVn8SnlmrBkBO1eHqO49XPkNy_jbI2b8PWDHCG-HCESVmTPeATgdDMs8O02F-wBYKt-u3g20sc79F1Npq7l0PTJZqBI8hn_21XiGly2YixQ2e05KEqSocxF5kOJpZTTUOpT6cS7cN8zEk9MjqlY_1yxDg1863DilgpRXVSEBdsYl026nW_8Mffq6YY0NkTUB_5iytY_OBCHWkZa7iW6tJmnjnhr2xJgYmcM6zR20S_3pLnCq-CRRC9EirWGHADwY8zoSrplavoozaj4Jfqsb8ZzVKaYTDXpXxJtrT6XnQuyEpxBTiLSaFsit9Gq9B1cygVziviw-myznrlYDc_knijeZjXu6sdZsJnpx60wSRvCmxoZVWj2DPW77GkaUd3zOKqwdV_zan2IgvlC9rrqQ18H&cid=CAQSPADq26N9tufG-leXgmdLOGrEYOkZaHwwcMmOo7qC_vC_r3hjzrasRVxF3bMkagWKP3XZYKH-YgCKmcwwHBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 22:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 22:07:48 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2D44
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
51494
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 13:55:19 GMT
etag
48472445140208031
expires
Sat, 19 Nov 2022 13:55:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6E5E
220 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
285a13ce59c3fffbe593000ac7e378965f5784625e9ef6d2ec6df04eda1fd6f1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 41E1
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
51494
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 13:55:19 GMT
etag
48472445140208031
expires
Sat, 19 Nov 2022 13:55:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 81C9
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4650b28cfa3bac8532b6440c0d07118780efef68baa460c2cf3e61d9d8566930

