urlscan.io logo urlscan.io
SecurityTrails logo

supercoach.heraldsun.com.au Open in urlscan Pro
13.33.88.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://supercoach.heraldsun.com.au/
Effective URL: https://supercoach.heraldsun.com.au/
Submission: On February 22 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 120 IPs in 3 countries across 91 domains to perform 424 HTTP transactions. The main IP is 13.33.88.41, located in United States and belongs to AMAZON-02, US. The main domain is supercoach.heraldsun.com.au.
TLS certificate: Issued by Amazon on November 2nd 2022. Valid for: a year.
This is the only time supercoach.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.33.88.10 16509 (AMAZON-02)
37 13.33.88.41 16509 (AMAZON-02)
2 142.250.4.95 15169 (GOOGLE)
16 23.207.180.112 16625 (AKAMAI-AS)
10 23.207.180.247 16625 (AKAMAI-AS)
13 23.207.180.192 16625 (AKAMAI-AS)
4 157.240.15.13 32934 (FACEBOOK)
2 172.217.194.94 15169 (GOOGLE)
2 192.229.237.25 15133 (EDGECAST)
1 172.253.118.157 15169 (GOOGLE)
1 23.207.181.29 16625 (AKAMAI-AS)
3 18.155.145.37 16509 (AMAZON-02)
1 52.84.251.85 16509 (AMAZON-02)
2 18.155.68.41 16509 (AMAZON-02)
1 104.244.42.136 13414 (TWITTER)
19 13.35.18.167 16509 (AMAZON-02)
24 104.20.106.62 13335 (CLOUDFLAR...)
2 5 52.84.45.80 16509 (AMAZON-02)
1 74.125.200.148 15169 (GOOGLE)
4 172.217.194.97 15169 (GOOGLE)
1 13.227.228.177 16509 (AMAZON-02)
2 72.247.81.162 20940 (AKAMAI-ASN1)
2 18.155.68.80 16509 (AMAZON-02)
2 3.214.205.227 14618 (AMAZON-AES)
2 151.101.129.175 54113 (FASTLY)
2 104.22.53.86 13335 (CLOUDFLAR...)
1 23.207.180.236 16625 (AKAMAI-AS)
7 142.251.12.156 15169 (GOOGLE)
3 13.33.79.24 16509 (AMAZON-02)
1 54.230.65.108 16509 (AMAZON-02)
2 172.64.100.9 13335 (CLOUDFLAR...)
2 151.101.129.140 ()
4 96.17.180.49 20940 (AKAMAI-ASN1)
2 13.35.14.254 16509 (AMAZON-02)
2 199.232.44.157 54113 (FASTLY)
1 34.120.195.249 396982 (GOOGLE-CL...)
3 52.84.251.126 ()
4 52.84.251.6 ()
1 52.84.251.83 ()
1 14 52.41.41.200 16509 (AMAZON-02)
1 104.16.86.20 13335 (CLOUDFLAR...)
12 31 142.250.4.156 ()
1 74.125.130.157 15169 (GOOGLE)
1 34.225.185.247 ()
2 172.217.194.102 ()
3 157.240.15.35 ()
1 20.50.2.28 ()
4 172.217.194.157 ()
3 162.19.138.120 ()
1 34.120.155.137 ()
1 13.33.79.163 ()
2 69.173.158.65 ()
4 104.18.25.185 ()
2 7 104.254.151.120 ()
1 103.231.98.193 ()
1 182.161.73.145 ()
1 5 35.190.43.134 ()
1 162.19.138.119 ()
2 104.244.42.5 ()
2 104.244.42.3 ()
1 35.241.45.82 ()
2 52.222.144.43 ()
2 3.104.200.253 ()
1 13.228.15.221 ()
1 52.35.21.164 ()
2 63.140.48.134 ()
1 1 54.179.137.60 ()
4 54.151.157.82 ()
3 4 34.111.113.62 ()
1 18.155.68.36 ()
2 9 52.46.128.147 ()
1 63.140.48.151 ()
7 172.217.194.104 ()
4 74.125.24.94 ()
2 3.0.243.158 ()
1 52.84.251.79 ()
4 13.35.15.213 ()
1 23.45.116.82 ()
2 151.101.1.108 ()
1 2 142.251.12.148 ()
1 74.125.24.156 ()
2 3 104.254.151.36 ()
13 182.161.73.129 ()
1 142.250.4.157 ()
2 142.251.10.132 ()
1 13.227.254.76 ()
3 5 13.107.42.14 ()
8 11 69.173.158.64 ()
6 16 15.197.193.217 ()
1 18.198.226.167 ()
4 23.207.180.199 ()
9 74.125.24.132 ()
2 74.125.24.157 ()
2 2 104.18.24.185 ()
2 182.161.73.136 ()
1 1 199.127.207.180 ()
1 182.161.74.19 ()
1 182.161.73.148 ()
2 2 54.251.140.206 ()
1 1 18.213.152.51 ()
1 52.36.69.76 ()
1 1 35.186.193.173 ()
1 1 174.137.133.49 ()
8 8 52.74.162.2 ()
2 3 220.150.223.50 ()
2 3 213.180.193.90 ()
2 2 35.213.12.39 ()
2 2 104.69.166.9 ()
9 10 151.101.2.49 ()
1 52.84.251.103 ()
4 23.39.5.30 ()
2 11 139.5.84.243 ()
2 103.231.98.196 ()
1 182.161.73.132 ()
1 2 34.98.64.218 ()
3 182.161.73.135 ()
2 182.161.73.142 ()
11 103.231.98.194 ()
2 2 35.247.47.28 ()
1 1 54.159.239.167 ()
2 2 103.229.205.242 ()
1 2 103.71.26.126 ()
1 1 8.43.72.98 ()
2 3 35.190.60.146 ()
2 2 107.178.254.65 ()
1 1 34.98.67.3 ()
1 4 54.169.132.54 ()
1 151.101.129.44 ()
1 52.94.223.167 ()
1 145.40.73.5 ()
2 52.194.19.163 ()
1 104.18.11.47 ()
3 34.196.78.36 ()
2 2 70.42.32.159 ()
1 104.18.10.47 ()
3 103.231.98.195 ()
1 1 18.138.18.111 ()
1 1 103.229.10.171 ()
1 1 182.161.73.146 ()
1 1 172.104.45.159 ()
1 2 52.76.99.209 ()
424 120
1    13.33.88.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-10.sin2.r.cloudfront.net
supercoach.heraldsun.com.au
37    13.33.88.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-41.sin2.r.cloudfront.net
supercoach.heraldsun.com.au
2    142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net
fonts.googleapis.com
16    23.207.180.112 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-112.deploy.static.akamaitechnologies.com
www.news.com.au
content.api.news
10    23.207.180.247 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-247.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
13    23.207.180.192 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-192.deploy.static.akamaitechnologies.com
resourcesssl.newscdn.com.au
tags.news.com.au
4    157.240.15.13 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-03-sin6.fbcdn.net
connect.facebook.net
2    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
fonts.gstatic.com
2    192.229.237.25 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    172.253.118.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f157.1e100.net
pubads.g.doubleclick.net
1    23.207.181.29 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-181-29.deploy.static.akamaitechnologies.com
players.brightcove.net
3    18.155.145.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-145-37.ham50.r.cloudfront.net
static.adsafeprotected.com
1    52.84.251.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-85.sin5.r.cloudfront.net
assets.vidora.com
2    18.155.68.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-41.sin52.r.cloudfront.net
tips.com.au
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
19    13.35.18.167 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-18-167.sin5.r.cloudfront.net
d32guktqcrn2b4.cloudfront.net
24    104.20.106.62 (None, )