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 2D44
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDeZyPbSOj4-1kEJ0zhhO9A&google_cver=1&google_push=ASkJ3Fa2YFx4LLGjc5_U8yT2MTwoj-Ng2dWAKEYHhXvJ17iAHFz141YMSoiSvLJLKClNnBI-Rli-69tTEpcWjxZT...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=IXFjeFfsQQCQ0E05jGv_rA&google_push=ASkJ3Fa2YFx4LLGjc5_U8yT2MTwoj-Ng2dWAKEYHhXvJ17iAHFz141YMSoiSvLJLKClNnBI-Rli-69tTEpcWjxZTnOEtH5Eu...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=IXFjeFfsQQCQ0E05jGv_rA&google_push=ASkJ3Fa2YFx4LLGjc5_U8yT2MTwoj-Ng2dWAKEYHhXvJ17iAHFz141YMSoiSvLJLKClNnBI-Rli-69tTEpcWjxZTnOEtH5EuxqzsBETIaemOrUWIhcS2BDv6VRSrRW3ySo6OEu1n05bA9wS_AXZO82g1NjU
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 19 Nov 2022 04:13:33 GMT
Server
MT3 169 32252b7 master hkg-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=IXFjeFfsQQCQ0E05jGv_rA&google_push=ASkJ3Fa2YFx4LLGjc5_U8yT2MTwoj-Ng2dWAKEYHhXvJ17iAHFz141YMSoiSvLJLKClNnBI-Rli-69tTEpcWjxZTnOEtH5EuxqzsBETIaemOrUWIhcS2BDv6VRSrRW3ySo6OEu1n05bA9wS_AXZO82g1NjU
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 19 Nov 2022 04:13:32 GMT
pixel
cm.g.doubleclick.net/ Frame 2D44
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEKS-h5MEF210U0Fy4vIdpiM&google_cver=1&google_push=ASkJ3FZ5jY7Bfg9Fq9hLZSsDocn-jkByjvKIEAtA-wtuJNW5eh9T-4EdsjqCYRwT9VTRmFTy414PxJ4EeoJcgca59XXyMBPQ0UUDsK...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F51E39BD43F64AEC9A896B38D50274B8&google_push=ASkJ3FZ5jY7Bfg9Fq9hLZSsDocn-jkByjvKIEAtA-wtuJNW5eh9T-4EdsjqCYRwT9VTRmFTy414PxJ4EeoJcgca...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F51E39BD43F64AEC9A896B38D50274B8&google_push=ASkJ3FZ5jY7Bfg9Fq9hLZSsDocn-jkByjvKIEAtA-wtuJNW5eh9T-4EdsjqCYRwT9VTRmFTy414PxJ4EeoJcgca59XXyMBPQ0UUDsKQVPN2rCIYh2JYEQhQJ7cb9BCtgJQ5_2rrE05zjMS6nFnpZpBjEqk4
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 19 Nov 2022 04:13:33 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F51E39BD43F64AEC9A896B38D50274B8&google_push=ASkJ3FZ5jY7Bfg9Fq9hLZSsDocn-jkByjvKIEAtA-wtuJNW5eh9T-4EdsjqCYRwT9VTRmFTy414PxJ4EeoJcgca59XXyMBPQ0UUDsKQVPN2rCIYh2JYEQhQJ7cb9BCtgJQ5_2rrE05zjMS6nFnpZpBjEqk4
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 18 Nov 2022 04:13:33 GMT
pixel
cm.g.doubleclick.net/ Frame 2D44
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELimf_oIg4URmr58B_QgRf4&google_cver=1&google_push=ASkJ3FYJR5RGil-yrG5PBqWD7qc1G8doxoWHWzwmy2H5Kdlh_IUBurX0uVgCHO9KshIX8q26aZPojgJPIdz_TE4Br9yUoKS...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYJR5RGil-yrG5PBqWD7qc1G8doxoWHWzwmy2H5Kdlh_IUBurX0uVgCHO9KshIX8q26aZPojgJPIdz_TE4Br9yUoKSyWUvX0gb_t9RCleQtmdsPeFmY0SvYu0WPQ1EZk...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYJR5RGil-yrG5PBqWD7qc1G8doxoWHWzwmy2H5Kdlh_IUBurX0uVgCHO9KshIX8q26aZPojgJPIdz_TE4Br9yUoKSyWUvX0gb_t9RCleQtmdsPeFmY0SvYu0WPQ1EZkYUbbThIOuYlgHMOPYe6pF4&google_hm=NzYxMzU1NzI2NjQ0MjA0MTY%3D
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 19 Nov 2022 04:13:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYJR5RGil-yrG5PBqWD7qc1G8doxoWHWzwmy2H5Kdlh_IUBurX0uVgCHO9KshIX8q26aZPojgJPIdz_TE4Br9yUoKSyWUvX0gb_t9RCleQtmdsPeFmY0SvYu0WPQ1EZkYUbbThIOuYlgHMOPYe6pF4&google_hm=NzYxMzU1NzI2NjQ0MjA0MTY%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2D44
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AOpfuXGbSnGg-x_Huam4Pg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AOpfuXGbSnGg-x_Huam4Pg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FalKcLilX-fdyMivOscu4Gj3PZ9dFTljO1N---CxHdDlFxFJFNRTNy0Rf-r6lFsvlO5AWjDLy7GADvIiY9pHP9gvIOeiO9pgDzriifl_NWWgSY_Q6LE9LMaln2XeQvtSRx6m5dNa84GkRpFkjIYIpc
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AOpfuXGbSnGg-x_Huam4Pg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FalKcLilX-fdyMivOscu4Gj3PZ9dFTljO1N---CxHdDlFxFJFNRTNy0Rf-r6lFsvlO5AWjDLy7GADvIiY9pHP9gvIOeiO9pgDzriifl_NWWgSY_Q6LE9LMaln2XeQvtSRx6m5dNa84GkRpFkjIYIpc
date
Sat, 19 Nov 2022 04:13:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 2D44
Redirect Chain
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEK-dGd4qoUHKr0h0ecT0y_E&google_cver=1&google_push=ASkJ3FZgkxo-iyOrPpIspYED4s87aXViNCb4eYhkL4Ump_s1zs3p-Z9YkMty8hL6RMPJeDsQxMxA5NU7PHGVD1p5oB00...
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ASkJ3FZgkxo-iyOrPpIspYED4s87aXViNCb4eYhkL4Ump_s1zs3p-Z9YkMty8hL6RMPJeDsQxMxA5NU7PHGVD1p5oB00RsKHaO45CNz7dFYm1OZ-Ei7x1Cp_-H...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ASkJ3FZgkxo-iyOrPpIspYED4s87aXViNCb4eYhkL4Ump_s1zs3p-Z9YkMty8hL6RMPJeDsQxMxA5NU7PHGVD1p5oB00RsKHaO45CNz7dFYm1OZ-Ei7x1Cp_-HfmLmK93QoHD4st0eIiyFbYF3YNawrQwOM
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ASkJ3FZgkxo-iyOrPpIspYED4s87aXViNCb4eYhkL4Ump_s1zs3p-Z9YkMty8hL6RMPJeDsQxMxA5NU7PHGVD1p5oB00RsKHaO45CNz7dFYm1OZ-Ei7x1Cp_-HfmLmK93QoHD4st0eIiyFbYF3YNawrQwOM
date
Sat, 19 Nov 2022 04:13:34 GMT
server
nginx
pixel
cm.g.doubleclick.net/ Frame 2D44
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESENsxbUhiY1trnYGZh3E2xDE&google_cver=1&google_push=ASkJ3FYaLSpSmaPyDAg6cGiPPZmfvcsNGoiM4ArebnA-qBECaldBahXShob6sDdcTUAtLcPPQ0OI_ypRt9o_skZZW2Ir24vksnS...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FYaLSpSmaPyDAg6cGiPPZmfvcsNGoiM4ArebnA-qBECaldBahXShob6sDdcTUAtLcPPQ0OI_ypRt9o_skZZW2Ir24vksnSsJOVCXf9eUp2Uw2qv9gQSK_MTti0DqOP...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FYaLSpSmaPyDAg6cGiPPZmfvcsNGoiM4ArebnA-qBECaldBahXShob6sDdcTUAtLcPPQ0OI_ypRt9o_skZZW2Ir24vksnSsJOVCXf9eUp2Uw2qv9gQSK_MTti0DqOPTX0fxdf_MGF7cV2jyAPC_2tI&google_hm=ZzhiYWQ5OGM4MWYzM2I1NWVhMTU=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:34 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FYaLSpSmaPyDAg6cGiPPZmfvcsNGoiM4ArebnA-qBECaldBahXShob6sDdcTUAtLcPPQ0OI_ypRt9o_skZZW2Ir24vksnSsJOVCXf9eUp2Uw2qv9gQSK_MTti0DqOPTX0fxdf_MGF7cV2jyAPC_2tI&google_hm=ZzhiYWQ5OGM4MWYzM2I1NWVhMTU=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
spacer.gif
an.yandex.ru/resource/ Frame 2D44
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEDJoJFleoZh3AoIlz4moiXc?ext-param=ASkJ3Fav0_3zr6x3XBN74h6d7GEpn9xkWY_a1BnrqxL4dwrGQsYWZQgJjxNV8JTOYoKIrG8k1x1d3Msf6_gc6KV8I4k8OWSyIsNWIOcMz6ouUMG_eeYi9boIEhsZ...
  • https://an.yandex.ru/mapuid/google/CAESEDJoJFleoZh3AoIlz4moiXc?redir-setuniq=1&ext-param=ASkJ3Fav0_3zr6x3XBN74h6d7GEpn9xkWY_a1BnrqxL4dwrGQsYWZQgJjxNV8JTOYoKIrG8k1x1d3Msf6_gc6KV8I4k8OWSyIsNWIOcMz6ou...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEDJoJFleoZh3AoIlz4moiXc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B
Image
General
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
77.88.21.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 04 Nov 2023 04:13:35 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2D44
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KKk3disAGPfM0rB84IUS02t4pfJi2qW1GjrR1dMOPpjFqrwB9uN7-kNDgvorBvqQ0ArJwCkw
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
main.19.8.365.js
static.adsafeprotected.com/ Frame A6CD
196 KB
61 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.365.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138412773756&pubOrder=3068195175&cb=1958050697&custom=homepage&custom3=168400391&adsafe_par&impId=82883657-67c0-11ed-a53f-0ab5b06f5b88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.97.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-112.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
216ba835e231434cd3c2ce6e760ded2025d6e4f56cc58facbff381b0b2a87fd1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:49:22 GMT
x-amz-version-id
Vqi07xtV7_e2oYjjMO93A9MKtrJ0y1dj
content-encoding
gzip
via
1.1 d2e1cc2538095700454cd55cac87c3bc.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P3
age
271451
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 15 Nov 2022 22:25:26 GMT
server
AmazonS3
etag
W/"e5052dd7e7b2a5bcce2aed91a616a5dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
lRXzqkDs-xIdH_3Kb3hzAClZS6eHgjzxz00w6mDQWsMZr9u2YS64Ng==
main.19.8.365.js
static.adsafeprotected.com/ Frame FAC4
196 KB
61 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.365.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138413026295&pubOrder=3068195175&cb=1375891392&custom=homepage&custom3=168400391&adsafe_par&impId=82883654-67c0-11ed-a53f-0ab5b06f5b88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.97.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-112.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
216ba835e231434cd3c2ce6e760ded2025d6e4f56cc58facbff381b0b2a87fd1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:49:22 GMT
x-amz-version-id
Vqi07xtV7_e2oYjjMO93A9MKtrJ0y1dj
content-encoding
gzip
via
1.1 d2e1cc2538095700454cd55cac87c3bc.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P3
age
271451
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 15 Nov 2022 22:25:26 GMT
server
AmazonS3
etag
W/"e5052dd7e7b2a5bcce2aed91a616a5dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
qj8y-aw5r3xyNCPdGLXgIPerQmKNLAKVeqZtc7TDCfragQjmjk7NDA==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3DD7
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
280968
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 22:10:45 GMT
expires
Wed, 15 Nov 2023 22:10:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 41E1
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEM8w58DDccou9ln2MFKdm4w&google_cver=1&google_push=ASkJ3FaFffY0pTXPeTtMT7dZZ0GIL9jSaROohEUjWLi6Dy89e05_DyhDq-Rqn1OUT4S8xpo3cDN4_HM7mg9vLrh8Pn11sjlx...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ASkJ3FaFffY0pTXPeTtMT7dZZ0GIL9jSaROohEUjWLi6Dy89e05_DyhDq-Rqn1OUT4S8xpo3cDN4_HM7mg9vLrh8Pn11sjlxj4W1owmQOj6cpNa4HWH39JVUmw9jsmUq1edMw6...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ASkJ3FaFffY0pTXPeTtMT7dZZ0GIL9jSaROohEUjWLi6Dy89e05_DyhDq-Rqn1OUT4S8xpo3cDN4_HM7mg9vLrh8Pn11sjlxj4W1owmQOj6cpNa4HWH39JVUmw9jsmUq1edMw6UaIN9dS9Li
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ASkJ3FaFffY0pTXPeTtMT7dZZ0GIL9jSaROohEUjWLi6Dy89e05_DyhDq-Rqn1OUT4S8xpo3cDN4_HM7mg9vLrh8Pn11sjlxj4W1owmQOj6cpNa4HWH39JVUmw9jsmUq1edMw6UaIN9dS9Li
Date
Sat, 19 Nov 2022 04:13:34 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 41E1
Redirect Chain
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEN3dlfFSdk8lbWt0z4W88kw&google_cver=1&google_push=ASkJ3FbyAkEV3dEZapD3VjZ2jQrkk1UREdG28z1VZa-lGIdWKT5_x1FR4uLIhGdq1xx1iwb0g624zKSar-1NMyR...
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=ASkJ3FbyAkEV3dEZapD3VjZ2jQrkk1UREdG28z1VZa-lGIdWKT5_x1FR4uLIhGdq1xx1iwb0g624zKSar-1NMyRRVF6nwcUHtiTMo_ddsPOBW7JqlHD5_nN...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=ASkJ3FbyAkEV3dEZapD3VjZ2jQrkk1UREdG28z1VZa-lGIdWKT5_x1FR4uLIhGdq1xx1iwb0g624zKSar-1NMyRRVF6nwcUHtiTMo_ddsPOBW7JqlHD5_nNyBX3NEnOE4ZDZ3UD4jYsXFwr9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=ASkJ3FbyAkEV3dEZapD3VjZ2jQrkk1UREdG28z1VZa-lGIdWKT5_x1FR4uLIhGdq1xx1iwb0g624zKSar-1NMyRRVF6nwcUHtiTMo_ddsPOBW7JqlHD5_nNyBX3NEnOE4ZDZ3UD4jYsXFwr9
Date
Sat, 19 Nov 2022 04:13:35 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 41E1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDzCCCwnUMHjFqlOREXFSuM&google_cver=1&google_push=ASkJ3Fbimo-nmvP7Q7DsFZQO7AHwljmErx-OmPiHRH9adbhWFInp55GMAb4j7FxVw42TxTr5-5cMkvMCNj5nCuO...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=_Svn7znXSxFNOfBUqkEPQ6310aU&google_push=ASkJ3Fbimo-nmvP7Q7DsFZQO7AHwljmErx-OmPiHRH9adbhWFInp55GMAb4j7FxVw42TxTr5-5cMkvMCNj5nCu...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=_Svn7znXSxFNOfBUqkEPQ6310aU&google_push=ASkJ3Fbimo-nmvP7Q7DsFZQO7AHwljmErx-OmPiHRH9adbhWFInp55GMAb4j7FxVw42TxTr5-5cMkvMCNj5nCuO8fNXbTUfKXIw_LQNIgGePSYpxJqoCp2fMBCtT9FwH0cIjbg74aEc-b90
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=_Svn7znXSxFNOfBUqkEPQ6310aU&google_push=ASkJ3Fbimo-nmvP7Q7DsFZQO7AHwljmErx-OmPiHRH9adbhWFInp55GMAb4j7FxVw42TxTr5-5cMkvMCNj5nCuO8fNXbTUfKXIw_LQNIgGePSYpxJqoCp2fMBCtT9FwH0cIjbg74aEc-b90
Date
Sat, 19 Nov 2022 04:13:33 GMT
Connection
keep-alive
Content-Length
285
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 41E1
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEPv0Z9ZZp2hdR2udoznL6Yw&google_cver=1&google_push=ASkJ3FYizWXm3MOHeoMP21qgNaaFzGiMGrFjnOB93aLjgxFm_eA_60wdaDGjhY1bPpp7bzq9Xh8NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FYizWXm3MOHeoMP21qgNaaFzGiMGrFjnOB93aLjgxFm_eA_60wdaDGjhY1bPpp7bzq9Xh8NVWxT-KQ-ZO84lQ8nBkJxIxvDRQPC85iZOdUl9C_YHhAOLz...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FYizWXm3MOHeoMP21qgNaaFzGiMGrFjnOB93aLjgxFm_eA_60wdaDGjhY1bPpp7bzq9Xh8NVWxT-KQ-ZO84lQ8nBkJxIxvDRQPC85iZOdUl9C_YHhAOLz__Gr2X_r3cTO9CB3QszzW-&google_hm=WTNoWDU4Q284WUVBQURnSkVSZ0FBQUFB
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 19 Nov 2022 04:13:33 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEPv0Z9ZZp2hdR2udoznL6Yw&google_cver=1&google_push=ASkJ3FYizWXm3MOHeoMP21qgNaaFzGiMGrFjnOB93aLjgxFm_eA_60wdaDGjhY1bPpp7bzq9Xh8NVWxT-KQ-ZO84lQ8nBkJxIxvDRQPC85iZOdUl9C_YHhAOLz__Gr2X_r3cTO9CB3QszzW-","cluster_id":4,"gdpr":false,"ipv4":"173.245.209.165","key":"Y3hX58Co8YEAADgJERgAAAAA","privacy_sensitive":false,"uid":"Y3hX58Co8YEAADgJERgAAAAA","upstream_id":"a-ad40043"}
X-SO-Key
Y3hX58Co8YEAADgJERgAAAAA
X-SO-Upstream-ID
a-ad40043
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40043.dc2p.scaleout.jp
X-SO-UID
Y3hX58Co8YEAADgJERgAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
173.245.209.165
X-SO-Cluster-ID
4
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FYizWXm3MOHeoMP21qgNaaFzGiMGrFjnOB93aLjgxFm_eA_60wdaDGjhY1bPpp7bzq9Xh8NVWxT-KQ-ZO84lQ8nBkJxIxvDRQPC85iZOdUl9C_YHhAOLz__Gr2X_r3cTO9CB3QszzW-&google_hm=WTNoWDU4Q284WUVBQURnSkVSZ0FBQUFB
Cache-Control
private
X-SO-Ads-Time
6
X-SO-LB-Hostname
m-tgng29.dc4p.scaleout.jp
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame 41E1
11 B
218 B
Image
General
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEIAHULPjLLuFRaGbHhWSggE&google_cver=1&google_push=ASkJ3FYpDhGF-MUDbJaCPcRUNvc2Lr7TOlCyaNiKoVuFNfzYjUafH5gY-o6u1OVAl9VVlmL1hEG1thhCl3qt8MXbz9zCuFDwSqmQaGVgbtYu9OitiHs8Bpxd_tXeOgTmV8Q3ZnZ0XgVBp8G3
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 04:13:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
report
sync.teads.tv/um/ Frame 41E1
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGC62ja2Wh7yki2q4YCZuVY&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YjY4ZGZkYWQtOWQxMS00N2JlLWEwN2EtZGQwN2ExNzQ3Zjg0&google_push=ASkJ3FYYlqqN3_FJnhlHzkFgULe6jQUfyqNh1psROvRloJp6yRFqfJaMt0iOpGK0vUc7H...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.52.45.34 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-45-34.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sat, 19 Nov 2022 04:13:34 GMT
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:34 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 41E1
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEKpwoWAsV-9LIrR9Zs3W4rk&google_cver=1&google_push=ASkJ3FbWdA60cF3KhNLBixwr366zGzDyGfw6GMycmHloytqaNO7iyOY7lc3aMF9R7g62M6SLlATKO57JSs3s3MeKi8iY3q3po...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FbWdA60cF3KhNLBixwr366zGzDyGfw6GMycmHloytqaNO7iyOY7lc3aMF9R7g62M6SLlATKO57JSs3s3MeKi8iY3q3poZS8ChuilbKvUf0DXotviX8Ks3piO...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FbWdA60cF3KhNLBixwr366zGzDyGfw6GMycmHloytqaNO7iyOY7lc3aMF9R7g62M6SLlATKO57JSs3s3MeKi8iY3q3poZS8ChuilbKvUf0DXotviX8Ks3piOzF4P5FymILVbyBvye-D&google_hm=0920d04032b5a8be908f709867a9f9b0
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FbWdA60cF3KhNLBixwr366zGzDyGfw6GMycmHloytqaNO7iyOY7lc3aMF9R7g62M6SLlATKO57JSs3s3MeKi8iY3q3poZS8ChuilbKvUf0DXotviX8Ks3piOzF4P5FymILVbyBvye-D&google_hm=0920d04032b5a8be908f709867a9f9b0
date
Sat, 19 Nov 2022 04:13:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 41E1
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IGHIVw34RVkpSJ_UhAdFOuAAEF2u4jikzHeNpVxSR49ei71gogfpJZO42Fa8KSK51_KSTbI18
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 3789
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28611619.347749104;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1593749571;ord=qkgr0i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvby2PUaaL0ifjATsW06b6NE1UcYJ235Zil3uNQYgQM-yjG3eLlQuZIbb4QwckZBmvIeM4E4W3iPxhJ0KFGujqVC2i0tI6ePRGO4DkL_0x7iQ_1Po7MJBBm-QVoBd0gKOJtLoemCp76a0uQkvv-qPZbGkqiWtpJU_z2VHagR_zKZMJ4S5QPAg3HL8NmATz4tjj7058achc5Qbh3TotUrqMDHFXRUx0sPG4JObUht9ep8r9u2c5IuKi238doC4QJGt0hHSYkBK6UBXfg8UAXNlUT7hMxmvN1d1oih2PdXw6ZJPJ-0sgcNNXgQ2Ufz_293w%26sai%3DAMfl-YRK2M4VGmrSNkPXBbMT9xlFRbHOj4Tz49yHyM7PwYI8VToSNOPg_WHHtQDAGFXm4njclLOncMawOV9C5BpykZAVL6DtvD8k2oSr6q_q0naAdJFriukhGZxANh-iIlqQ1Q%26sig%3DCg0ArKJSzN84kQRFOV4XEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=-0f4GGloGP;stc=1;chaa=1;sttr=628;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
42533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:24:40 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3789
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5_Y3vdhqGVioHgtkgdxwubH_mwEdNY71rErqdJO605UjJRU-FiSbCA8_vPjuqa-N996J05HTCU-yr5c6IohTvKwGPw3BKRywoBNZvtyNfVrSE5wrDVMSeY1YL741JhfFCoDONY_oXIcII6QmeKEPMxu-EviLYbiL2-C1_Cg&sai=AMfl-YQFqkhxUUQtmsRmOIF1Yd6mMHkUHyBPmWxGDl17ffY0fMGgRxuGywNa-HqaaKH3VjBcHviiC8udIX9SMgr8MwkvPWflyEiLHRigSgAS&sig=Cg0ArKJSzArzkZl2Hx7LEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.45414&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28611619.347749104;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1593749571;ord=qkgr0i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvby2PUaaL0ifjATsW06b6NE1UcYJ235Zil3uNQYgQM-yjG3eLlQuZIbb4QwckZBmvIeM4E4W3iPxhJ0KFGujqVC2i0tI6ePRGO4DkL_0x7iQ_1Po7MJBBm-QVoBd0gKOJtLoemCp76a0uQkvv-qPZbGkqiWtpJU_z2VHagR_zKZMJ4S5QPAg3HL8NmATz4tjj7058achc5Qbh3TotUrqMDHFXRUx0sPG4JObUht9ep8r9u2c5IuKi238doC4QJGt0hHSYkBK6UBXfg8UAXNlUT7hMxmvN1d1oih2PdXw6ZJPJ-0sgcNNXgQ2Ufz_293w%26sai%3DAMfl-YRK2M4VGmrSNkPXBbMT9xlFRbHOj4Tz49yHyM7PwYI8VToSNOPg_WHHtQDAGFXm4njclLOncMawOV9C5BpykZAVL6DtvD8k2oSr6q_q0naAdJFriukhGZxANh-iIlqQ1Q%26sig%3DCg0ArKJSzN84kQRFOV4XEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=-0f4GGloGP;stc=1;chaa=1;sttr=628;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 04:13:33 GMT
sz6jfbnf7.js
cdn.krxd.net/controltag/ Frame 3789
18 KB
6 KB
Script
General
Full URL
https://cdn.krxd.net/controltag/sz6jfbnf7.js?
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28611619.347749104;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1593749571;ord=qkgr0i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvby2PUaaL0ifjATsW06b6NE1UcYJ235Zil3uNQYgQM-yjG3eLlQuZIbb4QwckZBmvIeM4E4W3iPxhJ0KFGujqVC2i0tI6ePRGO4DkL_0x7iQ_1Po7MJBBm-QVoBd0gKOJtLoemCp76a0uQkvv-qPZbGkqiWtpJU_z2VHagR_zKZMJ4S5QPAg3HL8NmATz4tjj7058achc5Qbh3TotUrqMDHFXRUx0sPG4JObUht9ep8r9u2c5IuKi238doC4QJGt0hHSYkBK6UBXfg8UAXNlUT7hMxmvN1d1oih2PdXw6ZJPJ-0sgcNNXgQ2Ufz_293w%26sai%3DAMfl-YRK2M4VGmrSNkPXBbMT9xlFRbHOj4Tz49yHyM7PwYI8VToSNOPg_WHHtQDAGFXm4njclLOncMawOV9C5BpykZAVL6DtvD8k2oSr6q_q0naAdJFriukhGZxANh-iIlqQ1Q%26sig%3DCg0ArKJSzN84kQRFOV4XEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=-0f4GGloGP;stc=1;chaa=1;sttr=628;prcl=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a664604e1419e2d44aca4ec63a70e26d9d77dbe885343ddc1bb486e2ed608bb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Sat, 19 Nov 2022 04:13:33 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
753
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-length
5493
x-served-by
config-service-a004-ash-prod.krxd.net, cache-iad-kjyo7100034-IAD, cache-syd10182-SYD
x-response-time
1
x-do-esi
esi
x-timer
S1668831214.917426,VS0,VE0
etag
"42fccaa015e6e1362362f34b805669045cc98afd"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 82
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3789
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28611619.347749104;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1593749571;ord=qkgr0i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvby2PUaaL0ifjATsW06b6NE1UcYJ235Zil3uNQYgQM-yjG3eLlQuZIbb4QwckZBmvIeM4E4W3iPxhJ0KFGujqVC2i0tI6ePRGO4DkL_0x7iQ_1Po7MJBBm-QVoBd0gKOJtLoemCp76a0uQkvv-qPZbGkqiWtpJU_z2VHagR_zKZMJ4S5QPAg3HL8NmATz4tjj7058achc5Qbh3TotUrqMDHFXRUx0sPG4JObUht9ep8r9u2c5IuKi238doC4QJGt0hHSYkBK6UBXfg8UAXNlUT7hMxmvN1d1oih2PdXw6ZJPJ-0sgcNNXgQ2Ufz_293w%26sai%3DAMfl-YRK2M4VGmrSNkPXBbMT9xlFRbHOj4Tz49yHyM7PwYI8VToSNOPg_WHHtQDAGFXm4njclLOncMawOV9C5BpykZAVL6DtvD8k2oSr6q_q0naAdJFriukhGZxANh-iIlqQ1Q%26sig%3DCg0ArKJSzN84kQRFOV4XEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=-0f4GGloGP;stc=1;chaa=1;sttr=628;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 22:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 22:07:48 GMT
1555855612151696907
s0.2mdn.net/simgad/ Frame 3789
58 KB
58 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/1555855612151696907
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
0b69c2e6002a5330e9d710e3a1d6071b07b24c9dd32c882e4fc94120a9b33164
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 19:50:16 GMT
x-content-type-options
nosniff
age
202997
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59315
x-xss-protection
0
last-modified
Fri, 28 Oct 2022 09:30:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 19:50:16 GMT
ad_impression.gif
beacon.krxd.net/ Frame 3789
0
338 B
Image
General
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=sz6jkbf85&campaignid=28611619&advertiserid=8082718&placementid=347749104&adid=541355939&creativeid=180888644&siteid=4088137
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.253.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-253-169.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n004-pdx-prod.krxd.net
date
Sat, 19 Nov 2022 04:13:33 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1668831213
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ad_impression.gif
beacon.krxd.net/ Frame 3789
0
338 B
Image
General
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=sz6jfbnf7&campaignid=28611619&advertiserid=8082718&placementid=347749104&adid=541355939&creativeid=180888644&siteid=4088137
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.253.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-253-169.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n002-pdx-prod.krxd.net
date
Sat, 19 Nov 2022 04:13:33 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1668831213
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3789
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:13:33 GMT
main.19.8.365.js
static.adsafeprotected.com/ Frame 81C9
196 KB
61 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.365.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929007&advId=10623137&campId=27350338&pubId=6657124&chanId=170679895&placementId=335483598
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.97.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-112.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
216ba835e231434cd3c2ce6e760ded2025d6e4f56cc58facbff381b0b2a87fd1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:49:22 GMT
x-amz-version-id
Vqi07xtV7_e2oYjjMO93A9MKtrJ0y1dj
content-encoding
gzip
via
1.1 d2e1cc2538095700454cd55cac87c3bc.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P3
age
271451
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 15 Nov 2022 22:25:26 GMT
server
AmazonS3
etag
W/"e5052dd7e7b2a5bcce2aed91a616a5dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
pXss19uYvpqew1JC9r6U0qc9UNg-wN7gZC7Qhs8z_saG36K5YD--aA==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0346
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
280968
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 22:10:45 GMT
expires
Wed, 15 Nov 2023 22:10:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
SPug
simage4.pubmatic.com/AdServer/ Frame 99B1
0
48 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame 3DD7
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:56:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Nov 2023 14:56:32 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3B85
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
280969
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 22:10:45 GMT
expires
Wed, 15 Nov 2023 22:10:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 81C9
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCvdYx0vZOQdiupxmWp5uBOPLR00mw5Kuy1r7NNruhE-fTbforYsGnClV3zrvhBI0oSk-4yU4L_vXZlf2MqRlFNoFixxFMgD4T3F6iTzmhY3XIzpWHuP_g8_SDYHDUhXa7TrXSPYypeLfEUktlJauEL5XXkUCitJXzZTqkKsF8EpWObui71-DvES8-nc4L6rK1ernH9GoKxeiy64eFpokVM6B0_4lZouWPanjR79x2XQ6jMQzJ_Nza0GNjUlULMUrsx-lmtA3LaV7CQqdU1RwXPZkR1JY9I1blXKr6du6w9Kk0eBUojit3LdCnGt7adjwzamA92RQ3aA83Eao8Pw3It6l9YP-Yo0FNkuIAFgPs9orPFM8d9X2ghQOCphTd2O-CJ51FMlGEDYbjc4dJobD-n-u-A7gWXB6LlbZK-CYgaS_FaVA1oVCdIqGZzIloYLsNZoVALpDRa7ZozHXGrV2wV-hFGDGe9l1Z_QBXYwMBUN8p23D8SSXcN68k9tZpKAhsYMwCYCTF3Mkfr5BK69mwUvgNPPbR7W8MiOPs7DdyTHv_0S9h-i6bZ-zwXA6dK03VpmYTMIivGgiVflGG9H0lCM1RuPacGAf5mdulgHooj15GEOpTJnxIh27GYwnayviM4nX5z2Rrf8BsOkrFRBo5SfwZ9QFs7SYXx6mqeIZS0K71OfbZi3vwlZ7uzjLb5ZqlTE9puz0QXY2aqyneMRdzmyfqbjqiC58ub9zcpdrFrkEMbr31NLlG6XBH4xO3OYzerAbbo0tYNRivonC_29n2QmXZJpHLB6VPoYCdiWvYot2ItAiss0DchoSFkhYNJFnrMeH5AKM5l5RtnzLloYhCT4AYK_M2oPDFa-sTbKoGCMF3Ge_YoLtCsF2MbKwGZLKfNN00AoZJKpP26mgsJmyogmowPtvrCpVYauFpktOq-stogvv7YWLOmzYW_z8omOM7RrpC3j4ukUuYNrm6BpcL2W_KjMk_8RDQ3FvKe8vOblXR7pQzin4lglPxC32MEHqSQ6RkMXNnxmCQjssw5YSaZPVuhCvk2BwUwdTtGTXCXErDl3c0nubAPh-AlsGA6tNh2BIWhcsps0eWfWx6XUS6cucc4stiZzbNS24Ri2KyFZaQ5iT1baNjUv88aKxkvBK-YTJYsXPGH9FpOC16IrnMMkxgiSA5db4NS4JakUmjSRR3HsJYKqkRuFvdFuFwk1veEzps6cqrqu1KIhMbkqebrtBcdkNWH5t2YYZYFuaF1Mnbuoma-Skm8gaVw3cE7BqlpYnTVkfN-ZPYGLHz5SLLP_cWlSY&sai=AMfl-YSIRQwAUaJCiMY2peE9AKhf3uqNOB-CADF6fGNTzrf9j3QLQDcQWwv1KMCxcQHcjt3mkUlMBzbJKOx_WVFQYKfgBUVZ0-q18DGhqzAER922D1wDNoS0_rhYzfYLlVRFmPVgJEH7dKcEALY2WEqD3JTXMZ4BbAsZxaMNVemgFPr0bP-HmPHYXpxuzPfNdzrzjJJP7VyFcmH20BnHdXmeGY17MLqKK-Y_Rorjy4sHfU0ngO_g_Y99DsgIZOw_2coitEwO0HA8MwRzHw&sig=Cg0ArKJSzBx3YKmfiXxCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=724&vt=11&dtpt=723&dett=2&cstd=0&cisv=r20221110.83756&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYyjhuoiAXf5MU9u2KuKvpulry4edL4fx44rr06ka5NX-OF0GaXP-mC4UK7GHrwhbjkdFGp_N0Wfy6AxfN8CKS7CA6DA&cry=1&dbm_d=AKAmf-CmkdHk7XnkuZGIyBrHn_4jWUEi0DmRu2ZwclNSDnb3w6qHIfbiN5fBE716kMF6OVxsO7HmjSzyP21oP1ilDzQOBS7o6JjXnjEenGBf--MivcGNrgDWBjEUwWRLXkzpRscgmo_0KXxFBcIpuGOcDWXWvRlIooc9zF3P4G-_x3aXFVG1M-n7psMOuBxL1EQtdhsbxzql7KB8deUiFmZyNzvsGXYG4rCiJRafSxuDCsY4Xg50ZZ-UdK5ZARLKA_XM1YAuiLORBjRoUc1FGbgMvjIEgcoVxMKO1G7dYJoFJi2YBJRypc2vqt-pf3CtAMfVyj1Vm3Fse6I4sA_d_Jun8jMVOtP_YLLHM9wcCR_HVRhqL_Y9-vam6xBBSphobyYFo9VTHc6j-S1bq7tg-XRitAkfb1cjA89hG0IF_fYzHUpR0wkRDfeZppVNo9riFSw65JbKzz9x_Vp5RMHasfX9CpZfbPp1IhEqZa5Qk0IgPQrpdeSr-z2cUee3NwXATsfptCDLRNgo6nPDalpoDHTlhEwJ3uHBaS9JjpcaLGaY1aVocHfK68shUGmJ4GQaMBJ994vqpMdGlm8OAkkmf6ZqMPbp8jlUEzfdXD7t53ZaY3JegrgXotZZwxVdoTRzCq9DaWAG7hGTHVG-A1M5QtzRnAcJizhwRPXWIP0hM7ADoVJ5L0XGTerQQ4JCDh5gaBYBoVw3g2mBlia2h62UU52HgqPYFYzNyvrtRwUehMjPRsc2rPySqtu5H2IwKC1lKhS5PfLh-Y31fSRgm16KUCeWBgvFiMF1E8mMjFn29EYNtiisHESoypUEVN6Tj_UZKpNIKvzuK7esw4XSiaChVUtisMMBP368AhUqGj8in-wW9ARmWqMYHd6RtmPB6W_qFCP6kaYP5V3pmI-LSt-M-LdxTgNZmolt1T4_N8hDz4Q1tZ34-epOwUngmyIIHfjMpEVFxuS3gU2nsHlkLOCru_AuXS4e9KJfVC0Z-R_X_p_2k96gwym9RLqIVcQmpuequ8Fzl_8mv5MgKGMEuuV__Te3-jbrebFucb1AZgbC4FDLUwp88RYp7TqiMdDmVZSILMZtBPrcApdPjATu13hZSiWSAbL3GO_Ekqtk0Y-m3dxWlFkFxuCRynyxTp9hf9h9QIL1DHgDtWCOy_OeY4fqH17So4qKh_kyjW8WFkCLqsIuyYKo9fpLzbCbDAValV5vAXRtGSAWkfiV9hTQJXtg1TGh4joWZGmXKN8Alc7QzTJmo_Uni6yxNODIOZNOzSUOCtp2mCnCTSj8r9xxAxh_rynbrXpuBZ2jIVilJZ0VvSjYfoB7BI6X5gdUlph-YKjo70LrxR6N967dsXPBKC_y1stYjxoJInNO-eZVaHmlEzWiBhBdmC-ViLmowCady5N-cR2gveldNyulzdAOPyFUULGj_3rPmuc5hBltAK9i0psnPJnnLgtvwWRpOV6Guc367KiMyXVuQQc09JoeGYretrShXpRjdA-Oz7j0NJIJz6YCp9xRhTMkBEHCiZKm_XH4cYmLe9zTiQ94nugmHKdVnR9zPCuwy8juO6bGubanMP9zPZKRJSsqVzNC8SkXm9cQ6o4U4_flbZeesxesyuOnTtE4xAwhenRHTravN2t5J-1QFQEHIsDX8dj5w0w9VCYq_WeG6yD0lnH_OhpOHLAnLwgS4Ku23GZBYpdhaW9pOGeO2h79Mbx9jgrmGcw5z_c1gHzO-l_x_bsn2Amy86vsvQy_WyvE9GOowf955ErxUwtoinN6fWwLkU2IkpGnOMpHBqkSo_032AIj2ZZCnaTGiU1fsjkY3Rua_MR_cE3SsfKbMcY1WcnD2fCrIuAvJy_fR2ZK8lIiq3euHl2Gcg-2QQV5bvlo-NZPi1CwsMD3dc2c-CASuuWJ8HIqctgvgVSBul7Fc3gyIDKLoBJraxWgagaW7KQySaFSvyZn9iOQVBVrhomUOOIXCSQD5c3cBdC3ItMOVsoprxhJME2PzVn1uzcGnG5g4l5lulc1HltvjzqXVLTgq6flNco4D5z2j8ZI27b7hntTAW9eUawRhcOQO7p0YuGYGYhjndhQCLpIqIJ2su_fx5d5SwZTH9MQ1fdZwP-q058-A_8r9PErQ-mAkbKuS_5rGM6_nCrPf9ptoTlWVRL2TeZRHhEjJeg4_smG-9RbRXCIe_b_2JI5ztGnrzugTtVZ-SqXU5RJqiB1Z6QR5uuHCehNgjEeg1sTMX47u7EdDQaDAkfNEVgpoM97z60W01nWLBctwhhhGbdVJicxyQ6rxT90xzM7-SJgd1T7XLOldZjUrHvsViMlxdzY_nd4IkhRwLm2CFErk8dUz8MvtDy-cuV11Zz-WL4Txjc6H7Bb2ZfGHUFcu8HHQKU0RMe5OdykDiVluwwpR6CNz7T6r5u_fNvcGIdpNpE2LFwmmf9ew36KkHX6_3I-FsXcgNeN_Xnv9fbi7-9Gl9lUUVuSdmJ0eN8Bi6XAEI9r6Ac-T6W8WcMH3WcdBcyiyaW9fW04t5gEl9OupSGpGEb_OI2Qobg9I0olfMlm3JNpVWlvZAWTCuUJ5154FioQzVDUKBtpfCK_mQcFP4vjvDpLfSa2f0AM3h2SI7ARvdcTePySAxxRlKSpYKFCDwRFjZKqr8Zu3rifo3rzvb56vqIzU4elTfNl5lVhgqngYK4At80Pjf7QSfPu3pOfNI6DDSUTwmPMIIj6R61eHz5wmb7ubrB3nCXPR8wioRI5-DhEV8iTBaM1IdYzdT0EUGTFcHzYDC31jpNGS9IPFxCLtcV2Zz5U27AYX3LdWYFMoTBgH3gfoOqtIIXE0ABN2nVtEHCiHVyxxwou0VV0r7z2v4hW9bsiXRTCjFrE-E91wlgPpPflJL6mAnnegfv6S2EPSBoCXQG7fuFET19uy7MFWzprdiw1im2mrHCv-YYMYxJUQ6qLmNupgm13iAQGOQeR8sS8ovIhCNz-m2fHhFSRuvKtZ_f-Pgl7bT9sMDVn8SnlmrBkBO1eHqO49XPkNy_jbI2b8PWDHCG-HCESVmTPeATgdDMs8O02F-wBYKt-u3g20sc79F1Npq7l0PTJZqBI8hn_21XiGly2YixQ2e05KEqSocxF5kOJpZTTUOpT6cS7cN8zEk9MjqlY_1yxDg1863DilgpRXVSEBdsYl026nW_8Mffq6YY0NkTUB_5iytY_OBCHWkZa7iW6tJmnjnhr2xJgYmcM6zR20S_3pLnCq-CRRC9EirWGHADwY8zoSrplavoozaj4Jfqsb8ZzVKaYTDXpXxJtrT6XnQuyEpxBTiLSaFsit9Gq9B1cygVziviw-myznrlYDc_knijeZjXu6sdZsJnpx60wSRvCmxoZVWj2DPW77GkaUd3zOKqwdV_zan2IgvlC9rrqQ18H&cid=CAQSPADq26N9tufG-leXgmdLOGrEYOkZaHwwcMmOo7qC_vC_r3hjzrasRVxF3bMkagWKP3XZYKH-YgCKmcwwHBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 04:13:34 GMT
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame 0346
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:56:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Nov 2023 14:56:32 GMT
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame 3789
259 KB
83 KB
Script
General
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sz6jfbnf7.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Sat, 19 Nov 2022 04:13:34 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
211372
age
21385552
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
84509
x-served-by
cache-syd10182-SYD
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1668831214.020882,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
truncated
/ Frame 3789
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff2f0c47cbecd0fedd6a694a29bc85217f9b48ec6ee702d39253bf9beeeaf6ad

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame C37B
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138413026298&pubOrder=3068195175&cb=1203535486&custom=homepage&custom3=168400391&adsafe_par&impId=82883655-67c0-11ed-a53f-0ab5b06f5b88
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.71.123 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-71-123.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
2313d8a601add0e52d2957135f438d4cd8584661d43bb2ca6881160eca279c7d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:34 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6E5E
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdjEWS1pJHsKzeDdK7SrfRu21A8QYGJLVnb6FhWnSPwmb2KZtKULYtSEoCWI0OcuxcB1gAIvpK8cD9VRv_MsQVIMrYT4uN1kEktg4mb5M8SAwAh-eIVUjqgQ9UcZcmno93JYRvKUopSAchKIYgJGmnhmA6zDQ6SThGKTp1Gk8PeJIZbjq3ZrSASf2Tgwt-aQ6y1qAF2ZrtMT3KMgtWr6bWTHZhsmcSEPcwi9SHayTWsg7KxRsLKWjIj4biNTeYrYkI9aI0Te39d79wAj_orsz7M8tRVCq1oDjKgAYMqVZYYwlajjGzAoYohYrR_Iz-yWFsms0nSNmN2TRR-99peaSKNyDOVI962LCSfszBTFWVZoC7bp3Kxh6LP0hv5YVsmqKGjgegOZYmy1nlI6QJdEFnQtHm5B2Dwf4rJEKiFn1gVbL6gNHKesKFLWriWQqGHpx5l74HHGX9K7J7JID3nHy01u1wNr_SRRGO1Tb-UNAMaBl0KV1wgHWmj6-CgpXdpyHGP6BP3ePPMnoGCpQjFS4uh4DEQJoyZzstTD0syJR0yYcaYmB31uIJ-2yMTEOeytCnhF2QR2QZubK_SVqOdQSTN-6_l-DwOfVISbrKLNGLsZwyTskSNY9mN7fMSKTtce-PJwcSAel_hRITWanRuxZhlZ2t7lP95rhd1ODGnz83JJZVhx7DSoLfgN1z92xR34E4ZzDuxndyfv0eDBkxSgFVCRn9XITAFalyqqkxJoPmRcAg2KQ1A8qwz_wl1kcgeNFPsDorm98ouqJHIaSYY1YIhD30-kmxqUmJSs47frOgVbNpa9E60GPWYRn3kGdO7lmIIoy_69nOrfoNeN-gLNJyQPY0ja46j3lPzjnbQMR-m2e1sXhuebMB2EPCaQO5W1iI9AAC8G_dpWKTFUE-Fym4V0p9lgpojath60S_KYoR4EWrhH5UG9HmktE9ZnMJkUjwN5cuB_-ozfpViQEZUVqTKbeqLxPT_UHQ-wffPg3g5kWRQrvaLaTwzranDf9bbHxaq8pN36cqeaWqnuFX52bHesfnMxZEDB5PxZG1_jzhGW47P_yaS9aLjCiQL1-m2XvXa_ZupwEbN6XTRDLvIeyb7E3xoR6VPnjMOSffQe_uYzKA6WyZw9WGFYpBHX6iBM_mZYRXcYBxtyVTYRKpykniMethU8urKJPIIWuBpm7k23uKyIhvfqh0-mtEYS_SCvDdISBOzePOFp0jlrc96EYq-fYTDS4ocG5-WuXja6fo0EXzBTHI2UrloCAyibEXnH8YregHPaT_0s_1BEUDwgZWu6s&sai=AMfl-YS9GPDEdRcHWJDsF4dtblfVpWvL3n79cJebJtOJUGeBJtv_sUXMfXCNJEyJBQpNe94JNu3Rfeperr8MlqGqUY4uUF8eAi1KzlZooC1lMEwqKd3TDxQ7APXM9lY3mYp7CLzU7yYX2zq5hp07Nw5oNhMsdbsTpBHQBUa52Gs8mgRwgIr2JzR-SP-jY6hRd-zXQGgOp6pjmgk4EIffgLupFZj3jeUxqOMM7PTQFA1VS0UYdkMCkhcDVNxZwu_6MrfLR5xD8y5fiO7rB-0Id1w0qfKk5qdmZiI7zjhaWSQ&sig=Cg0ArKJSzJRgxVoPk0vNEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1064&vt=11&dtpt=1063&dett=2&cstd=0&cisv=r20221110.92824&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDitqVcE5F4rjjpet48nKy7ZWkVifvYxhvc_sRT961A9Ag_yUTHQ2UWuxJlNklvE5S5-insoLD4RDblILiDSwywRLaS1Gw_emWDDPilTo3rB3IyiH8p5QujprdCzmguC03EOnu828bnfIWUWtM70MRMn-7EeMhBJlFKyJJGVdFw9EKtd0&dbm_d=AKAmf-DBbznipkqJ1glJE89FgPmXbf7OkXGvN9shJvcciqJ8W_je-hVvZW8qPvz6zhElWBZZ7VYZmEyDZHxPEWJ-i3lOLmEq6j69z9F1NKn3AGqCyHfSn7WdLkMEwpIQEygNHKuIobM_u-_RyB6-wqp8QG5Y8Mhi9jHK9skvnoJfXtLr9VzSS3jMPU5Y9wTsrSsShklXrWgMedhKfUTafsUyzWnLMvwCwFe9B5p5bv2Isi9qn8nX1WMYY_kvsvyohyljbSLDcaLZL2fRkx2gekKyQkwUa1XJFjW1nCWtdDe50EClNYKrOwkDXcZQjxM5roqdwpOT0jg5Rpcab31r8m63GhBsBqeeU-n28hQ_sKFx45b5Akl-2yeyMmxjUPBcZ8yhOs_I7IOOqKPJrn9yIKA9R4zmLOQbl_Htbh4P0RaUizoYRKqmY5_rV7T0AdcwqitoZutNXym5-4jOjTVBOCg_KhOwpkyZhnjcR3SghzsiTL0aKEW2-9_nomBh4PAK_AL0u4mOnLfAG8wMFU2sDns0EA5KeBRHZxBR1RBzu4suyIiuU6THFPmLbCIrqF_Z9MQBLNoxReXzywdhjeztQRVhyyPqxoUXlhLYUWdpOPvkpmb2XjcGaqioa3NcKAO8p5FP310Dn2-SxtsRgfmHUxB-Zyiu9_7Unhytnez08kRfwuAGrbGnneHmJmnYRokxv726ACb-UxMfOnXDPYGspHBnEy_YyCbmQ_ucgwat5RVegREsH84rnYmOIjCbxl2Z_KgvcbKup_81cTVCvnzlwvZC2_fNvr_7HLDyG6vSapb0O9dP-sdBeV83HKK3SJ15KydxJv7_HxEvrL4b2sVvduDzt589q1piDVPYDIaxCUiWKyXw5ysrJ0QdVNVwEKDYlUYBqqG0Tcq1aUx6ebvRbPqxNFn9xZybMMkW9den_dvARwbad2dMR2CFZP1VhMLQKY_vLPRvlPjfiFfx_3ps0VM2O9qga80av8mtqcFpJ02DzK73pe2u_pDSFNL-_b8h-96YEPnppnIn1YAqG1RibgAQeB3I-6pHSsVyR_pkE_RJzBqPILi02NjNQcrjLB1attc1FAeYCiPSW1nI5R6TMQkDyrTJISdA-z7cnPv3IvTVjLgf171s20hrtetBAXDaA212Xw-Ns4ZvhwdkeQMYS3G0TkkNlE_dUZRulor9UZRrEcyDt6HRtx7Co-74Lxt9R3qnDLdszNvGUIHW_yjUk6vsDzk9EragSGR9YjSuwG2tKaJVpe1EcWlLSUriwOi0VF0mMcEtdZlKFJLvG2i9Zme0jHvKgN-aV7vr_dN8git5etd9Daub0c22TR4FdXaiHSBB8pcru4gcYVzpDW19U6sLdJU5RCq0PtRYRm2xq6wxvo5bwHJbE8LcLCSCnwlgxMKSdtq8UZsfYMMJ4wKlRN1sWKkGPPxn-zBYgoNOyfK3DjX75EJ5QCQmcFeDOf6ExpRmSetFBsWuwUy1owWhleaczyK7YOkF-ROGIFw3ySl5QaCffP75tG2PGaJtxDNXdeCTYbkjLR-q69kE83xgcMsWkVEw6uIQKY7rjIjikDR-Q313d-8Ougb8RmQamGMk8-ciZmryeUpw_N8aGoPqupM-6h44gQ33S8Ch8DGaa6Umc8W1ZOde7y0Rm9gxDR5wcZ3zFhb1kq7tSFWJaybJLXQCJ1Vr5qjbM1Jg_Cu6dpJG1EtP4xcZ_cGm_1yj1M-swnNZPuFsdP_DVl5Sf3gEZCGzuypkDLDXR3iaO8UKSvi07a4_R2rmmTa859qw1TdMWKCuXYnoVzPWhtSUavOrPVtDmNcWw68S6RzhWJyR10oG168axSnDRVszwpmP01vPn5qD4Zzd6D1Eity7lm2cz1ac2KSIxbP_xY3IyUGuxVQoDpAFFsxBUFxSMbsPdMh3lt1rP79bWxrPEvxU49R4xjRn3-iNSXg5yYrrGknjis8efXp8iaaNhrAPoDJ1va849SP8g7bgY0gwAqhlXcg1wTH3i6ax3g79K3VVGcLjc0i7tUE3i35Q5j7x_xGNbGi-2LJX223VhEohw_PIVBFagjbxwkGTL7Ndc9Jf2hyuQq0BHvsVJ8NM6E-au3_tOkOAT3IvYCTgyvao_8EtSomCqFHQQuC6ybUZYRvuSEk_9BiW7IlNPzJzfm9ep5LbrQ8vjLGvhuCrrLdhBpfJ098w4UxZ64zPtWKhyWmrQad5fLyMDG8dDyqT1-EucyO3dIqPNy3Xmt5nSnwaLF5pJyq5EfVgXiUOXjuPOWVvrNhJFgTF1XAEmaR12jzj2blrXVhn2dQhpkB1lpkyXariiK_qDeT_-OXlnKqSqH6PqjwJG_Qx1Jxk43iEoEbI9s74PAPQqpOvZDzAaFscH-ths--5OFb_mudWolfIvgsF-GO5byA8qJd56hLmaxhmua1Q7Eh0RMfeXw1zHiOJM5UL9u-LV-apAcUc9rOF2tEcYJkZPnfkkImoJT_1blKACNOUAZnqcr9d1lf5_56HH8o5IfONsBM4ppcHfVDjwm-6bkAMspk9G9fryLUxH-EgHJ3cA0PaYGZcx_nFsb1ay7Mmr1aPXuiQoN6NNGB-OWq0cMW59kRlflVVQQCCQbMBWHSsyoGwlsWwKSpcrBG-X-0nj5Ezfw3fovHRATYimhz8c6ggrAGCAtGpb2ixkQzVxuep6seJpfvf5KlF1plfAVKxssygngxSxTUszS4fxjYGs_UxoIWNeZOSixTzsLDIW8D4FSXHO2ceyi2TZhCDHjnB07K8-QMzDjemJ8LKnUcvVO22kpKI6cQAJgRWbbr7877lcGk5oJsbsfPDv7XJdc88sFJ3EI_JpFVGDwBkPA94ZME9_lKdaNT6Y30opRss8JjtYK7GVNt_ycEOkz9c7VfdJpe0CW9LMn2OLphLkcy6Nq103-I0zdVUglKQ64DZZTuRIIkC7GbRFs8vgMEm7MvF-nJYskBpWCuqP6RyS_E9Xnetq3rt6uYP4GF8J8PVgC4hHC3mokKskjVgv70fNS2xTyKvZZeV_QmN-SqoCJ4_BMEoyQDtmypB292A0VpNEQFnqJuZpeycJP2h3W4fvvksFChvGKSopA6TXkNJhAQFmOoQpb5e3kdOBdGHGM2TVdVBk1tL7jjyTwl3iO536-vrr06B4qyXP2zgHzjigKM13IbtDIUVhWuU5mu3DqnfnZ60dDTcG9P9DZFpK1sdZuQJprDlj7HON7y4ggSv6g&cid=CAQSPADq26N9tufG-leXgmdLOGrEYOkZaHwwcMmOo7qC_vC_r3hjzrasRVxF3bMkagWKP3XZYKH-YgCKmcwwHBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 04:13:34 GMT
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame 3B85
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:56:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Nov 2023 14:56:32 GMT
ad_impression.gif
beacon.krxd.net/ Frame 3789
0
338 B
Image
General
Full URL
https://beacon.krxd.net/ad_impression.gif?campaignid=28611619&advertiserid=8082718&placementid=347749104&adid=541355939&creativeid=180888644&siteid=4088137&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=5bb1a854-5225-4e13-bbe6-aec479649e32&confid=sz6jfbnf7
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.253.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-253-169.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n010-pdx-prod.krxd.net
date
Sat, 19 Nov 2022 04:13:34 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1668831214
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DD7
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsGxP7Fd4Y4LKMM72rQHHhJrAAQAAAAA4AeAEAg&bg=!IyClIGTNAAbvMpMzzzI7ACkAdvg8Wh-9KzVG2dSmANpaPDDuy2veUZppvRJ_Fy1gN2LWZw8lJu5kdgIAAAB8UgAAAAJoAQcKAF8D_SjxO6sKZqqQVceDlld1Lek45IY6K_P2jxjZffJm8B_rOXb5w2RmnyUlTj0LGfSBXN17jRHNynuneJYZlWHmKeUaNVXfeaGUc7BceYdR6ktLxq7qBn3C-O0wIX4ReZkC8CbSZjO0Q8QUs6VRnWTNmT3bvBLzYMLm_nP14Vk5DaeQ2Rlq59Do296LfZHBx6clm6EKnYMuqnuiHzQ6b4oIll2biRNMieT37vzWuSk5CMzIy5MeSJLbRyMyQrn0E1nveD0U8IE84VA4oi1UqoHorKy_24zVqHek6WTWHEbsUwWg7_9_GwHwS4VjgIKIEQe3N0wuRQfWzJL6xuJF563Ari4c866-_kwVebHNrx05osGKG7J1ULqd6J-C41Q99AS-UvlpmXVO3XslG91zSIJInts4Fs5a-12HmdaUqwt4AMwCoJNtICV2cg-uqEwnW_vEQ-J35-1Z8m0zQ-WKwoJsIgxPDBIWBnuB2_TtEigV48HIDSM2ebnv7gT4N8FL0FAsn4bxu3qtYoaoBbMcIEquY1Ru2uqBw6yA6I4rGdQiyrbHO-PmK5otHpyE5ixcebdBlbZby543oBzpt1l9oyv5-QQw9T35ftTdmDZ3fZWD-iyI9VVkDQglQE7IX62f3qTb9Gcm8FhP2CdTrGvRoNm189TKYKAGchi8oXiQdajAauthfCEVtv1usczaKgaHkYzVi4Hy2ioEc-zUkvYrlwaLHcV4Mf4anQVOfah7ix5fkTILLcEl_D9Pd7hrQthGdeScwInnnFypeQt14K16b64Na26aevptt_fjnnv7iw9yxaxcFU2lRL67R9l-p64fcPYnSt6-JBpU-MwNbOo4ENU1rs6vP82M0gfm9hii55HxhneMD_3ht1Nd7HcD2klgOWs985hYwtaqBlHvYyXl43TemzmV4lmAlmWSjMSYy5bybNIBykCrG6CUkeKfOC9e2u0tha10cPmQ6WAVDnsBrcpBJXqG5r4Citsj4ryp91G_H_sEbtXidTtJWv6WZ-1d2Vews7bUAApUtFoMmNKgBp4Mu586qdadhuW0df6xN-7O3aKXXOziRgHqZ_bug11QCdHlfoPE67m3sMoGTA1tl9XXuxrhqVFiH7MK4ytnc_OhGVdy
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.19.8.365.js
static.adsafeprotected.com/ Frame C37B
196 KB
61 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.365.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138413026298&pubOrder=3068195175&cb=1203535486&custom=homepage&custom3=168400391&adsafe_par&impId=82883655-67c0-11ed-a53f-0ab5b06f5b88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.97.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-112.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
216ba835e231434cd3c2ce6e760ded2025d6e4f56cc58facbff381b0b2a87fd1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:49:22 GMT
x-amz-version-id
Vqi07xtV7_e2oYjjMO93A9MKtrJ0y1dj
content-encoding
gzip
via
1.1 d2e1cc2538095700454cd55cac87c3bc.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P3
age
271452
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 15 Nov 2022 22:25:26 GMT
server
AmazonS3
etag
W/"e5052dd7e7b2a5bcce2aed91a616a5dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
zrJxfZDgZlsXUTy1vR0xP2m5nlZzsLJH1pjalwl--b-lAsDOen4G2Q==
view
googleads4.g.doubleclick.net/pcs/ Frame 3789
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5_Y3vdhqGVioHgtkgdxwubH_mwEdNY71rErqdJO605UjJRU-FiSbCA8_vPjuqa-N996J05HTCU-yr5c6IohTvKwGPw3BKRywoBNZvtyNfVrSE5wrDVMSeY1YL741JhfFCoDONY_oXIcII6QmeKEPMxu-EviLYbiL2-C1_Cg&sai=AMfl-YQFqkhxUUQtmsRmOIF1Yd6mMHkUHyBPmWxGDl17ffY0fMGgRxuGywNa-HqaaKH3VjBcHviiC8udIX9SMgr8MwkvPWflyEiLHRigSgAS&sig=Cg0ArKJSzArzkZl2Hx7LEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=610&vt=11&dtpt=609&dett=2&cstd=0&cisv=r20221110.45414&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28611619.347749104;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1593749571;ord=qkgr0i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvby2PUaaL0ifjATsW06b6NE1UcYJ235Zil3uNQYgQM-yjG3eLlQuZIbb4QwckZBmvIeM4E4W3iPxhJ0KFGujqVC2i0tI6ePRGO4DkL_0x7iQ_1Po7MJBBm-QVoBd0gKOJtLoemCp76a0uQkvv-qPZbGkqiWtpJU_z2VHagR_zKZMJ4S5QPAg3HL8NmATz4tjj7058achc5Qbh3TotUrqMDHFXRUx0sPG4JObUht9ep8r9u2c5IuKi238doC4QJGt0hHSYkBK6UBXfg8UAXNlUT7hMxmvN1d1oih2PdXw6ZJPJ-0sgcNNXgQ2Ufz_293w%26sai%3DAMfl-YRK2M4VGmrSNkPXBbMT9xlFRbHOj4Tz49yHyM7PwYI8VToSNOPg_WHHtQDAGFXm4njclLOncMawOV9C5BpykZAVL6DtvD8k2oSr6q_q0naAdJFriukhGZxANh-iIlqQ1Q%26sig%3DCg0ArKJSzN84kQRFOV4XEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=-0f4GGloGP;stc=1;chaa=1;sttr=628;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 04:13:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3789
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssA5n1bSmK5M2tv6DeLyxIPnCLWpbnu08wSjPXzC0ZzHvAI8PYQ9sJUQibAd5nHnBhgClRdYOeuuLfspZkxlTPHpRK4YSf2TjBneCC4C6vSEFLumAMg09WEVWjz71i-e1JVQ4PMH4_iTzvymwYC5r16JLDSmo1k9gV--HM2k1_-dmkjtH2o6NTYDrfZuhNXpISp03xsW9-VfzygIoLxG0ZLeTWvvnGBVBwVw-iLJKLCAUpqq1GEglL4YIfwKBpgv15-45HGSTVJkPJB0XyItQgrLfjcFgGSRqRzSwDgaf1yECiTmNLuRMjm1ovWWblefcJ9J35M&sai=AMfl-YTdtPT-N8_cHixQjcgDdaRCMxH0W89ps-VCy9mhSm1WLK1wSBho7RC3lEd_HmwA5PxbpYx1VPwGqSgevzvSnu7YRCQ_s9QHA0-euEq_1aVUYZ_vrap5uioYjRDkinCpqw&sig=Cg0ArKJSzF4we3qzJTo9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 04:13:34 GMT
5bb1a854-5225-4e13-bbe6-aec479649e32
consumer.krxd.net/consent/get/ Frame 3789
219 B
423 B
Script
General
Full URL
https://consumer.krxd.net/consent/get/5bb1a854-5225-4e13-bbe6-aec479649e32?idt=device&dt=kxcookie&callback=Krux.ns.myer.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
47dd81eeb8cc08a3d31933207ec6aa57e601dfaa64625a3ba8d7e599bd3e89f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
consumer-a005-pdx-prod.krxd.net, cache-syd10123-SYD
date
Sat, 19 Nov 2022 04:13:34 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-timer
S1668831215.552894,VS0,VE182
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
content-length
183
x-cache-hits
0, 0
desktop_truskinwww.heraldsun.com.au.js
massets.bonzai.co/c2/jd/
3 KB
1 KB
Script
General
Full URL
https://massets.bonzai.co/c2/jd/desktop_truskinwww.heraldsun.com.au.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2667891553612180355_1667548731684_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-66.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
753623f88346064bb548612ff9e5d5fd5b26939fc32942c060de14d6007cb912