ASN13335 (CLOUDFLARENET, US)
omny.fm
5    52.84.45.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-80.mrs52.r.cloudfront.net
www.omnycontent.com
1    74.125.200.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f148.1e100.net
ad.doubleclick.net
4    172.217.194.97 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f97.1e100.net
www.googletagmanager.com
1    13.227.228.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-228-177.sin52.r.cloudfront.net
static.chartbeat.com
2    72.247.81.162 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-81-162.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
2    18.155.68.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-80.sin52.r.cloudfront.net
au.tags.newscgp.com
ncg.tags.news.com.au
2    3.214.205.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-205-227.compute-1.amazonaws.com
pixel.zprk.io
2    151.101.129.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
2    104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.207.180.236 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-236.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
7    142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net
securepubads.g.doubleclick.net
3    13.33.79.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-79-24.sin2.r.cloudfront.net
c.amazon-adsystem.com
1    54.230.65.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-65-108.ccu50.r.cloudfront.net
ats-wrapper.privacymanager.io
2    172.64.100.9 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
2    151.101.129.140 (None, )

ASN- ()
www.redditstatic.com
alb.reddit.com
4    96.17.180.49 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a96-17-180-49.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    13.35.14.254 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-14-254.sin5.r.cloudfront.net
sc-static.net
2    199.232.44.157 (Singapore)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o479328.ingest.sentry.io
3    52.84.251.126 (None, )

ASN- ()
cdn-gl.imrworldwide.com
4    52.84.251.6 (None, )

ASN- ()
au-script.dotmetrics.net
1    52.84.251.83 (None, )

ASN- ()
cdn.adsafeprotected.com
14    52.41.41.200 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-41-200.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
31    142.250.4.156 (None, )

ASN- ()
pagead2.googlesyndication.com
adservice.google.com
cm.g.doubleclick.net
1    74.125.130.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f157.1e100.net
googleads4.g.doubleclick.net
1    34.225.185.247 (None, )