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:35 GMT
content-encoding
gzip
via
1.1 65866bb6c20ad09669a6cfc294087ec0.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 01:53:11 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
etag
"9edf0d1a271a1eec31ac16f11fbd329d"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
988
x-amz-cf-id
8GHR59bMCV8E6odlzfl_PyXTm2-T-Ch5-ocI9PtdxthfQDmpvvVWqA==
rec
collector.bonzai.co/ Frame CAA0
43 B
267 B
Image
General
Full URL
https://collector.bonzai.co/rec?ev=preimp&tk=d482df2ef01de98aa65fa9186a1a79&ad=2667891553612180355&brkp=1920x1080&brkpid=dtsMain&cw=970&ch=250
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.173.211 -, , ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:40 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
1px.gif
dcollector.bonzai.co/ Frame CAA0
35 B
380 B
Image
General
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjY4ODMxMjE0MzQ0LCJmaSI6ZmFsc2UsInRrIjoiZDQ4MmRmMmVmMDFkZTk4YWE2NWZhOTE4NmExYTc5IiwiYWQiOiIyNjY3ODkxNTUzNjEyMTgwMzU1IiwiY250IjoiZGl2Iiwic24iOiJERlAgKFBHKSIsInBsIjoiMjY2OTIwMTQzMTk2NzA2MTIzIiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiRGV0ZWN0ZWQgU0RLLCBXZWIifQ==&etc=0.8851020268810985
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-119.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:36:55 GMT
via
1.1 625de659a90e36a729e80cd3fdf6ae3c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
23800
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
w8HeZ2t6wQ5_4crRjug-hMdYeQsPDWNPu9WEYKPPVKtwy6iWr29zFQ==
rec
collector.bonzai.co/ Frame CAA0
43 B
267 B
Image
General
Full URL
https://collector.bonzai.co/rec?ev=imp&tk=d482df2ef01de98aa65fa9186a1a79&ad=2667891553612180355
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.173.211 -, , ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:39 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0346
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrOuG7Fd4Y8qnMZa89QON_YfQBQAAAAA4AeAEAg&bg=!CgmlCU3NAAbvMpMzzzI7ACkAdvg8WjOZncxYCsc5YZkXGkfy2UfT6Z2c8cTZTE_SbRMbISTFObQdrwIAAACIUgAAAANoAQcKADkHDiaQd_PBYytxDbwG6YVQpfLAEEfHizWljSwCpSnS-B60Uc3FPT-115sMmtfr3o6PPn0IY_G3xzKZAvfiU5t7qNe3S134OdmMfcv16nl-0SJm3UcegDWtH-gKa3hoIYcRfLWqKGrGXvv7xrB-bB-icUnBN1pXphpfcFQpYB_FAE2-AmxCznh5bYDuBZWuwCtHlviVpMvFLtYN3Eux5OtP-ESIyOC3MeHMbLwd67No_NF4TgNBwVd2GZn-oy4_GhNJ9xfnJ3NgmXfvoGxbabx86pHxGFcZu2-8HWzuzjEJH7vXBKUdCrZHM-322pI_sNY7Z0h-mkA_Z44iPTLngNUHyaEiFNu0la-se6S0E8PisvuF6RgNDnQ2ZiEYmbiWKNLLtolBqW7pKFJyf3otfZPSHAQb-cK2fdZCBlhxiGhkDe6X8bVCKMwwna91SvFrh42rHIO_Rz8fM4bjsnsCanmdcNLbsCkwXMl0C-Gfh556NrYBy5GPMQw2l2stlZ71VM0dOD-tmsFljTB4YrCqHhywGqIOUejdwBfLwBWfgmar2XVfc8y6wXlcyE5BQQk9JSXPT3vKMwPbevccv2wXEDtX9A6dNs4X5INGzIMICjHBIZemftxr0lGkeMA8ouozYOB6hzZ1i7kXNTWX9oQ5nX4ik7Lo0Vxn-yPILUNumz53Ntj75URGh8djwKuqqaea_o4tpf_zBbgnZAUoOnD1tA2ltICP6H5Q98apYNSMiCDJMQ-9FCIEwWnUBrowyNugM5txFj6gtkHWLNA0HQXk0DZryAFDwutBLO1cxNfqWsik8HuSibAYYXaxETTnhTn11apcyv1bNWwumM5-cSd9vZgb82cM3pC7oRQdZRLY4cjtMIqkO041dvdMXFbjh8ke_-yTxqH_qCLXXSyiMYCeRmjWI2RnecOi469nE7Q_aAbBTtkIxAKEd_eAhW52YXQroE8JHS2HO29JBsfVvVARbVOjeIhRDj65hX3hhNRgNqYbmp9oj9GYzeUG5_BebIepR-QSFLHXpwLQJS_Udxs_cXA11PgK7aLels7ai7fNn72EIPTTCquqxgCOqHgm8eaPxomERJA
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 2634
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.97.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-112.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d2e1cc2538095700454cd55cac87c3bc.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P3
age
5056638
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
vr57cjtL60oR60269g8uUGtrUv9Cp4HLfEa08PFgZIoJCNUEzIFC_Q==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138412773756&pubOrder=3068195175&cb=1958050697&custom=homepage&custom3=168400391&adsafe_par&impId=82883657-67c0-11ed-a53f-0ab5b06f5b88&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:3c7847c5-c230-00b6-3018-7099794160af,c:unP4XI,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-789bd99cd5-c78xg,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:0.12061.1.1,am:i,cc:0.12061.1.1,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:958,mot:0,app:0,maw:0,fm:tnBrHtW+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1t11%7C1t2%7C1u1%7C1u2%7C1u3%7C1v*.10507%7C1v1%7C1w1%7C1w2%7C1w3,idMap:1v*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:A.qs.tn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:987,oid:880ae392-67c0-11ed-8006-f6ff91991869,v:19.8.365,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.71.123 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-71-123.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:34 GMT
server
nginx
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3c7847c5-c230-00b6-3018-7099794160af&tv=%7Bc:unP4Ym,pingTime:-2,time:1026,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:557,beZ:559,mfA:1516,cmA:1517,inA:1518,inZ:1526,prA:1526,prZ:1535,si:1544,poA:1545,poZ:1561,cmZ:1561,mfZ:1561,loA:1571,loZ:1575,ltA:1583,ltZ:1583,mdA:559,mdZ:1497%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D,ha1:%7Bres1:1,ps:1,ts:1668831214523,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:1,h:1,t:986%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1026,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:985,wc:0.0.1600.1200,ac:0.12061.1.1,am:i,cc:0.12061.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B61~0%5D,as:%5B61~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBrHtW+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1t11%7C1t2%7C1u1%7C1u2%7C1u3%7C1v*.10507%7C1v1%7C1w1%7C1w2%7C1w3,idMap:1v*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:A.qs.tn,siq:987,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_3,google_ads_iframe_/5129/ndm.hwt/home_3__container__,ad-block-1000x50-1%5D,sinceFw:39,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3c7847c5-c230-00b6-3018-7099794160af&tv=%7Bc:unP4Zu,time:1097,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1097,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:985,wc:0.0.1600.1200,ac:0.12061.1.1,am:i,cc:0.12061.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B131~0%5D,as:%5B131~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBrHtW+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1t11%7C1t2%7C1u1%7C1u2%7C1u3%7C1v*.10507%7C1v1%7C1w1%7C1w2%7C1w3,idMap:1v*,rmeas:1,rend:1,renddet:A.qs.tn,siq:987%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B85
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuSZB7Vd4Y7mgGveoz7sP9_yH2AgAAAAAOAHgBAI&bg=!srGlsfXNAAbvMpMzzzI7ACkAdvg8WmmZr5pI6gBJrTnwJUVhZ83VBo7saRu5nKdNwCMT-YPTzJrU2gIAAACvUgAAAAJoAQeZAtwCNHEueIkkv9YE-Wrte4ihz4FAiJg1jo57VPbAAk7ToE-qXzzJhqrTGF1HkGCmnmX2fD6uWRjhpuIkt9NXFghBXJGUNKfu7pvaByZCGIvYNLdqPU8-5xIF8X16xpQkjQxOMlSrBgE1amUWLhJlT3EQXVHTcknGP68WQf9y0Ud46pTTv429lhbihR_O9hEGLpL1Y44qb8BBgbDe23Cj9vcq9w5sgmyG1of2rDUwmwfcVNg0iBFlWF3pLmvbQYL9vd3JJRLjKfkuf79v-GJZWNQX3jqPhxoAmIWYCyDlhLsZHSYJKRH_W395IkTe_RR3FfqE_DOLQ1jjavqdr3uLGzqGJLxtiMTfYDmH-oItl5P9D5kSIkgxihaErdyBgti6uFbsvKvcLT2XDWA6aaSvxwYBqplKfEF5ZeZOy90konAfIqb4ixSTTKyOfrqqGvS7vdRFKmrdMN4n8tq6xnXcYkeQ69f8BFLMgrObulv4pWcUFkqlXyihxwaRX40gUdrO5ouugk7EqG7vOTuWq0ATzEqPZ0drCpPt9tnaHBFPu1mUVYjHT0CpVKS1ktMo8KUDFquU8fOqaCrkUzmDGDfgdH41KViPAAlh20p27CMvVhcztCUhz3W6TWaGjzrNjquyCp8SVaQZdAZO7lTH7Vo3oH0cRmccWDn6hUtnn03uSHR4ALLJCFOEDOMV6yKXHekTnc3m-VC_ecGRK9uWi-N_CWGvrADiXsSgfb69Emu7gb8t46MXWHQ3wnCzik7wnKeX4jPFVKNjW2yoTgYACt4osemTmwtJ4tEmXJh2kvnJAm0QuzCFtSXHeB3WtwNvoK4sFCvf6MaQRjFRj4Ai5Ma3FaZhplc5KZtDDzL0JiXbEjEgqUme2MfN2fwpumpF6cWs592bIDQXbJsLR2lB80P3N31FglkZ3I8NDrHU3YHdxe17DO54pG3KNeq0Gs6Nn0R2L4VVxrEHSwqfbxT9mc8
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8526
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6077657&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
6050d047f7ffb9a674bd3ca3a96a60e91028326d3f365092d765c2a734fdabc1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 04:13:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
optout_check
beacon.krxd.net/ Frame 3789
77 B
236 B
Script
General
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.myer.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.253.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-253-169.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
02a7358541da16a4699d53ae9e51fb0cc1c7b506315abeffa116f1d0bfcc1dc6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n009-pdx-prod.krxd.net
date
Sat, 19 Nov 2022 04:13:34 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=26 t=1668831214
content-type
text/javascript
sca.17.6.2.js
static.adsafeprotected.com/ Frame CCE1
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.97.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-112.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d2e1cc2538095700454cd55cac87c3bc.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P3
age
5056639
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
8uvG3622B825pGb0MeqmDpv3O7D4BZiLiChBDXnLnFj8JtaheHyYWA==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=970x250|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138413026295&pubOrder=3068195175&cb=1375891392&custom=homepage&custom3=168400391&adsafe_par&impId=82883654-67c0-11ed-a53f-0ab5b06f5b88&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:b4dee710-8c43-ae5f-cd2d-a38b46dfc8fa,c:unP532,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-789bd99cd5-ddcnw,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:1296,mot:0,app:0,maw:0,fm:tnBrHu0+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3,idMap:1s*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1313,oid:880b0a61-67c0-11ed-ad9a-ee1432f8b891,v:19.8.365,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.71.123 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-71-123.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:34 GMT
server
nginx
x-server-name
app04.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b4dee710-8c43-ae5f-cd2d-a38b46dfc8fa&tv=%7Bc:unP533,pingTime:-8,time:1313,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1313,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1312,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B16~100%5D,as:%5B16~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBrHu0+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1313%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b4dee710-8c43-ae5f-cd2d-a38b46dfc8fa&tv=%7Bc:unP53f,pingTime:0,time:1325,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1312%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1325,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1312,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B28~100%5D,as:%5B28~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBrHu0+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1313%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b4dee710-8c43-ae5f-cd2d-a38b46dfc8fa&tv=%7Bc:unP53u,pingTime:-2,time:1340,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:791,beZ:792,mfA:2086,cmA:2087,inA:2087,inZ:2088,prA:2088,prZ:2099,si:2103,poA:2103,poZ:2113,cmZ:2113,mfZ:2113,loA:2122,loZ:2124,ltA:2130,ltZ:2130,mdA:792,mdZ:2061%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1312%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1340,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1312,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B43~100%5D,as:%5B43~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBrHu0+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3,idMap:1s*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1313,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1%5D,sinceFw:27,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
desktop_truskinwww.heraldsun.com.au.js
massets.bonzai.co/c2/jd/ Frame CAA0
3 KB
1 KB
Script
General
Full URL
https://massets.bonzai.co/c2/jd/desktop_truskinwww.heraldsun.com.au.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2667891553612180355_1667548731684_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-66.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
753623f88346064bb548612ff9e5d5fd5b26939fc32942c060de14d6007cb912

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:36 GMT
content-encoding
gzip
via
1.1 65866bb6c20ad09669a6cfc294087ec0.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 01:53:11 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
etag
"9edf0d1a271a1eec31ac16f11fbd329d"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
988
x-amz-cf-id
jNMecxu3DBawCkjYYcDC1mSDNQAckffFkvpGPeA0l6lW8Vlo1MxaKg==
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b4dee710-8c43-ae5f-cd2d-a38b46dfc8fa&tv=%7Bc:unP541,time:1373,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1373,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1312,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B76~100%5D,as:%5B76~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBrHu0+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1313%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame D8EF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hX6QAAAflyDgAT&gdpr=0&gdpr_consent=
1 B
300 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hX6QAAAflyDgAT&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 04:13:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 19 Nov 2022 04:13:34 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3hX6QAAAflyDgAT&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-syd10124-SYD
x-timer
S1668831215.976547,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame DC9F
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xvbz5ob2cpp
1 B
173 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xvbz5ob2cpp
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 04:13:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Sat, 19 Nov 2022 04:13:35 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xvbz5ob2cpp
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
1
Pug
image2.pubmatic.com/AdServer/ Frame 510E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=w29gA8BrMljYaTMKw216CMc-NlrYPTUJxzjlDe_r
42 B
418 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=w29gA8BrMljYaTMKw216CMc-NlrYPTUJxzjlDe_r
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 04:13:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 19 Nov 2022 04:13:35 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=w29gA8BrMljYaTMKw216CMc-NlrYPTUJxzjlDe_r
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 67C5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7870255768103140305&gdpr=0&gdpr_consent=
42 B
218 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7870255768103140305&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 04:13:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
15089b89-e909-49d6-94fb-f5af65fa04e8
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 19 Nov 2022 04:13:35 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7870255768103140305&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 065A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 04:13:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:13:34 GMT
expires
Sat, 19 Nov 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2260864
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame E946
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_Svn7znXSxFNOfBUqkEPQ6310aU
42 B
301 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_Svn7znXSxFNOfBUqkEPQ6310aU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 04:13:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Sat, 19 Nov 2022 04:13:35 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_Svn7znXSxFNOfBUqkEPQ6310aU
info2
uipglob.semasio.net/pubmatic/1/ Frame 8526
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
119.9.108.211 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:27 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:27 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 8526
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&gdpr=0&gdpr_consent=&ct=y
49 B
545 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
18.140.183.49 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-183-49.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.13.197
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.21.212
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 8526
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5da9f952-c53c-4992-b227-fb1f58a0d6b4%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&ttd_puid=5da9f952-c53c-4992-b227-fb1f58a0d6b4%2C
95 B
122 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&ttd_puid=5da9f952-c53c-4992-b227-fb1f58a0d6b4%2C
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:35 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&ttd_puid=5da9f952-c53c-4992-b227-fb1f58a0d6b4%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
SPug
image4.pubmatic.com/AdServer/ Frame 8526
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-qbCxKcRE2uV82pMZW333Dw0hR4uygYs-~A&gdpr=0&gdpr_consent=
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-qbCxKcRE2uV82pMZW333Dw0hR4uygYs-~A&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-qbCxKcRE2uV82pMZW333Dw0hR4uygYs-~A&gdpr=0&gdpr_consent=
date
Sat, 19 Nov 2022 04:13:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 8526
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7821241199922412941
42 B
341 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7821241199922412941
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 04:13:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7821241199922412941
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 8526
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=46a5317d-6376-4ba5-9b1e-d44590894312&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8&gdpr=&gdpr_consent=&gdpr_pd=
1 B
244 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 04:13:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 19 Nov 2022 04:13:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8526
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7481973582026346771&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7481973582026346771&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 04:13:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7481973582026346771&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 19 Nov 2022 04:13:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sca.17.6.2.js
static.adsafeprotected.com/ Frame 6ADB
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
URL: https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.97.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-112.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d2e1cc2538095700454cd55cac87c3bc.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P3
age
5056639
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
dF1ivWPXEG1Kz8EneTe3j57yY4y1UKoVt2ca52EEriC2XpoXmxCvuA==
mon
pixel.adsafeprotected.com/ Frame 81C9
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=929007&advId=10623137&campId=27350338&pubId=6657124&chanId=170679895&placementId=335483598&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fe9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fe9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bd0ee5bb-e990-1b1e-d1a8-cadcaef48a8d,c:unP559,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-789bd99cd5-7x5x4,rg:sg,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1209,mot:0,app:0,maw:0,fm:tnBrHxr+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w*.929007%7C1w1%7C1w2%7C1w3,idMap:1w*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1231,oid:8818786b-67c0-11ed-82fa-72691e787d04,v:19.8.365,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.71.123 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-71-123.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 81C9
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=929007&asId=bd0ee5bb-e990-1b1e-d1a8-cadcaef48a8d&tv=%7Bc:unP55x,pingTime:-3,time:1254,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1230%7D,%7Bpiv:0,vs:o,r:l,t:1252%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1254,n:1252,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1230,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~1,1~0%5D,as:%5B43~728.90%5D%7D%7D,%7Bsl:o,t:1252,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tnBrHxr+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w*.929007%7C1w1%7C1w2%7C1w3,idMap:1w*,rmeas:1,rend:1,renddet:IMG.qs,siq:1231%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 81C9
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=929007&asId=bd0ee5bb-e990-1b1e-d1a8-cadcaef48a8d&tv=%7Bc:unP55D,pingTime:-6,time:1260,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1260,n:1252,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1230,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~1,1~0%5D,as:%5B43~728.90%5D%7D%7D,%7Bsl:o,t:1252,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tnBrHtW+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q1%7C1r%7C1s.10507%7C1s1%7C1s2%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v.10507%7C1v1%7C1v2%7C1w*.929007%7C1w1%7C1w2%7C1w3,idMap:1w*,rmeas:1,rend:1,renddet:IMG.qs,siq:1231%7D&tpiLookup=ao:www.heraldsun.com.au*&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 81C9
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=929007&asId=bd0ee5bb-e990-1b1e-d1a8-cadcaef48a8d&tv=%7Bc:unP55Q,pingTime:-2,time:1273,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:1333,bdZ:1828,beA:1853,beZ:1854,mfA:3063,cmA:3063,inA:3063,inZ:3065,prA:3065,prZ:3080,si:3084,poA:3084,poZ:3092,cmZ:3092,mfZ:3092,loA:3113,loZ:3116,ltA:3126,ltZ:3126,mdA:1854,mdZ:3042%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1230%7D,%7Bpiv:0,vs:o,r:l,t:1252%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1273,n:1252,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1230,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~1,1~0%5D,as:%5B43~728.90%5D%7D%7D,%7Bsl:o,t:1252,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B19~0%5D,as:%5B19~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tnBrHtW+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q1%7C1r%7C1s.10507%7C1s1%7C1s2%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v.10507%7C1v1%7C1v2%7C1w*.929007%7C1w1%7C1w2%7C1w3,idMap:1w*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:1231,sinceFw:42,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame FB69
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.97.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-112.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d2e1cc2538095700454cd55cac87c3bc.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P3
age
5056639
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
EeYSdTdG2eDpEPICFXzYO7XNY0dOQXofdbohzcw15CKyM3u3TbfLaQ==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|1&pubId=54134231&chanId=171638111&placementId=6088428382&pubCreative=138413026298&pubOrder=3068195175&cb=1203535486&custom=homepage&custom3=168400391&adsafe_par&impId=82883655-67c0-11ed-a53f-0ab5b06f5b88&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:ebeb6342-26b8-84df-6607-54cb4104848f,c:unP58F,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-789bd99cd5-9d9rs,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1123.622.300.250,am:i,cc:1123.622.300.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:894,mot:0,app:0,maw:0,fm:tnBrHGb+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4,idMap:1t*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:906,oid:8894ad45-67c0-11ed-9cbe-2600eb1c1ed7,v:19.8.365,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.71.123 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-71-123.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ebeb6342-26b8-84df-6607-54cb4104848f&tv=%7Bc:unP58P,pingTime:0,time:916,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:906%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:916,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:906,wc:0.0.1600.1200,ac:1123.622.300.250,am:i,cc:1123.622.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B21~100%5D,as:%5B21~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBrHGb+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:906%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ebeb6342-26b8-84df-6607-54cb4104848f&tv=%7Bc:unP592,pingTime:-2,time:929,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:251,beZ:252,mfA:1145,cmA:1145,inA:1145,inZ:1147,prA:1147,prZ:1153,si:1157,poA:1157,poZ:1165,cmZ:1165,mfZ:1165,loA:1174,loZ:1175,ltA:1179,ltZ:1180,mdA:252,mdZ:1126%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:300.250,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:906%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:929,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:906,wc:0.0.1600.1200,ac:1123.622.300.250,am:i,cc:1123.622.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~100%5D,as:%5B34~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBrHGb+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4,idMap:1t*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:906,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1,newscorpau_multi_collection-3%5D,sinceFw:22,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 81C9
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=929007&asId=bd0ee5bb-e990-1b1e-d1a8-cadcaef48a8d&tv=%7Bc:unP59F,time:1510,type:e,im:%7Bimprf:%7Bttecl:1988,ecd:202,tsecr:26%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1510,n:1252,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1230,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~1,1~0%5D,as:%5B43~728.90%5D%7D%7D,%7Bsl:o,t:1252,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B256~0%5D,as:%5B256~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tnBrHtW+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q1%7C1r%7C1s.10507%7C1s1%7C1s2%7C1t.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v.10507%7C1v1%7C1v2%7C1w*.929007%7C1w1%7C1w2%7C1w3,idMap:1w*,rmeas:1,rend:1,renddet:IMG.qs,siq:1231,sis:1468%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ebeb6342-26b8-84df-6607-54cb4104848f&tv=%7Bc:unP59G,time:969,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:969,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:906,wc:0.0.1600.1200,ac:1123.622.300.250,am:i,cc:1123.622.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B74~100%5D,as:%5B74~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnBrHGb+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:906%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 3789
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-4f4CqJlJpjiPbmDD3y5Gkq36atOdZerc6oouUVL2fMBnC-5gYdEwaH2lKyqjhkYfoWk0eNJMjIalMwXnxa5sWG7TUGU7usE&sig=Cg0ArKJSzEaHJvTEEwYiEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=1593749571&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668831211775&rpt=2502&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3789
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMud8F6ZXrkqIP4XVJdT6qDMrpOfEtnRVvsJC9ZzU6NiEQLW091xoHduHqX8bGkruq_y67pZvHOdMJ1UhKEyejpuCFm4_g55Bjj8BMjOyfpuVYd_vP&sig=Cg0ArKJSzJsVEMeM9NZNEAE&id=lidar2&mcvt=1002&p=622,1123,872,1423&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2956706420&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668831211775&rpt=2497&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3c7847c5-c230-00b6-3018-7099794160af&tv=%7Bc:unP5dU,pingTime:-10,time:1990,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1668831215497%7C%7C080afabd8afe40d95c356d4d9356969c%7C%7Cf8b8963e850cee297829880103706300%7C%7Cb326fe86a6e38ed3b05d4cef56eb9401%7C%7Cdd7fb3767b974544d1c3891ab43586bf%7C%7C4bb969a0c3b49182c2141dc90085ad64%7C%7C8de967c7ba2c190ee3cc0656f8e6acb6%7C%7C8ffc63cf4e2c90c2766510c2e1a3f39f%7C%7C1663701684%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ebeb6342-26b8-84df-6607-54cb4104848f&tv=%7Bc:unP5i7,pingTime:-10,time:1492,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1668831215497%7C%7C080afabd8afe40d95c356d4d9356969c%7C%7Cf8b8963e850cee297829880103706300%7C%7Cb326fe86a6e38ed3b05d4cef56eb9401%7C%7Cdd7fb3767b974544d1c3891ab43586bf%7C%7C4bb969a0c3b49182c2141dc90085ad64%7C%7C8de967c7ba2c190ee3cc0656f8e6acb6%7C%7C8ffc63cf4e2c90c2766510c2e1a3f39f%7C%7C1663701684,sca:%7Bspg:3c7847c5-c230-00b6-3018-7099794160af%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b4dee710-8c43-ae5f-cd2d-a38b46dfc8fa&tv=%7Bc:unP5jx,pingTime:-10,time:2335,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1668831215497%7C%7C080afabd8afe40d95c356d4d9356969c%7C%7Cf8b8963e850cee297829880103706300%7C%7Cb326fe86a6e38ed3b05d4cef56eb9401%7C%7Cdd7fb3767b974544d1c3891ab43586bf%7C%7C4bb969a0c3b49182c2141dc90085ad64%7C%7C8de967c7ba2c190ee3cc0656f8e6acb6%7C%7C8ffc63cf4e2c90c2766510c2e1a3f39f%7C%7C1663701684,sca:%7Bspg:3c7847c5-c230-00b6-3018-7099794160af%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:35 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b4dee710-8c43-ae5f-cd2d-a38b46dfc8fa&tv=%7Bc:unP5jV,pingTime:1,time:2359,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1312%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2359,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1312,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1062~100%5D,as:%5B1062~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:729,fm:tnBrHu0+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w.929007%7C1w1%7C1w2%7C1w3,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1313,sis:1524%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:36 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b4dee710-8c43-ae5f-cd2d-a38b46dfc8fa&tv=%7Bc:unP5jV,pingTime:1,time:2359,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1312%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2359,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1312,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1062~100%5D,as:%5B1062~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:729,fm:tnBrHu0+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w.929007%7C1w1%7C1w2%7C1w3,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1313,sis:1524%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:36 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b4dee710-8c43-ae5f-cd2d-a38b46dfc8fa&tv=%7Bc:unP5jV,pingTime:1,time:2359,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1312%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2359,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1312,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1062~100%5D,as:%5B1062~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:729,fm:tnBrHu0+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w.929007%7C1w1%7C1w2%7C1w3,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1313,sis:1524,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:36 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b4dee710-8c43-ae5f-cd2d-a38b46dfc8fa&tv=%7Bc:unP5jW,pingTime:1,time:2360,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1312%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2360,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1312,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1063~100%5D,as:%5B1063~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:729,fm:tnBrHu0+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w.929007%7C1w1%7C1w2%7C1w3,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1313,sis:1524,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:36 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
1px.gif
dcollector.bonzai.co/ Frame CAA0
35 B
378 B
Image
General
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjY4ODMxMjE1OTMyLCJmaSI6ZmFsc2UsInRrIjoiZDQ4MmRmMmVmMDFkZTk4YWE2NWZhOTE4NmExYTc5IiwiYWQiOiIyNjY3ODkxNTUzNjEyMTgwMzU1IiwiY250IjoiZGl2Iiwic24iOiJERlAgKFBHKSIsInBsIjoiMjY2OTIwMTQzMTk2NzA2MTIzIiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSBmdW5jdGlvbiBjYWxsZWQsIGR0c01haW4ifQ==&etc=0.19627420065376233
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-119.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:36:55 GMT
via
1.1 625de659a90e36a729e80cd3fdf6ae3c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
23802
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
0lyUlCn53N3sVC43Tjph980Fet5udoklVEXpSfV_tO14y65m4_v-vA==
rec
collector.bonzai.co/ Frame CAA0
0
0

truncated
/
48 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f0ddb8ae9b06e9b440b190836aceba6aa24702d0ae4b358b77c4b2db29d602d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/jpeg
0699b740-b6dc-4383-a4f9-2d2ead845c91_v1_5.png
massets.bonzai.co/ Frame CAA0
9 KB
10 KB
Image
General
Full URL
https://massets.bonzai.co/0699b740-b6dc-4383-a4f9-2d2ead845c91_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-66.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
067ad9af108327122242a6037f57e9fb339b5b8232fafca5af68e40c83a63ed3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 14:06:48 GMT
via
1.1 65866bb6c20ad09669a6cfc294087ec0.cloudfront.net (CloudFront)
last-modified
Mon, 31 Oct 2022 01:03:15 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
1174009
etag
"cad6c7a8c1e86d7a3dfa679ac60bcc38"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9515
x-amz-cf-id
VTqIig7bEagdM8Frsv7DBUta5ZymIdrEXd8uQHv9Z-PgRUH4SlUSqg==
eaa69a0d-3da3-441c-9f64-2734a1142768_v1_5.png
massets.bonzai.co/ Frame CAA0
34 KB
35 KB
Image
General
Full URL
https://massets.bonzai.co/eaa69a0d-3da3-441c-9f64-2734a1142768_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-66.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df0f2961fcf22b5b181582f74613310c0b25d8e2c38062df1ca1811187dfc4c6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 22:18:01 GMT
via
1.1 65866bb6c20ad09669a6cfc294087ec0.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:55:30 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
626136
etag
"8676314060baaf677f64da0d05f86172"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
35012
x-amz-cf-id
ymj3HBexz7uFyV3xq7D5XD6aHY1qHENVnduPx88HoHmYH1exjdFcWw==
97c489a6-dd2f-49a6-a22a-681b937da036_v1_5.png
massets.bonzai.co/ Frame CAA0
450 KB
451 KB
Image
General
Full URL
https://massets.bonzai.co/97c489a6-dd2f-49a6-a22a-681b937da036_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-66.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b04bdc0369f1282ae5539b7fad8b1c45ee6cd0b7b3314a4aacb178d9f55c9086

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 20:15:05 GMT
via
1.1 65866bb6c20ad09669a6cfc294087ec0.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:55:45 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
806312
etag
"0681a029cd7ec1d1802c3f36af58abf4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
460416
x-amz-cf-id
X87mzcN3SeOnWkEG7ZgJH44-oGZWd-g2VlAKiHQhPFcdJGD7VYzqCg==
09ecfbe2-f7fe-40c8-bd9c-02037f548044_v1_5.png
massets.bonzai.co/ Frame CAA0
397 KB
398 KB
Image
General
Full URL
https://massets.bonzai.co/09ecfbe2-f7fe-40c8-bd9c-02037f548044_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-66.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a0c99baf829ea5d70bf41f38fbf741e8d3b42b7842c081ecfd0d3993ea74801

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 01:10:55 GMT
via
1.1 65866bb6c20ad09669a6cfc294087ec0.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:55:39 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
1047761
etag
"d4b4002901057d2660bb2dbea51785a5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
406832
x-amz-cf-id
r0MX8OrNxIFLQAhOk5pUQApttuZKTs5F07RynjieWFgJdMuEdmz-9Q==
43c8b194-037a-4233-a700-5f886865e396_v1_5.png
massets.bonzai.co/ Frame CAA0
15 KB
15 KB
Image
General
Full URL
https://massets.bonzai.co/43c8b194-037a-4233-a700-5f886865e396_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-66.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddc6a0df25826e5cbf2eff4b33d93834f90e09180d0f81c9ffefb69d3cf2a673

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 20:43:58 GMT
via
1.1 65866bb6c20ad09669a6cfc294087ec0.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:55:55 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
113378
etag
"8aaef6a1b918e9bf2a0ad31eee6a9846"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
14876
x-amz-cf-id
LNz8FO9PIEbsZt2tLslUjxGBNu4IyYIPvTr0NtLoEHeMHWok0P567w==
me-min-0c34c9ac03.js
s.bzcdn.co/canvas/ca/video/raw-lib/ Frame CAA0
68 KB
68 KB
Image
General
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/me-min-0c34c9ac03.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-121.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 08:24:18 GMT
content-encoding
br
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
last-modified
Thu, 30 Jun 2022 08:09:32 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
12253759
etag
W/"b162e5356e64e3f4caba75f7adf0b8d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
RSVqOCqlgsWUkoO_nVdQ4eFlKm0cUKG1xHL_2KQiRvGkvKWUb9tVOw==
dt
dt.adsafeprotected.com/ Frame 81C9
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=929007&asId=bd0ee5bb-e990-1b1e-d1a8-cadcaef48a8d&tv=%7Bc:unP5oo,pingTime:-10,time:2423,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1668831215497%7C%7C080afabd8afe40d95c356d4d9356969c%7C%7Cf8b8963e850cee297829880103706300%7C%7Cb326fe86a6e38ed3b05d4cef56eb9401%7C%7Cdd7fb3767b974544d1c3891ab43586bf%7C%7C4bb969a0c3b49182c2141dc90085ad64%7C%7C8de967c7ba2c190ee3cc0656f8e6acb6%7C%7C8ffc63cf4e2c90c2766510c2e1a3f39f%7C%7C1663701684,sca:%7Bspg:3c7847c5-c230-00b6-3018-7099794160af%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:36 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ebeb6342-26b8-84df-6607-54cb4104848f&tv=%7Bc:unP5oY,pingTime:1,time:1917,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:906%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1917,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:906,wc:0.0.1600.1200,ac:1123.578.300.250,am:i,cc:1123.578.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1022~100%5D,as:%5B1022~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:268,fm:tnBrHGb+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:906,sis:1120%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:36 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ebeb6342-26b8-84df-6607-54cb4104848f&tv=%7Bc:unP5oY,pingTime:1,time:1917,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:906%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1917,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:906,wc:0.0.1600.1200,ac:1123.578.300.250,am:i,cc:1123.578.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1022~100%5D,as:%5B1022~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:268,fm:tnBrHGb+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:906,sis:1120%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:36 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ebeb6342-26b8-84df-6607-54cb4104848f&tv=%7Bc:unP5oZ,pingTime:1,time:1918,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:906%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1918,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:906,wc:0.0.1600.1200,ac:1123.578.300.250,am:i,cc:1123.578.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1023~100%5D,as:%5B1023~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:268,fm:tnBrHGb+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:906,sis:1120,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:36 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ebeb6342-26b8-84df-6607-54cb4104848f&tv=%7Bc:unP5oZ,pingTime:1,time:1918,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:906%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1918,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:906,wc:0.0.1600.1200,ac:1123.578.300.250,am:i,cc:1123.578.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1023~100%5D,as:%5B1023~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:268,fm:tnBrHGb+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:906,sis:1120,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:36 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ce-video-new-min-fd8262ba53.css
s.bzcdn.co/canvas/ca/video/raw-lib/
13 KB
3 KB
Stylesheet
General
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2667891553612180355_1667548731684_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-121.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18c54fdefb6751daf143fd6c63b4f2153f2df222eda828a5ec2f10ab8c410f59

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:26:14 GMT
content-encoding
gzip
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
last-modified
Fri, 05 Aug 2022 09:09:38 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
6860844
etag
W/"32363fbe7416020c70983107aea60606"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
6Sr3LIgCM4NapLOYKoBrxrMq58NRWn1doD3A2Kxo0dBl5Zk4jwutew==
ce-video-vv-6b88b1ed56.css
s.bzcdn.co/canvas/ca/video/raw-lib/
431 B
773 B
Stylesheet
General
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-vv-6b88b1ed56.css
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2667891553612180355_1667548731684_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-121.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca40f6cbbf38d34bcdbd7727249fd016b7bc8aac6e117adcb82d3792e76f9860

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:26:14 GMT
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
last-modified
Fri, 05 Aug 2022 09:09:38 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
6860844
etag
"430de22743d923be7f36b54d1776a908"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
431
x-amz-cf-id
33PPTkIHjqFEgRWg4zKGBZqzhmpOK4-G4KZv2ZmXknQXaxP6bfst0Q==
0699b740-b6dc-4383-a4f9-2d2ead845c91_v1_5.png
massets.bonzai.co/
9 KB
10 KB
Image
General
Full URL
https://massets.bonzai.co/0699b740-b6dc-4383-a4f9-2d2ead845c91_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-66.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
067ad9af108327122242a6037f57e9fb339b5b8232fafca5af68e40c83a63ed3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 14:06:48 GMT
via
1.1 65866bb6c20ad09669a6cfc294087ec0.cloudfront.net (CloudFront)
last-modified
Mon, 31 Oct 2022 01:03:15 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
1174010
etag
"cad6c7a8c1e86d7a3dfa679ac60bcc38"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9515
x-amz-cf-id
F8PO1QtTGwlzM32m903qbcZO6HHUjqFioUmbw-dTC85VTLwLyx-nKQ==
eaa69a0d-3da3-441c-9f64-2734a1142768_v1_5.png
massets.bonzai.co/
34 KB
35 KB
Image
General
Full URL
https://massets.bonzai.co/eaa69a0d-3da3-441c-9f64-2734a1142768_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-66.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df0f2961fcf22b5b181582f74613310c0b25d8e2c38062df1ca1811187dfc4c6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 22:18:01 GMT
via
1.1 65866bb6c20ad09669a6cfc294087ec0.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:55:30 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
626137
etag
"8676314060baaf677f64da0d05f86172"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
35012
x-amz-cf-id
AiTAJCEVIdL9Trcmg5t9z5fwWifylEViZElY0CI2Ii2vN3SJt9na5Q==
97c489a6-dd2f-49a6-a22a-681b937da036_v1_5.png
massets.bonzai.co/
450 KB
450 KB
Image
General
Full URL
https://massets.bonzai.co/97c489a6-dd2f-49a6-a22a-681b937da036_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-66.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b04bdc0369f1282ae5539b7fad8b1c45ee6cd0b7b3314a4aacb178d9f55c9086

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 20:15:05 GMT
via
1.1 65866bb6c20ad09669a6cfc294087ec0.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:55:45 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
806313
etag
"0681a029cd7ec1d1802c3f36af58abf4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
460416
x-amz-cf-id
HdJ9-GChzYnX-pRET4_McknZ2LE981IArh27cnOpNFXWL-0v7yBkDA==
09ecfbe2-f7fe-40c8-bd9c-02037f548044_v1_5.png
massets.bonzai.co/
397 KB
398 KB
Image
General
Full URL
https://massets.bonzai.co/09ecfbe2-f7fe-40c8-bd9c-02037f548044_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-66.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a0c99baf829ea5d70bf41f38fbf741e8d3b42b7842c081ecfd0d3993ea74801