ASN- ()
ping.chartbeat.net
2    172.217.194.102 (None, )

ASN- ()
www.google-analytics.com
3    157.240.15.35 (None, )

ASN- ()
www.facebook.com
1    20.50.2.28 (None, )

ASN- ()
collector.brandmetrics.com
4    172.217.194.157 (None, )

ASN- ()
googleads.g.doubleclick.net
3    162.19.138.120 (None, )

ASN- ()
id5-sync.com
1    34.120.155.137 (None, )

ASN- ()
api.rlcdn.com
1    13.33.79.163 (None, )

ASN- ()
aax-dtb-cf.amazon-adsystem.com
2    69.173.158.65 (None, )

ASN- ()
fastlane.rubiconproject.com
4    104.18.25.185 (None, )

ASN- ()
htlb.casalemedia.com
ssum-sec.casalemedia.com
7    104.254.151.120 (None, )

ASN- ()
ib.adnxs.com
1    103.231.98.193 (None, )

ASN- ()
hbopenbid.pubmatic.com
1    182.161.73.145 (None, )

ASN- ()
bidder.criteo.com
5    35.190.43.134 (None, )

ASN- ()
tr.snapchat.com
1    162.19.138.119 (None, )

ASN- ()
lb.eu-1-id5-sync.com
2    104.244.42.5 (None, )

ASN- ()
t.co
2    104.244.42.3 (None, )

ASN- ()
analytics.twitter.com
1    35.241.45.82 (None, )

ASN- ()
udc-neb.kampyle.com
2    52.222.144.43 (None, )

ASN- ()
geo.privacymanager.io
2    3.104.200.253 (None, )

ASN- ()
au.pixel.newscgp.com
1    13.228.15.221 (None, )

ASN- ()
bs.serving-sys.com
1    52.35.21.164 (None, )

ASN- ()
newscorpau.demdex.net
2    63.140.48.134 (None, )

ASN- ()
metrics.heraldsun.com.au
1    54.179.137.60 (None, )

ASN- ()
cm.everesttech.net
4    54.151.157.82 (None, )

ASN- ()
pixel.adsafeprotected.com
4    34.111.113.62 (None, )

ASN- ()
pixel.tapad.com
1    18.155.68.36 (None, )

ASN- ()
rm-script.dotmetrics.net
9    52.46.128.147 (None, )

ASN- ()
s.amazon-adsystem.com
1    63.140.48.151 (None, )

ASN- ()
edge.adobedc.net
7    172.217.194.104 (None, )

ASN- ()
www.google.com
4    74.125.24.94 (None, )

ASN- ()
www.google.com.au
2    3.0.243.158 (None, )

ASN- ()
secure-sdk.imrworldwide.com
1    52.84.251.79 (None, )

ASN- ()
yajljxnv28nwvymnn8ijtasjyyjwq1677108152.nuid.imrworldwide.com
4    13.35.15.213 (None, )

ASN- ()
js.adsrvr.org
1    23.45.116.82 (None, )

ASN- ()
snap.licdn.com
2    151.101.1.108 (None, )

ASN- ()
acdn.adnxs.com
2    142.251.12.148 (None, )

ASN- ()
8228261.fls.doubleclick.net
1    74.125.24.156 (None, )

ASN- ()
www.googleadservices.com
3    104.254.151.36 (None, )

ASN- ()
secure.adnxs.com
13    182.161.73.129 (None, )

ASN- ()
static.criteo.net
1    142.250.4.157 (None, )

ASN- ()
adservice.google.com.au
2    142.251.10.132 (None, )

ASN- ()
f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
1    13.227.254.76 (None, )

ASN- ()
cdn.linkedin.oribi.io
5    13.107.42.14 (None, )

ASN- ()
px.ads.linkedin.com
www.linkedin.com
11    69.173.158.64 (None, )

ASN- ()
token.rubiconproject.com
pixel.rubiconproject.com
16    15.197.193.217 (None, )

ASN- ()
match.adsrvr.org
insight.adsrvr.org
1    18.198.226.167 (None, )

ASN- ()
lm.serving-sys.com
4    23.207.180.199 (None, )

ASN- ()
image5.pubmatic.com
ads.pubmatic.com
9    74.125.24.132 (None, )

ASN- ()
tpc.googlesyndication.com
2    74.125.24.157 (None, )

ASN- ()
www.googletagservices.com
2    104.18.24.185 (None, )

ASN- ()
ssum.casalemedia.com
2    182.161.73.136 (None, )

ASN- ()
gum.criteo.com
1    199.127.207.180 (None, )

ASN- ()
dt.scanscout.com
1    182.161.74.19 (None, )

ASN- ()
rtb.jp2.as.criteo.com
1    182.161.73.148 (None, )