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 01:10:55 GMT
via
1.1 65866bb6c20ad09669a6cfc294087ec0.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:55:39 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
1047762
etag
"d4b4002901057d2660bb2dbea51785a5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
406832
x-amz-cf-id
w8tWDznQKOqvCGYbJoqfm_gF_7rdszA4rQvxVVN1bhRJlTMBynnBsw==
43c8b194-037a-4233-a700-5f886865e396_v1_5.png
massets.bonzai.co/
15 KB
15 KB
Image
General
Full URL
https://massets.bonzai.co/43c8b194-037a-4233-a700-5f886865e396_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-66.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddc6a0df25826e5cbf2eff4b33d93834f90e09180d0f81c9ffefb69d3cf2a673

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 20:43:58 GMT
via
1.1 65866bb6c20ad09669a6cfc294087ec0.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:55:55 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
113379
etag
"8aaef6a1b918e9bf2a0ad31eee6a9846"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
14876
x-amz-cf-id
qqtHJ_SnQqLVmMs4AaqRcpRWEhTeUedVtwAquNpcqfecgtnyJERiyw==
me-min-0c34c9ac03.js
s.bzcdn.co/canvas/ca/video/raw-lib/
133 KB
31 KB
Script
General
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/me-min-0c34c9ac03.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2667891553612180355_1667548731684_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-121.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
017ed3a3015deeaaeadc08a4d8dcde59e102fb6838ab0df6b89ff4aee77ec196

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 08:24:18 GMT
content-encoding
br
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
last-modified
Thu, 30 Jun 2022 08:09:32 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
12253760
etag
W/"b162e5356e64e3f4caba75f7adf0b8d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
5i5qHDx3ROgKqAscaSGH75a-JcTGks_n9ZXipYU5yQjWoBTwNCdeWQ==
1px.gif
dcollector.bonzai.co/ Frame CAA0
35 B
380 B
Image
General
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjY4ODMxMjE2OTE5LCJmaSI6ZmFsc2UsInRrIjoiZDQ4MmRmMmVmMDFkZTk4YWE2NWZhOTE4NmExYTc5IiwiYWQiOiIyNjY3ODkxNTUzNjEyMTgwMzU1IiwiY250IjoiZGl2Iiwic24iOiJERlAgKFBHKSIsInBsIjoiMjY2OTIwMTQzMTk2NzA2MTIzIiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSByZWFkeSwgKiJ9&etc=0.8736627485387913
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-119.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:36:55 GMT
via
1.1 625de659a90e36a729e80cd3fdf6ae3c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
23803
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
1vcrYdz6sQZ2kqjvH5uJckJ8xX-T17soEEXZaMjOmfo_N7vNHySZUQ==
6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.0000000.jpeg
massets.bonzai.co/mediaconvert/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5/
64 KB
64 KB
Image
General
Full URL
https://massets.bonzai.co/mediaconvert/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.0000000.jpeg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-66.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecdc40c675cbe207cc7d075bdfdd8b994ce97f159c3d73d31dfaf24998051b0b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:54:21 GMT
via
1.1 65866bb6c20ad09669a6cfc294087ec0.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:56:36 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
22757
x-amz-server-side-encryption
AES256
etag
"cbf88ebcce5ad03d2384987732f85a21"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
65050
x-amz-cf-id
JJ2TMkQ-nCYNtm5079SbqcJy6QHvBqbRh0AignN6-XeWW572jdjyqg==
1px.gif
dcollector.bonzai.co/ Frame CAA0
35 B
379 B
Image
General
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjY4ODMxMjE2OTUyLCJmaSI6ZmFsc2UsInRrIjoiZDQ4MmRmMmVmMDFkZTk4YWE2NWZhOTE4NmExYTc5IiwiYWQiOiIyNjY3ODkxNTUzNjEyMTgwMzU1IiwiY250IjoiZGl2Iiwic24iOiJERlAgKFBHKSIsInBsIjoiMjY2OTIwMTQzMTk2NzA2MTIzIiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSByZWFkeSwgZHRzTWFpbiJ9&etc=0.6167268741486218
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-119.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:36:55 GMT
via
1.1 625de659a90e36a729e80cd3fdf6ae3c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
23803
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
fDdnkhwvjZR4Adopy7WfybgaJcMXcBaIWLsS4RDfmno6lt4PF4LABQ==
6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.mp4
massets.bonzai.co/mediaconvert/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5/
0
0

SPug
simage4.pubmatic.com/AdServer/ Frame 8526
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:13:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
TL-Play.svg
s.bzcdn.co/canvas/ca/video/raw-lib/
379 B
738 B
Image
General
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/TL-Play.svg
Requested by
Host: s.bzcdn.co
URL: https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-121.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5479429cf03c62393df0e79e6ad5f626153798b7339ff83af1a1a8495824f2e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:25:09 GMT
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 11:20:35 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
24509
etag
"bd3cbcf6fa4e381e788b759e0f902237"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
379
x-amz-cf-id
vtbjUJsI5njNVwG5ZzePD9tw15ktKQEkuqZrK2IR0ex7tOPfWeiVeA==
mute.svg
s.bzcdn.co/canvas/ca/video/raw-lib/
612 B
951 B
Image
General
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/mute.svg
Requested by
Host: s.bzcdn.co
URL: https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-121.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e745fd04b3660338e575422753f485d606dc732ef86fd366601483f65ab97744

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:11:13 GMT
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 11:20:35 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
3745
etag
"4d2781ec1a00eaf0d5c27a476a0576be"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
612
x-amz-cf-id
1j13qNrOcAI6rF95F1ANKlCMGFuaAZLWDGP3kP_KcaAXn8KswuGfdA==
1px.gif
dcollector.bonzai.co/ Frame CAA0
35 B
378 B
Image
General
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjY4ODMxMjE3MjgxLCJmaSI6ZmFsc2UsInRrIjoiZDQ4MmRmMmVmMDFkZTk4YWE2NWZhOTE4NmExYTc5IiwiYWQiOiIyNjY3ODkxNTUzNjEyMTgwMzU1IiwiY250IjoiZGl2Iiwic24iOiJERlAgKFBHKSIsInBsIjoiMjY2OTIwMTQzMTk2NzA2MTIzIiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSBsb2FkLCAqIn0=&etc=0.8139249766624166
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-119.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:36:55 GMT
via
1.1 625de659a90e36a729e80cd3fdf6ae3c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
23803
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
huRiQVqahoRtrDwf17HKTcQ5tpItPho76qzT5M6LUwmafGSYh1YRgA==
1px.gif
dcollector.bonzai.co/ Frame CAA0
35 B
379 B
Image
General
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjY4ODMxMjE3MjgyLCJmaSI6ZmFsc2UsInRrIjoiZDQ4MmRmMmVmMDFkZTk4YWE2NWZhOTE4NmExYTc5IiwiYWQiOiIyNjY3ODkxNTUzNjEyMTgwMzU1IiwiY250IjoiZGl2Iiwic24iOiJERlAgKFBHKSIsInBsIjoiMjY2OTIwMTQzMTk2NzA2MTIzIiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSBsb2FkLCBkdHNNYWluIn0=&etc=0.7074828113565967
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-119.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:36:55 GMT
via
1.1 625de659a90e36a729e80cd3fdf6ae3c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
23803
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
QuKzMz2f0FEpBWRx5_r8JUUThMhbksk47pMxAKdoaT3WpbVHkOku4w==
6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.mp4
massets.bonzai.co/mediaconvert/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5/
2 MB
2 MB
Media
General
Full URL
https://massets.bonzai.co/mediaconvert/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.mp4?ngsw-bypass=true
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-66.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c90a02d7c77c4dd508eede5f22240786f23c358336aef0f7c7a20d13f147ed64

Request headers

Referer
https://www.heraldsun.com.au/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 18 Nov 2022 21:55:57 GMT
via
1.1 65866bb6c20ad09669a6cfc294087ec0.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 06:56:49 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
22661
etag
"3df3649cd6c3e3d1d6fd63e637a3adb1"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-1613534/1613535
accept-ranges
bytes
x-amz-cf-id
VktWyUQehQ1E_dKels-1raO9bhxJHE8XKiEPQ1HO8jYXCDQhYk3z9A==
Content-Length
1613535
pause.svg
s.bzcdn.co/canvas/ca/video/raw-lib/
530 B
889 B
Image
General
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/pause.svg
Requested by
Host: s.bzcdn.co
URL: https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-121.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc75e0032627fad35171c6bf3cd6f4ae84561c235b1d41da56fb4dd6a6fb5c6a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 11:38:48 GMT
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 11:20:35 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
59690
etag
"c190fe9dcb74b7867b47253015f2f9a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
530
x-amz-cf-id
08J1YLLMfbvhUWLz-QtkUV3U1RY-W0HBmnNmV2iyIHgdjfeg-55XGg==
rec
collector.bonzai.co/ Frame CAA0
0
0

rec
collector.bonzai.co/ Frame CAA0
0
0

dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b4dee710-8c43-ae5f-cd2d-a38b46dfc8fa&tv=%7Bc:unP6mq,pingTime:5,time:6358,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1312%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6358,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1312,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5061~100%5D,as:%5B5061~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:272,fm:tnBrHu0+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w.929007%7C1w1%7C1w2%7C1w3,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1313,sis:1524%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:39 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b4dee710-8c43-ae5f-cd2d-a38b46dfc8fa&tv=%7Bc:unP6mr,pingTime:5,time:6359,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1312%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6359,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1312,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5062~100%5D,as:%5B5062~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:272,fm:tnBrHu0+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q1%7C1r%7C1s*.10507%7C1s1%7C1t.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w.929007%7C1w1%7C1w2%7C1w3,idMap:1s*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1313,sis:1524%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:39 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ebeb6342-26b8-84df-6607-54cb4104848f&tv=%7Bc:unP6ru,pingTime:5,time:5917,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:906%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5917,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:906,wc:0.0.1600.1200,ac:1117.624.300.250,am:i,cc:1117.624.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5022~100%5D,as:%5B5022~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:270,fm:tnBrHGb+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:906,sis:1120%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:40 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ebeb6342-26b8-84df-6607-54cb4104848f&tv=%7Bc:unP6ru,pingTime:5,time:5917,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:906%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5917,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:906,wc:0.0.1600.1200,ac:1117.624.300.250,am:i,cc:1117.624.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5022~100%5D,as:%5B5022~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:270,fm:tnBrHGb+11%7C12%7C13%7C14%7C15%7C16111%7C16112%7C16113%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1n6%7C1o%7C1p%7C1q1%7C1r%7C1s1%7C1s2%7C1t*.10507%7C1t1%7C1t2%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1w1%7C1w2%7C1w3%7C1w4,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:906,sis:1120%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.86.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-86-55.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:13:40 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/13/27213708
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/L2hE9Iup/VHLDoHn/XSyFiIz/zo/aVY1NmXSLOX5/OwoJHgE/D1U/2Ik5SXnMB
Domain
syd-1-apex.go.sonobi.com
URL
https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%222fb98566f24582%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%223edb5d558d86ad%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%224ba362d58374a8%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%22593297d89555cc%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=2c3f6cd8-33c9-457b-9aa7-677817f521d7&pv=f5e11266-1034-447a-9e30-edbdef7def3a&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Domain
collector.bonzai.co
URL
https://collector.bonzai.co/rec?q=eyJicGlkIjoiZHRzTWFpbiIsInBhZ2VJZCI6ImR0c01haW4iLCJ3aWR0aCI6MTkyMCwiaGVpZ2h0IjoxMDgwLCJldiI6ImluaXRpYWxfYnAiLCJldm4iOiJpbml0aWFsX2JwIiwiZXZ0IjoiQXV0byIsImZpIjpmYWxzZSwibyI6InBvcnRyYWl0IiwiY3R6IjowLCJjdHMiOjE2Njg4MzEyMTU5MzYsIm1vZGUiOiJsaXZlIiwidGsiOiJkNDgyZGYyZWYwMWRlOThhYTY1ZmE5MTg2YTFhNzkiLCJhZCI6IjI2Njc4OTE1NTM2MTIxODAzNTUifQ==&etc=0.7492303174893478
Domain
massets.bonzai.co
URL
https://massets.bonzai.co/mediaconvert/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5/6ef7680b-3be6-4618-9732-3670b9f272f6_v1_5_original.mp4?ngsw-bypass=true
Domain
collector.bonzai.co
URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZWxlaWQiOiJranpzUiIsImVsZW4iOiJ2ZG8gMSIsImVsZXQiOiJWSURFTyIsImV2IjoidmlkZW9zdGFydCIsImV2biI6IlZpZGVvIFN0YXJ0IiwiZXZ0IjoiQXV0byIsImZpIjpmYWxzZSwicG4iOiJEZXNrdG9wIHRydVNraW4gbWFpbiIsInBpZCI6ImR0c01haW4iLCJwdCI6ImR0cyIsImJya3AiOiJEZXNrdG9wIHRydVNraW4gbWFpbiIsImJya3BpZCI6ImR0c01haW4iLCJhdXRvIjp0cnVlLCJ2bGVuIjoxNSwicG9zIjowLjAwMDY0Niwid2lkIjoxLCJvIjoicG9ydHJhaXQiLCJjdHoiOjAsImN0cyI6MTY2ODgzMTIxNzcxNCwibW9kZSI6ImxpdmUiLCJ0ayI6ImQ0ODJkZjJlZjAxZGU5OGFhNjVmYTkxODZhMWE3OSIsImFkIjoiMjY2Nzg5MTU1MzYxMjE4MDM1NSJ9&etc=0.38102996572689785
Domain
collector.bonzai.co
URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZWxlaWQiOiJranpzUiIsImVsZW4iOiJ2ZG8gMSIsImVsZXQiOiJWSURFTyIsImV2IjoidmlkZW90aW1lIiwiZXZuIjoiVmlkZW8gVGltZSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsInBuIjoiRGVza3RvcCB0cnVTa2luIG1haW4iLCJwaWQiOiJkdHNNYWluIiwicHQiOiJkdHMiLCJicmtwIjoiRGVza3RvcCB0cnVTa2luIG1haW4iLCJicmtwaWQiOiJkdHNNYWluIiwiYXV0byI6dHJ1ZSwidmxlbiI6MTUsInBvcyI6MS4wMDkyNDgsIndpZCI6MSwibyI6InBvcnRyYWl0IiwiY3R6IjowLCJjdHMiOjE2Njg4MzEyMTg3NTksIm1vZGUiOiJsaXZlIiwidGsiOiJkNDgyZGYyZWYwMWRlOThhYTY1ZmE5MTg2YTFhNzkiLCJhZCI6IjI2Njc4OTE1NTM2MTIxODAzNTUifQ==&etc=0.3155923506064555

Verdicts & Comments Add Verdict or Comment

323 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| _taboola object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr function| toggleShowMore object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter undefined| $ function| jQuery function| admiral object| googletag number| taboola_view_id function| loadjs boolean| isLoadedIndiesJs string| urhehlevkedkilrobacf function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg object| COMSCORE function| udm_ object| ns_p object| placementData string| nam object| __AMP_LOG object| __AMP_MODE function| AmpStoryPlayer function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise object| lazySizes object| ads_api function| algoliasearch object| vidora function| vidoraTrackExtraElements object| vidoraHelper object| app function| 4dm1r11545242527 object| auth object| vidora_ns object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| fetchGDPR function| _tealium_old_error boolean| __tealium_twc_switch object| nb undefined| rea_site_short string| site_short string| pathname string| loc object| theseAddresses object| notTheseAddresses object| nrm_sites object| sectionData number| _sf_endpt function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker object| m object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent number| interval object| KAMPYLE_EMBED function| setImmediate function| clearImmediate object| ID5 object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| ads_core object| ads_extra string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig boolean| excludeKargo object| adUnits object| pbjs object| __iasPET number| AMAZON_APS_TIMEOUT object| kw_ignore object| ggeac function| pbjsChunk object| _pbjsGlobals object| apsUnits object| nca_ipsos object| dm object| npt object| brandmetrics function| __assign object| atsenvelopemodule object| ats function| __spreadArrays object| _brandmetrics function| omrhp object| ajax object| instance object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData boolean| isAlloyConfigured object| diagPixSentCodes object| __iasAdRefreshConfig object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents undefined| google_measure_js_timing boolean| hasApsUnits object| ads_ready object| Criteo function| GeaLoader boolean| apstagLOADED string| s_tnt function| cookieWrite function| cookieRead string| g function| formatTime string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo object| s_i_newscorpau-hsweb_newscorpau-global boolean| DotMetricsInitScript object| DotMetricsSettings object| DotmetricsJSON object| CryptoJS object| DotMetricsObj object| UrlCache object| SUBSCRIPTIONS object| SWG undefined| oneTagObj function| ebDecode object| bsResponseObj object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| categoryData object| googDdmPs object| tbopt object| __IntegralASExec

207 Cookies

Domain/Path Name / Value
.taboola.com/newscorpau-aud-heraldsun/ Name: taboola_session_id
Value: v2_38612f2532f0b101b9d0b592125a50eb_21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63_1668831203_1668831203_CIi3jgYQgPNHGM6i3fDIMCABKAEwEDiu_QZA8IUQSOaS1wNQlZoCWABgAGiy-ebp3bfByjVwAQ
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: bfe2ef30bb338b9eedd84e8ab566b718
.heraldsun.com.au/ Name: nk
Value: bfe2ef30bb338b9eedd84e8ab566b718
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1668831201
www.heraldsun.com.au/ Name: lux_uid
Value: 166883120312180533
www.heraldsun.com.au/ Name: _tb_sess_r
Value:
www.heraldsun.com.au/ Name: _tb_t_ppg
Value: https%3A//www.heraldsun.com.au/
.taboola.com/ Name: t_gid
Value: 21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63
www.heraldsun.com.au/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63
.scorecardresearch.com/ Name: UID
Value: 1AF6e9fb821ff3eecd566e61668831203
.heraldsun.com.au/ Name: bm_sv
Value: 39435D8C9131F0D9DA23B1D9C15C47D3~YAAQryg0F7Z6poOEAQAAUFMXjhH8I0q3Gdqp90ES+qDPpNBu7tiOWN30TlgECdXKhEGk8wE/sgV9dUBBsEcccVUvxvtqgGzE5Uqy+lSEhFTVu+AYHxT5KLJV8MV2F5lh+L57GyTK7dq9pt2VEhze4BdAkSJO0AVHNbR+8XxNr2wR0aNJqnz4hTrlKFnFkPw16FOQUwLYdZtRN9JLxXa8CH4T8UQilTxWgS3vf8+u2YlnTLumw24IU264RlXTrpo4oUy12NmJ~1
www.heraldsun.com.au/ Name: AWSALB
Value: Fz50y+hCRFA0zllvqr4d5Qh2InGbi3l1xy8EQW3X0yQSwIDsEDlIYKfy+dRduGQRjxMe13Zsdfe5uuR+LKnxfh9GiFayHh+46ZCen6BLBpOxojZNb9bSUJIdjMpQ
.heraldsun.com.au/ Name: ak_bmsc
Value: F855D0D974497F7CFF8D03BD78AFEADE~000000000000000000000000000000~YAAQryg0F7d6poOEAQAApVUXjhHJ39vZlb8R2tpYGv4+w2YM5sFPRhYqKcdNouKFk0JsmyCveH7pw0cwabuyxSQmUWFE8rEN3VpD7sSO9XtcC6TjDOvO4VQZwNE2edTsp4/5aY+dNwGuVy2EEe/kOsOVEX8cAan6eqJBWATlOvxpHSuxTNivHgeg6D1FDzb+VWmcZEhh5rGBgirTfCVuUZn9Z+rrfeEJcSBxzwGZll+5eYKGWWcA6YRxZotRXerH8LN3u+69M/dhLcnZCPcbLkJfFyPstyZpIX1zJkSkJItdcA2yLz+xPioVsbGStW0KAOCdYt5+JPNXYBBPZKt5eirkzmVD/ybFHCzwCzg75u8Kx8SGXvjtQPlrb283T2mgHfVS0Sg0UeczaY0OjNtMVDdZpZsYW0I/daGIton8M1Et3B6Brne4wmUKvAmaIDFkxIJQznwrcE7xf0jOgH3hdaAhod9eaqTJdSEVBAPtM8DNqdx9uXb7L1s4hTFLtJua9W8p
www.heraldsun.com.au/ Name: AWSALBCORS
Value: Fz50y+hCRFA0zllvqr4d5Qh2InGbi3l1xy8EQW3X0yQSwIDsEDlIYKfy+dRduGQRjxMe13Zsdfe5uuR+LKnxfh9GiFayHh+46ZCen6BLBpOxojZNb9bSUJIdjMpQ
.heraldsun.com.au/ Name: utag_main
Value: v_id:01848e1756c7000f876211c5d85603074001d06c00b08$_sn:1$_se:1$_ss:1$_st:1668833005064$ses_id:1668831205064%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.2523920314500112
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3A8342d390-67c0-11ed-894f-0d9edc16bc24.UqcbJREcEhxByNn1JHFoda2b75q0N%2BDm69oY7p37Z2U
.heraldsun.com.au/ Name: metrics_pcsid
Value: not%20set
.heraldsun.com.au/ Name: _cb
Value: DdzMV1DCzoxGBklVGl
.heraldsun.com.au/ Name: _chartbeat2
Value: .1668831205764.1668831205764.1.DcYf4FcuTzWDboYwNqt97PC3_Ayv.1
.heraldsun.com.au/ Name: _cb_svref
Value: null
.heraldsun.com.au/ Name: _ncid
Value: 4a4d960152ba9d6cd13a076e260282fb
www.heraldsun.com.au/ Name: vidoraUserId
Value: npibvbckd80ga4vec1ma7lel5jcldb
.heraldsun.com.au/ Name: _awl
Value: 3.1668831206.0.5-3cb2b352d429ec0a6c9718b320dae868-6763652d617369612d6561737431-0
.demdex.net/ Name: demdex
Value: 87708424576475003343163438819615137413
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1668831206679.1938170883
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: nol_fpid
Value: wzgxgmzce8gf0rvjzkr08wndq0sl61668831206|1668831206826|1668831206826|1668831206826
www.heraldsun.com.au/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.heraldsun.com.au/ Name: _lr_retry_request
Value: true
www.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.postrelease.com/ Name: visitor
Value: 56015b1c-70df-4fc7-ac19-6fe14b2c911b
.postrelease.com/ Name: status
Value: 0
.adsrvr.org/ Name: TDID
Value: 26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06
.doubleclick.net/ Name: IDE
Value: AHWqTUlKKcDi3vT4ZN90fdVCy9DKgEmk7452VQKasp1u9eym1Y8lJk6NtNSiZoTWF4Y
.adscale.de/ Name: uu
Value: 0560958b5fa541d3b7f9abd46b9a0e3b
.socdm.com/ Name: SOC
Value: Y3hX58Co8YEAADgJERgAAAAA
ads.playground.xyz/ Name: connect.sid
Value: s%3ASapSbmap095acJxGGZvAM3Hr8Oqhfkrj.Dg6sYH%2B8BElbgiWrtz%2BsMVp7vMR6b2DJg2u7Y7n6YM8
.heraldsun.com.au/ Name: s_ecid
Value: MCMID%7C87687283538456159243165546327420702623
.smartadserver.com/ Name: pid
Value: 8388621946147052914
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 107:21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63
.adscale.de/ Name: cct
Value: 1668831207554
.imrworldwide.com/ Name: IMRID
Value: 84bc7b40-67c0-11ed-bbe5-0967dc7d2a2e
.contextweb.com/ Name: V
Value: psD1X2IZvshq
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1hbb|5Ql.0.21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: e8547ab2ada93a6e
.lijit.com/ Name: ljt_reader
Value: FrOdCQZHNkxECRv7TeO0BWbo
.rubiconproject.com/ Name: khaos
Value: LANF0GZ0-1H-D5IH
.heraldsun.com.au/ Name: s_nr30
Value: 1668831207890-New
.heraldsun.com.au/ Name: s_tslv
Value: 1668831207891
.heraldsun.com.au/ Name: s_inv
Value: 0
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Chome%7Chomepage%7Chomepage
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_tp
Value: 12532
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Chome%257Chomepage%257Chomepage%2C10%2C10%2C1200%2C1%2C10
.heraldsun.com.au/ Name: s_cc
Value: true
.criteo.com/ Name: uid
Value: dce714bd-31bf-4d4c-b783-26c16807bc33
.adnxs.com/ Name: uuid2
Value: 7870255768103140305
.lijit.com/ Name: _ljtrtb_42
Value: 21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63
.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898%2C17568988%2C17568985
.heraldsun.com.au/ Name: aam_uuid
Value: 87708424576475003343163438819615137413
.openx.net/ Name: i
Value: 48fc33df-86da-49cd-be10-c0902a72e0c8|1668831208
.3lift.com/ Name: tluid
Value: 2393296798265712194982
mfad.inskinad.com/ Name: azk
Value: ue1-25dc3a9271674dd5b8f6a8e5f7791bf9
mfad.inskinad.com/ Name: azk-ss
Value: true
.dpm.demdex.net/ Name: dpm
Value: 87708424576475003343163438819615137413
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: cb07bfd6-6fab-45b5-9031-8d17856290f0.1668831207.1.1668831209.1668831207.2850a636-5157-4ec2-9c21-d1db2e08918c
.omnitagjs.com/ Name: ayl_visitor
Value: ffac5803a07dde1d09121192a779e3b1
.id5-sync.com/ Name: id5
Value: 0ae9951a-da77-4fa0-b059-d2b97eda0ea1#1668831208116#2
.casalemedia.com/ Name: CMID
Value: Y3hX6Na-JlG83cbzRPQ1RQAA
.casalemedia.com/ Name: CMPS
Value: 4749
.casalemedia.com/ Name: CMPRO
Value: 4749
.turn.com/ Name: uid
Value: 7481973582026346771
.bidswitch.net/ Name: tuuid
Value: 8a3ee0bb-1157-4fe2-9fcf-cda42ef0afb8
.bidswitch.net/ Name: c
Value: 1668831208
.tapad.com/ Name: TapAd_TS
Value: 1668831209023
.tapad.com/ Name: TapAd_DID
Value: 5da9f952-c53c-4992-b227-fb1f58a0d6b4
.newscgp.com/ Name: sp
Value: 3845a6bd-f2ae-4d3c-8fb6-45757ecbb999
.mfadsrvr.com/ Name: tuuid
Value: d5101a8e-c355-4008-8992-2da8df386423
.mfadsrvr.com/ Name: c
Value: 1668831209
.mfadsrvr.com/ Name: tuuid_lu
Value: 1668831209
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fd2be7ef-39d7-4b11-4d39-f054aa410f43.%2FfgdOVOssFIrBmr%2FjB97XDQBEV9g8%2FrtahXTSlNrTAg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A_Svn7znXSxFNOfBUqkEPQ6310aU.Hsvku3%2FyMcd%2Fo1O1kvmeK9b3MmMGTMzfIqSr9410eug
.adx.opera.com/ Name: UID
Value: OPU764a1870f1904963938f0177821d896d
.eyeota.net/ Name: mako_uid
Value: 1848e17674a-86f000001084294
.eyeota.net/ Name: SERVERID
Value: 17044~DM
.bidswitch.net/ Name: tuuid_lu
Value: 1668831209
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19316%7CMCMID%7C87687283538456159243165546327420702623%7CMCAAMLH-1669436007%7C3%7CMCAAMB-1669436007%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C-1522588349%7CMCOPTOUT-1668838407s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19323%7CvVersion%7C5.1.1
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=f1962776-2a7b-4059-a2bb-151c57968de4&Created=11/19/2022 04:13:29&UserMode=0&guid=d35eb31a-6386-414e-8f23-1f0e0bc62ee8&ver=1
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiY4NzY4NzI4MzUzODQ1NjE1OTI0MzE2NTU0NjMyNzQyMDcwMjYyM1IPCPLP3fDIMBgBKgRTR1Az8AHyz93wyDA=
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: sgp3
.scanscout.com/ Name: uid
Value: CI-b7412e1449c6e31df032364bb48446c1
.scanscout.com/ Name: UIAA
Value: 87708424576475003343163438819615137413
.scanscout.com/ Name: UIXX_UPDT
Value: "UIAA=1668831209462"
.mfadsrvr.com/ Name: ssh
Value: !taboola,1668831209
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y3hX6QAAAflyDgAT
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13062
Value: 1
.bluekai.com/ Name: bku
Value: pSL99mkUKs1cDk6I
.bluekai.com/ Name: bkpa
Value: KJy9CxObd02pSUHknpxpmEQhwtkAwEQlBp9TBe/6BEztBezN1e9p1pxp1ERpBe1TmeW8BMWN1E1lBeWpJ7Jkjsk0wVC65cOpJEBOJEJsJEJsjcO+nZHkqVHkKY8rjUxk1AjoR71k16aAzskAJEBW1E161eAtJE/tjcON5VkAJEBWJE/6U6JnUNPPuDxe9eCNJvG=
.demdex.net/ Name: dextp
Value: 358-1-1668831207783|470-1-1668831207884|481-1-1668831207985|771-1-1668831208085|903-1-1668831208186|19566-1-1668831208287|23728-1-1668831208388|30432-1-1668831208489|30064-1-1668831208589|66757-1-1668831208690|134096-1-1668831208791|144230-1-1668831208892|144231-1-1668831208993|144232-1-1668831209094|144233-1-1668831209195|144234-1-1668831209296|144235-1-1668831209396|144236-1-1668831209497|144237-1-1668831209598|147592-1-1668831209700|461447-1-1668831209800
.mookie1.com/ Name: id
Value: 10523645694172603081
.mookie1.com/ Name: mdata
Value: 1|10523645694172603081|1668831209776
.mookie1.com/ Name: ov
Value: 932064bd8acfaf3effaeb383dca5e1cd
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 005amuCuU0_004c3mCuU0_
.serving-sys.com/ Name: G4
Value: 0009fM00I._
.serving-sys.com/ Name: OT2
Value: 0001DC1rAs
.serving-sys.com/ Name: u2
Value: b0ad70bc-34c0-4f89-9dde-88a852f23c724JP050
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: 3439VFc0HdTtkKxEeoYzjTW14iIXZIteRxoYua+dHbyHazu6o1BsE2u82gSn4nxJOJxgtATxK8i/+hJvYNGhnqs0TSJXInVEcDz5r2XR5wmrBhgvrCLaIcSNXRuS
.spotxchange.com/ Name: audience
Value: 8651442d-67c0-11ed-9b5c-1554f2220207
.krxd.net/ Name: _kuid_
Value: PNRwq6ty
.mookie1.com/ Name: syncdata_TAP
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: Ax_3s0E6OERvj1uputFHFEw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.1319331298.1668831211
.agkn.com/ Name: ab
Value: 0001%3AXS51ISPpXcPDcM9iFbFg6oawFtNeLmR6
.linkedin.com/ Name: li_sugr
Value: 96fc8d88-6679-45de-b8d6-72f0c729e290
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&72b6b008-07bc-4140-876b-c96bd6686578"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2909:u=1:x=1:i=1668831211:t=1668917611:v=2:sig=AQE4dSikjxjaf9ezBK_K4rL4UUOvtSS-"
.mookie1.com/ Name: syncdata_NEU
Value: 1
.t.co/ Name: muc_ads
Value: 4014ba5a-07fa-4b32-9ab6-f9351354e4ce
.linkedin.com/ Name: UserMatchHistory
Value: AQI9TXDL2_H5mQAAAYSOF29tKHa_dGF-snjIcdsUgCPf4aMyKioWSh2snX4B0DqN6GzLrZhE4lWpXw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIpBG4qR8C3SQAAAYSOF29t6uvcPh8PN6NhAByYuvIpPfXf_P70pDANXzdvO2OXJw3PluDLcp_etMRLTV4Neg
www.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 100
.twitter.com/ Name: personalization_id
Value: "v1_+bCDcCrj+oy4IivqxwAeww=="
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&KRTB&22918-26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06&KRTB&23031-26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06
.yahoo.com/ Name: A3
Value: d=AQABBOtXeGMCEMWaXoOtSLkrDRfITMnC-00FEgEBAQGpeWOCYwAAAAAA_eMAAA&S=AQAAAmKjnQEfpfC9ipPpDpu9SgI
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 00EA5FB9-719B-4A71-A0FB-1FC7B9A9B83E
.heraldsun.com.au/ Name: __gads
Value: ID=e972bda113e1f11d:T=1668831211:S=ALNI_Ma26Eor1OAND9tbUmBhTE4E5tJjxQ
.heraldsun.com.au/ Name: __gpi
Value: UID=00000b7eee95b591:T=1668831211:RT=1668831211:S=ALNI_Mbh4offXXaoauO5ZXjUoVmk_P1ceA
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&202211190413312dc6aa98-b995-4cb1-829a-d6f0999f8e7bAQGRkwZvFWyUxdsF5XjfhwKNf6TmMyvo"
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEKhJMt-aSH81AKSGbcruVOs&KRTB&22987-CAESEKhJMt-aSH81AKSGbcruVOs&KRTB&23025-CAESEKhJMt-aSH81AKSGbcruVOs&KRTB&23386-CAESEKhJMt-aSH81AKSGbcruVOs
.www.heraldsun.com.au/ Name: ln_or
Value: d
.simpli.fi/ Name: suid
Value: F51E39BD43F64AEC9A896B38D50274B8
.quantserve.com/ Name: mc
Value: 637857ec-5d161-32baa-ab22d
.adsymptotic.com/ Name: U
Value: 3c51a35e9f6bb0c8e03294fe9d275e59
.adform.net/ Name: uid
Value: 7821241199922412941
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:e1d46378-57ec-4800-8d70-5a76eca4c044&KRTB&16736-uid:e1d46378-57ec-4800-8d70-5a76eca4c044&KRTB&23019-uid:e1d46378-57ec-4800-8d70-5a76eca4c044&KRTB&23208-uid:e1d46378-57ec-4800-8d70-5a76eca4c044
.company-target.com/ Name: tuuid
Value: e4012292-057d-4f7f-b41f-234a05fff162
.company-target.com/ Name: tuuid_lu
Value: 1668831212
.rlcdn.com/ Name: pxrc
Value: COyv4ZsGEgUI6AcQABIFCOhHEAA=
.mathtag.com/ Name: uuid
Value: 21716378-57ec-4100-90d0-4d398c6bffac
.innity.com/ Name: iUUID
Value: 0bf2f3561fd3d5c69f5e6d2f12db5b7d
.pippio.com/ Name: did
Value: TxOUijIYYDUTn7ik
.pippio.com/ Name: didts
Value: 1668831213
.pippio.com/ Name: nnls
Value:
.adotmob.com/ Name: uid
Value: 0864220407de434a988e1985
.adotmob.com/ Name: uuid
Value: 0864220407de434a988e1985
.adotmob.com/ Name: partners
Value: IX%3A1668831213063
.adnxs.com/ Name: anj
Value: dTM7k!M4.gE:2jUF']wIg2E?fwm<cE!sXb8e'?S:00wnS<T7p8.S[7tdG])bi7r8RiS!c*:/`5)PY8^_*u*+*>//ECId2BWai$gRObhvF7'H@27/0y>*CG3wLOOpu07DNC[#!0oCrtOdCnY3wYf3VU
.casalemedia.com/ Name: CMTS
Value: 4716
.google.com/ Name: NID
Value: 511=p5CajOnHS0OcWGsjokZT13htAgrHII6Mp0PTP-NhA09vrOXwecsHEj5ywT7pJvovTTCMYYOIuw7raEmU6FOjrDkJYdRrMj30r8MEPQp2qH4cdVzNDQGnF8Xf-2vf8oDInDcWVCtnUb7rU13y-_fQoWbVqsyfiad3h_2eWbijoW8
.mathtag.com/ Name: mt_mop
Value: 4:1668831213
.pippio.com/ Name: pxrc
Value: CO2v4ZsGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/ Name: rmuid
Value: 5473304b-9771-4ace-948d-f0972f018614
.linksynergy.com/ Name: icts
Value: 2022-11-19T04:13:34Z
.rlcdn.com/ Name: rlas3
Value: aTHI3TXdkG1i/kIwgMC3gt/mnJz4WEM8olSIH+5xYdc=
.mediago.io/ Name: __mguid_
Value: 0920d04032b5a8be908f709867a9f9b0
.teads.tv/ Name: tt_viewer
Value: b68dfdad-9d11-47be-a07a-dd07a1747f84
.ads.pubmatic.com/ Name: KCCH
Value: YES
.reemo-ad.jp/ Name: deviceIdentifier
Value: EQSMDsDApIZDuyKVYnogAOGxILqKXeUk
.reemo-ad.jp/ Name: sync_gadx
Value: 1
.yieldmo.com/ Name: yieldmo_id
Value: g8bad98c81f33b55ea15%7C1668831214775%7C0%7C
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 158393:4
.pubmatic.com/ Name: DPSync3
Value: 1669420800%3A248_164%7C1668902400%3A174%7C1670025600%3A226_245_201_197
.pubmatic.com/ Name: SyncRTB3
Value: 1670025600%3A3_233_220_21_8_7_54_56_13_71_22_247%7C1670112000%3A35%7C1669420800%3A2_223%7C1669680000%3A63
.yandex.ru/ Name: yuidss
Value: 8259675561668831214
.yandex.ru/ Name: yandexuid
Value: 8259675561668831214
.quantserve.com/ Name: d
Value: EJsBEgHOJ_ijC_vLEA
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~28dg:175w~28dg:18z8~28dg"
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y3hX6QAAAflyDgAT&KRTB&22978-Y3hX6QAAAflyDgAT&KRTB&23194-Y3hX6QAAAflyDgAT&KRTB&23209-Y3hX6QAAAflyDgAT
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIvpWOmc77pDsQBRIWCgdydWJpY29uEgsItqbLxc77pDsQBRIVCgZnb29nbGUSCwisiOuyzvukOxAFEhkKCnJpZ2h0bWVkaWESCwisiOuyzvukOxAFEhcKCHB1Ym1hdGljEgsIotKAu877pDsQBRIYCgliaWRzd2l0Y2gSCwjqhr28zvukOxAFEhUKBmNhc2FsZRILCNaOwLTO-6Q7EAUSFAoFdGFwYWQSCwiWhvTbzvukOxAFGAEgASgCMgsIlv72iOX7pDsQBTgBWgV0YXBhZGAC
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-w29gA8BrMljYaTMKw216CMc-NlrYPTUJxzjlDe_r&KRTB&19420-w29gA8BrMljYaTMKw216CMc-NlrYPTUJxzjlDe_r&KRTB&22979-w29gA8BrMljYaTMKw216CMc-NlrYPTUJxzjlDe_r&KRTB&23403-w29gA8BrMljYaTMKw216CMc-NlrYPTUJxzjlDe_r
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7870255768103140305&KRTB&23339-7870255768103140305
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7481973582026346771&KRTB&23150-7481973582026346771
.pubmatic.com/ Name: SPugT
Value: 1668831215
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-_Svn7znXSxFNOfBUqkEPQ6310aU&KRTB&23334-_Svn7znXSxFNOfBUqkEPQ6310aU&KRTB&23417-_Svn7znXSxFNOfBUqkEPQ6310aU&KRTB&23426-_Svn7znXSxFNOfBUqkEPQ6310aU
.pubmatic.com/ Name: PugT
Value: 1668831214
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7756
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Alexandria
.ambientdsp.com/ Name: _aUID
Value: xvbz5ob2cpp
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7821241199922412941&KRTB&23263-7821241199922412941
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-xvbz5ob2cpp
.semasio.net/ Name: SEUNCY
Value: 388D627303C50357
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: a4c211473ccd3c712d176cd7568a79f2
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMITHue0sHZsALUyebV3a1stzveIFd3O2ElCc+aKXh4Lavy0CWNKbNS1tT8h2DZUn+pumcZlz7yr2AsEy1bQpUAe5ElgYJ7z+6k=
.sportradarserving.com/ Name: zuuid
Value: 46a5317d-6376-4ba5-9b1e-d44590894312
.sportradarserving.com/ Name: c
Value: 1668831216
.sportradarserving.com/ Name: zuuid_lu
Value: 1668831216
.id5-sync.com/ Name: 3pi
Value: 464#1668831208512#62842823#21664f47-fbef-4f00-9f16-39db684e7ca5-tucta71dd63|112#1668831215679#1400861762#CDE2B453590C767E|2#1668831210481#-1149509538#7870255768103140305|3#1668831213682#-824514752#21716378-57ec-4100-90d0-4d398c6bffac|264#1668831213032#-247265626#26f77e25-41e1-4e93-bd1a-6ea9a1cc1d06|10#1668831212522#288928649#1273501310181649069|108#1668831209668#1098472869|285#1668831216273#485178163#LANF0GZ0-1H-D5IH
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:

10 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=308599185882.03894?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=308599185882.03894?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=308599185882.03894?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://login.newscorpaustralia.com/csp-reports
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://www.heraldsun.com.au/
Message:
Access to XMLHttpRequest at 'https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%222fb98566f24582%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%223edb5d558d86ad%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%224ba362d58374a8%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%22593297d89555cc%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=2c3f6cd8-33c9-457b-9aa7-677817f521d7&pv=f5e11266-1034-447a-9e30-edbdef7def3a&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0' from origin 'https://www.heraldsun.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%222fb98566f24582%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%223edb5d558d86ad%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%224ba362d58374a8%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%22593297d89555cc%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=2c3f6cd8-33c9-457b-9aa7-677817f521d7&pv=f5e11266-1034-447a-9e30-edbdef7def3a&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Message:
Failed to load resource: the server responded with a status of 500 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
a.sportradarserving.com
a.vidora.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.au
an.yandex.ru
analytics.twitter.com
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-gmtdmp.mookie1.com
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
avd.innity.com
beacon.krxd.net
bedsberry.com
bh.contextweb.com
bidder.criteo.com
bs.serving-sys.com
c.amazon-adsystem.com
c1.adform.net
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.krxd.net
cdn.linkedin.oribi.io
cdn.speedcurve.com
cdn.taboola.com
cdn1.adoberesources.net
cds.taboola.com
ce.lijit.com
check.analytics.rlcdn.com
cm.ambientdsp.com
cm.everesttech.net
cm.g.doubleclick.net
cm3.adform.net
cms.quantserve.com
collector.bonzai.co
collector.brandmetrics.com
connect.facebook.net
consumer.krxd.net
content.api.news
d.adroll.com
d.turn.com
d3div1mtym39ic.cloudfront.net
dcollector.bonzai.co
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
dynalyst-sync.adtdp.com
e1.emxdgt.com
e9f332d9f3f3985418631af3f57f9833.safeframe.googlesyndication.com
eb2.3lift.com
edge.adobedc.net
edition.pagesuite.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image5.pubmatic.com
image6.pubmatic.com
images.taboola.com
insight.adsrvr.org
invoke.bonzai.co
jadserve.postrelease.com
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lm.serving-sys.com
login.newscorpaustralia.com
massets.bonzai.co
match.adsrvr.org
match.taboola.com
metrics.heraldsun.com.au
mfad.inskinad.com
mhr.talk.news.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news.google.com
newscorpau.demdex.net
odr.mookie1.com
origin.go.heraldsun.com.au
p.adsymptotic.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.zprk.io
play.google.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rm-script.dotmetrics.net
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.bzcdn.co
s.company-target.com
s0.2mdn.net
sb.scorecardresearch.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
sg-trc-events.taboola.com
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
subscriptions.heraldsun.com.au
syd-1-apex.go.sonobi.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.dsp.reemo-ad.jp
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
sync.teads.tv
t.adx.opera.com
t.co
tags.bluekai.com
tags.news.com.au
tags.rd.linksynergy.com
tags.tiqcdn.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
ts2020-indies-client.web.app
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
v9999.adv.admeme.net
visitor.omnitagjs.com
widget.perfectmarket.com
www.facebook.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.heraldsun.com.au
www.linkedin.com
x.bidswitch.net
y.one.impact-ad.jp
zlmk2tlq5oonviahbufztslgnyhcc1668831206.nuid.imrworldwide.com
collector.bonzai.co
login.newscorpaustralia.com
massets.bonzai.co
syd-1-apex.go.sonobi.com
103.229.10.192
103.229.206.240
103.231.98.193
103.231.98.195
103.71.26.125
104.16.85.20
104.18.33.19
104.18.36.94
104.18.99.194
104.244.42.5
104.244.42.67
104.254.150.241
104.254.151.69
104.26.7.155
104.65.228.195
104.65.228.208
104.65.228.244
104.69.108.119
107.178.244.193
107.178.254.65
119.81.192.134
119.9.108.211
124.146.215.49
13.107.42.14
13.114.176.56
13.213.224.33
13.224.158.57
13.224.189.46
13.225.131.60
13.227.138.75
13.227.254.119
13.227.254.91
13.228.7.136
13.236.243.253
13.237.58.233
13.251.70.29
13.33.100.21
13.33.174.66
13.33.33.30
13.33.33.73
13.33.88.121
13.33.88.25
13.33.88.81
13.33.91.15
13.56.167.15
139.5.84.243
141.226.229.48
141.226.230.50
142.250.4.156
142.250.4.157
142.251.10.132
142.251.10.148
142.251.10.154
142.251.12.138
142.251.12.149
150.95.47.241
151.101.1.175
151.101.1.44
151.101.108.157
151.101.130.49
151.101.193.44
151.101.194.133
151.101.194.217
151.101.2.133
151.101.65.44
157.240.15.13
157.240.7.35
162.19.138.118
162.19.138.82
162.19.138.83
172.217.194.103
172.217.194.155
172.217.194.157
172.253.118.100
172.253.118.149
172.253.118.155
172.64.133.15
172.64.151.162
172.64.154.237
172.67.38.106
18.136.173.211
18.138.18.111
18.140.183.49
18.141.128.115
18.141.80.142
18.142.71.123
18.161.97.112
18.177.254.176
182.161.73.129
182.161.73.145
182.161.73.146
184.25.220.115
184.25.220.199
185.183.112.155
185.84.60.21
185.84.60.23
192.0.66.122
199.127.207.191
199.36.158.100
20.50.2.28
209.191.163.208
209.54.182.161
23.106.127.38
23.207.181.216
23.49.60.185
23.52.171.89
23.52.45.34
23.58.140.194
23.58.244.87
3.73.8.30
34.102.253.54
34.120.155.137
34.142.175.23
34.160.169.226
34.194.167.128
34.230.201.103
34.235.52.228
34.235.69.0
34.96.71.22
34.98.64.218
34.98.67.3
35.156.8.143
35.157.224.29
35.190.60.146
35.208.249.213
35.213.109.249
35.213.12.39
35.213.93.179
35.227.202.26
44.205.120.122
44.229.70.27
50.116.239.135
52.200.250.127
52.220.189.161
52.221.158.212
52.223.2.229
52.223.40.198
52.32.86.55
52.74.162.2
52.77.150.143
52.85.54.4
52.88.253.169
52.95.115.196
52.95.129.58
54.168.63.191
54.179.36.186
54.192.150.39
54.192.150.8
54.192.150.92
54.192.150.93
54.192.150.97
54.199.92.111
54.230.188.115
54.255.199.87
63.140.48.120
67.199.150.81
67.199.150.86
69.173.158.64
69.173.158.65
74.118.186.44
74.125.200.97
74.125.24.132
74.125.24.157
74.125.24.94
74.125.68.155
74.214.196.131
77.88.21.90
82.145.213.8
96.16.116.178
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c
017ed3a3015deeaaeadc08a4d8dcde59e102fb6838ab0df6b89ff4aee77ec196
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02a7358541da16a4699d53ae9e51fb0cc1c7b506315abeffa116f1d0bfcc1dc6
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
040cc79a6b38407c7193079f5bd34ba27527ff3ae349f170257584d0a297c233
0410667774b2bd722b467b963b089b64713a930b990c7a0a7a7235a8dda77ff7
067ad9af108327122242a6037f57e9fb339b5b8232fafca5af68e40c83a63ed3
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
07fa88d1d17b2bcd9ea0c5363741374ce7942356014e28cbf3bb4d68fc7c78e4
085655a9980308b3424ccecea3c3d00db9d06bdf67e9e373774aed8a9abb939b
099fbd50da7aa6ac75242c9c4483c898e224e15cca9e7b7d30cdc89fb7fe3979
0b69c2e6002a5330e9d710e3a1d6071b07b24c9dd32c882e4fc94120a9b33164
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c589b3023cbbd607b573f78e7dc41332c4bb0a4fdf8e34672c91e830ee1cdf4
0e56a77328a7ac0c307fff20cc40b71b466a5798b95f5020e44344f7ed6db0b5
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0f08a1fce0c3e535b1f2637fe5e17e7d04c1fc905360c7c298aef3bc4bf727da
102d7858b58ecf570036c946013900ce860e6ca989b1d74bbdd892f53589c8a1
103a71dbc1e335cc7bcb983086a8fc6ff522fc13bb72ce004c117368639be1c2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13b611a17ff22df08e5707d8761d67a2d2e809370c7b843a508ddaad21a4266a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c54fdefb6751daf143fd6c63b4f2153f2df222eda828a5ec2f10ab8c410f59
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
1ad4794a2327551b3b4c89fc345ca763c117d50a001fc64f050dd4ce1ef7ddfc
1af93a79baedcd0b0141f5ea252e90b09939df173357ac3dbcba632498e5385d
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f0ddb8ae9b06e9b440b190836aceba6aa24702d0ae4b358b77c4b2db29d602d
216ba835e231434cd3c2ce6e760ded2025d6e4f56cc58facbff381b0b2a87fd1
2313d8a601add0e52d2957135f438d4cd8584661d43bb2ca6881160eca279c7d
24713e413b9683a29e14f18d8cfe3a6657f2d693c59aa833bc58706f490150c5
24f9eb501b7091efdda1c8e6599f576de3dcf3b4bfe58777fd5581344a76c07a
2571adca77b6933097561b08ba9b65b2ea8fe1bddf1918f8c7fabd26ad89423f
260ae4aaf9a98760302699a24a09df152bc83a5ee937e42ea6320d09037edd80
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2767cb7c637007e5e81a85776f1b44b2eefd7797204a16cb130b46d939806e2b
276d9995ab4bc21118c5ca5f3b03a461e9a4c00d3414612cecf73cb50cdfbf2e
285a13ce59c3fffbe593000ac7e378965f5784625e9ef6d2ec6df04eda1fd6f1
289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63
295a40a304d4c00268f9af46d585024ea20a8b0d62a8ecb5f9f1f2542fe7a80d
2a664604e1419e2d44aca4ec63a70e26d9d77dbe885343ddc1bb486e2ed608bb
2a9c082606e06f097d256a0b794e9d7ec1027a4bd8c93b1bb5625cfeff7a5d33
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b09ae712243cfc754c40dd240d9dd011865099fc641225f3f98a6336555f091
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2f323c23ab941c9e378e9d2152511d980d7a88ead0645133a98ecfe2027bbf61
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f9fe749a15b11e399b3bae73ac9f279898d8f76eee2d9b5a8b93d8515ac9baf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3170f52c670a0185c1129b7947e6645fb628a91db6611e119d2e369857b712dc
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b8dbc9a12eb35617037a96d95c753ae190565b3cb0d508f914463873564689
34fc843ecd4e57d1126e02435f04baf5564652803cc261d984432e4abbdcb565
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a
36a1d1c43e402933e481767a31986cd28968a959cd0fcfb614fa1b2da6a8b7cc
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3a4fe2266b924e98a73a8ea5a7357f33336079209df75e32b46bb9b3bd749f4d
3aeab02ed27a6e05e8f77e04ce118c817d88615966aa5c3662dcb0ec13d33c0c
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d
3c4044875180ca6cbf61422e98a09a55fb7e73eb3a0c4e711a2a4c5f239051d8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee455138c5a2ac218dfaef865fb6e8131490ad85d6d63492cebc49a2b335c85
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4491f645369fdf2d70e45b0b575e2691d1f057e47e27632936f3b220f68060df
4650b28cfa3bac8532b6440c0d07118780efef68baa460c2cf3e61d9d8566930
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4767f6da5f94af07ae921a5db08d7eda86b12d30145e31136019a1b53e6d972a
47dd81eeb8cc08a3d31933207ec6aa57e601dfaa64625a3ba8d7e599bd3e89f9
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
485c1bb3b3d4e4b0f1ba3adc7e19db129a20ab7c492e193f91dbd74797255f11
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4947ff1129f412919b7744bf1cadb1d3f0ef08481b65ff35311b4c5a8247d5ca
49ffe1baff54e97f4e54b695383d2f114a40fb1886465028824b97d801affd3d
4aac67f4304d0441add7f66c28f2accad6d43bfff91ef8bbfbc262dc27ecaa0c
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c49928247ac43f83ebf63fc22f836d61be1b1be432e965be1e6d3e7eda2c433
4cc955b9c215c5bf97224d3ebd3ce26f85eeb24cd7f337175bef7aebbbaa98b6
4dac27962abc535e8e0c5707e167d2fe63d16dbfda95ce820c6c8218796d24c1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548d4dd829439a4c2f766017b751377f3be1a5ea2213f9d4e1447ae5a027cef0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5844c78b8dc59b708e1ea3f978dd93da8e0e450a939c81e80c0f1bf42a81431a
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5a0df5a7e671b6a6d17df3f77711514479d609a0254b189b77c7d50336aef3fb
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
6027bb8a977744e6d25514d03466544dbc1c9e5a322a7b9836e88992adacd2ef
6050d047f7ffb9a674bd3ca3a96a60e91028326d3f365092d765c2a734fdabc1
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
616c888792dfcc8c545cc0d0fd1121fcf1a38611671c32439033ef7dcf967879
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18
63705d2ac344689f765757c92ef9366d3a3de9fd59350e3558409c7cd05a2745
63919867af3995b5bdf26e6d016d1c020d0a79b7d28ba4f397065826b734f432
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
64943c2c5365c12e1e9477a83073f23488424e59d726554bb9650f0304c0c698
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6a0c99baf829ea5d70bf41f38fbf741e8d3b42b7842c081ecfd0d3993ea74801
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6ace7fd09f7fbf5baf7ceb40bc8da7348066c2ee29127d4d818e45a098187e2f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c77d9fedc0a692cdb6cfd3f9f2d9ad7e38f17d11d5d860c86bee2357b1f4bec
6d7a5232206bffbd6ed85328c2fbf0b1e8542e54a026a2c9c4c89cf9184ea810
6de0f16ccf3011b5e7e64149e2ed8f374d036b631050936ac2d0a4aa57de3b7c
7141b95c3bb7533101c1074d98d7ec2f404a12f29aca043c1ca899d5272084ad
728c3e981116ebbbc537f4b6960b49c1d572036bd286cde39df4817aa483c626
753623f88346064bb548612ff9e5d5fd5b26939fc32942c060de14d6007cb912
757066733cc5808a89fa43b99da0148bc8fad6820af900f0ab67d6109ee1af11
76d3d3afe9155d36343ffcfd2944db155511b33ac954cd529b13bc8e30fa0d2e
77cd9462caccd2ec4b51b88746b66554c5e47d4765b5af278902a2be5a670bda
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7961a57c03f893ef288a05d846d36c46fe177dd280e0906d3f74c76bbac851e8
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c84fe1d157b4390263a101cd6bcf62bca05141cf04135948556b0c981f1af2f
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
8035b93ca722dd5f7d39c4b49ac60c0387a2aa2b208818c01ae211fff0bc8af6
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848360150c7285fb18cb4639a4bb09a3664499b3076d27648f1fd1ff8a7f538f
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85f0c9f24624954350558d763f94694ee3732f5801e326e84183041a650dee8e
878c839873d61a899be69e9b1487aa3c41210476cc7cf6b51c3c674fb5d272c2
88337d7fa9071989053ff7effabb582fb3dacd3637cbea1b8b3cf652f06a26d3
889879b43a954c6bc9b21d243f89132e7e625e53f86dcec92b6c70bfb6e4b119
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a251af3d58d763cb0c6c8339376099047c2bc22c87abdea62384b58f3ca5c63
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95
8c2f329b0f09dd44ac22feb774c5ac20a780b2497e7a40d5a57a01ef946b3e41
8d251feb9e80e0ab21ad0f2526ee6dd7ec020a604c698e331e5a3fbc6326e411
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91af5e874c4333f50bfc4bc9adcb5650b25fc3b00aa7a9ee7bbc63bc2ecdb359
92045fcb8f980db16e7ee76e0d19bdcf17cf037c7ab37e9baf2c64eafd080df9
9520ac6f01a49431105ac32a693b5c9954a50db770849e9aa185e9f1998c3fad
95b455aa0f452d2e4ee5e6f7f8d23f6063b1b4c4d1e6cd2c607692ca99f1e4b9
98abddb65ee0b41c1ebaec4f837afc504de8975050dc0a81d370c1fc4191b543
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b564967ed7d5dd89dd0c2088d1bdb806f6f331d2a254814464959c0de8fdfb2
9e47ed2c15b82499c44e99168ffcaa05c7a2e15ce8d035a52b2ea9bcef036f7d
9e52b7301629f97c1efa5b8dff86ec52b954b2478bf79d6a3b427ae0fa23e43d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a2d394c8474dfabc643e183cc3421642ad0842d0a0c8144bc4c6077de64e6845
a411a20ade78048bc2363a9613edadcd9de84994a123f97beae3559e9afa8c79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a64b5042dff35b293a978dd5e7ba3c40ad6e903fc1c690ed0483ba0ca8bb15d9
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa23ab86a61744f51cc8f2b620d9f5215cd85f76e10f533222f602d0ab31b0e0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
adf2ebc8b002a6cb72ace9be8e489509bb81815cdc6a50afbf6d02d74e748d4e
b04bdc0369f1282ae5539b7fad8b1c45ee6cd0b7b3314a4aacb178d9f55c9086
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26cf16fceae57ae7d806f7cb4e9f3da3e9c82c1a4c36a3a06c187a962b22334
b409c9d8e227cfc9f2dbeb9116f1d49220ad0fcc9d7cddb4a5a7bd9e1c47a891
b4bd3b89146811d4168bfe525a981f93d27621b3add12e3836507b9b26e64a52
b5e1f5e47fcd4c4a4923cf617a5025ac465087f7c99384f3e45121c2b5d6c5e9
b73b8fa9ace8e17857424d7c5c99325bc73cb132657153d6272b4e7d19e8eceb
ba8c3058c6d474be354158989412b2ded878b66af54256ac5bc39a8b76e381d8
ba924e837f079b6d8c728f19d89127dd52be8f4095971626a85ca54f58450153
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c087f511d809ad2bebf4c54b615d93ecf492f796bffff9d13cffa4fd50499b54
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c4348719a242d6ca57de53e67ab6afbfec9df850cd7f34e876e59ad19b5bcfe6
c48f224fd876acd5f21e3a5c335be806b2ee912fbf9f705acf8497eba7c503db
c5479429cf03c62393df0e79e6ad5f626153798b7339ff83af1a1a8495824f2e
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
c739881c84f5ef7269be58130c044754c348067bdc496be006974777266d5360
c75d7d8679b1a2199be30a56a6631ff43ce5c9fb252ce595ab1fac3e6b472ed2
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df
c7935fa059e0e8b123b5670156ab7009349ab76c129a4f7a9427c9b37d0d9661
c90a02d7c77c4dd508eede5f22240786f23c358336aef0f7c7a20d13f147ed64
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
c9ed73cb1cb030ef97f37d50539840a9de3cf14916a6ee0bbe331c2119161192
ca40f6cbbf38d34bcdbd7727249fd016b7bc8aac6e117adcb82d3792e76f9860
cb5bfcb581114e8924f2b48b23419bae9d5fba33a4af67cc8a2f287989c3fce6
ce198c1d3387ca52ac0766c5c62017c1b311c7a399207cf9b897923d0b6d5e38
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7383a82a636456df602650c9a3247de483b7468f9587895862be1cee803e30
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d048a29e1ee138d86b106d9da97c5b7e1e86b3b6488e9e7ca7595ffae2e75712
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d79ba1a4549502813b3415628e3df0be408f5d5487651af686d52350fe17367c
d7a46e62bb3f58480a8a3818554d465b383dddd34f507a4504c40957c1fc35e3
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
dbed06d37303d9a2f40a4c7c800d2879e8788cbf872d160593a837fcc9d06603
dc540b177e0fcc77484aef49904e1b5696681e49c791ac8bb65f26ad6a6ad4b8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddc6a0df25826e5cbf2eff4b33d93834f90e09180d0f81c9ffefb69d3cf2a673
df0f2961fcf22b5b181582f74613310c0b25d8e2c38062df1ca1811187dfc4c6
df51a5301fcae2ec9503d129a2341e80f6d52e9416ff2460c3048947f4f3852a
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ce52ad6294cfec05864828f5df3325fc1f6627b957919fa931e94cb95453f8
e4f056c81ad12b62530367752bdfdb10c1b7fc2168f4d7a7ddc8d2390fbe7957
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e745fd04b3660338e575422753f485d606dc732ef86fd366601483f65ab97744
e87455ae95f61cfbc0f7cb6fddf160a4359d212caca78f512ce2fe37dded02e0
e8ccc8bf78bf715fd359e66c4dfd3d656fe4fbb71a86c195c8d02026551dbc24
e8e27390a3f66b6511e34535dc56f9210ea24928edbe56ac0a6c007024f0ac85
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
ebe31eeb8162fd4bb5f83c53390e3fb951c6c077bfca4c169fe1c451e4618d70
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec4e9596258110f20801c5d0a1c5956a15c4e8c69d8ca24eb0aac83885ed3007
ecdc40c675cbe207cc7d075bdfdd8b994ce97f159c3d73d31dfaf24998051b0b
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f2a50c5b694cb8c9add6c3f64eeaad489f022ba77189193f14dde4da22262978
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55
f6119043c5e00b7e1c5316e5aa030fee8c6a98501427ca196cca517d3cb1763e
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f7f753fe067b9f7d47c45d93c2b7751af28bcce6cdc8b3263fbc274e3e92f582
f92570748c2e6968e9f7d79b2f353b1e6b882a093e15c71c825493da93f48dd5
f948c330c0e25b79dfcb7a2f039dfa3af4ddacdbea9077cbfe722d438f09f5a4
fa4ba7c88c6d4cfd3cc328b83237b60b28965e41471899527a773442c9a6c7fe
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb46287d59efe657cd8de744ba09faf97c15e52a4358c301c0e43336188d9e95
fc75e0032627fad35171c6bf3cd6f4ae84561c235b1d41da56fb4dd6a6fb5c6a
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
ff2f0c47cbecd0fedd6a694a29bc85217f9b48ec6ee702d39253bf9beeeaf6ad