ASN- ()
ads.as.criteo.com
2    54.251.140.206 (None, )

ASN- ()
ps.eyeota.net
1    18.213.152.51 (None, )

ASN- ()
usermatch.krxd.net
1    52.36.69.76 (None, )

ASN- ()
beacon.krxd.net
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    174.137.133.49 (None, )

ASN- ()
dsp.adkernel.com
8    52.74.162.2 (None, )

ASN- ()
ups.analytics.yahoo.com
3    220.150.223.50 (None, )

ASN- ()
sync-dsp.ad-m.asia
3    213.180.193.90 (None, )

ASN- ()
an.yandex.ru
2    35.213.12.39 (None, )

ASN- ()
x.bidswitch.net
2    104.69.166.9 (None, )

ASN- ()
tags.bluekai.com
stags.bluekai.com
10    151.101.2.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    52.84.251.103 (None, )

ASN- ()
check.analytics.rlcdn.com
4    23.39.5.30 (None, )

ASN- ()
eus.rubiconproject.com
11    139.5.84.243 (None, )

ASN- ()
dsum-sec.casalemedia.com
2    103.231.98.196 (None, )

ASN- ()
image6.pubmatic.com
1    182.161.73.132 (None, )

ASN- ()
cat.sg1.as.criteo.com
2    34.98.64.218 (None, )

ASN- ()
us-u.openx.net
3    182.161.73.135 (None, )

ASN- ()
pix.as.criteo.net
2    182.161.73.142 (None, )

ASN- ()
csm.as.criteo.net
11    103.231.98.194 (None, )

ASN- ()
image2.pubmatic.com
simage2.pubmatic.com
2    35.247.47.28 (None, )

ASN- ()
um.simpli.fi
1    54.159.239.167 (None, )

ASN- ()
sync.srv.stackadapt.com
2    103.229.205.242 (None, )

ASN- ()
sync.mathtag.com
2    103.71.26.126 (None, )

ASN- ()
sync.search.spotxchange.com
1    8.43.72.98 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
3    35.190.60.146 (None, )

ASN- ()
idsync.rlcdn.com
2    107.178.254.65 (None, )

ASN- ()
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
4    54.169.132.54 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
1    151.101.129.44 (None, )

ASN- ()
trc.taboola.com
1    52.94.223.167 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    145.40.73.5 (None, )

ASN- ()
sync.1rx.io
2    52.194.19.163 (None, )

ASN- ()
prebid-a.rubiconproject.com
1    104.18.11.47 (None, )

ASN- ()
js-sec.indexww.com
3    34.196.78.36 (None, )

ASN- ()
dt.adsafeprotected.com
2    70.42.32.159 (None, )

ASN- ()
b1sync.zemanta.com
1    104.18.10.47 (None, )

ASN- ()
cdn.indexww.com
3    103.231.98.195 (None, )

ASN- ()
simage4.pubmatic.com
image4.pubmatic.com
1    18.138.18.111 (None, )

ASN- ()
cm.ambientdsp.com
1    103.229.10.171 (None, )

ASN- ()
cms.quantserve.com
1    182.161.73.146 (None, )

ASN- ()
dis.criteo.com
1    172.104.45.159 (None, )

ASN- ()
gocm.c.appier.net
2    52.76.99.209 (None, )

ASN- ()
sync.crwdcntrl.net
Apex Domain
Subdomains		 Transfer
40 heraldsun.com.au
supercoach.heraldsun.com.au
metrics.heraldsun.com.au
2 MB
38 doubleclick.net
pubads.g.doubleclick.net — Cisco Umbrella Rank: 428
ad.doubleclick.net — Cisco Umbrella Rank: 164
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 186
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
googleads.g.doubleclick.net
8228261.fls.doubleclick.net
cm.g.doubleclick.net
202 KB
24 omny.fm
omny.fm — Cisco Umbrella Rank: 13456
404 KB
21 pubmatic.com
hbopenbid.pubmatic.com
image5.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
image4.pubmatic.com
23 KB
20 adsrvr.org
js.adsrvr.org
match.adsrvr.org
insight.adsrvr.org
17 KB
20 rubiconproject.com
fastlane.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
pixel-us-east.rubiconproject.com
prebid-a.rubiconproject.com
31 KB
19 cloudfront.net
d32guktqcrn2b4.cloudfront.net
273 KB
18 criteo.net
static.criteo.net
pix.as.criteo.net
csm.as.criteo.net
115 KB
18 googlesyndication.com
pagead2.googlesyndication.com
f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
tpc.googlesyndication.com
88 KB
17 casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
12 KB
15 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 199
newscorpau.demdex.net
19 KB
15 api.news
content.api.news — Cisco Umbrella Rank: 53781
2 MB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-dtb-cf.amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
58 KB
13 news.com.au
www.news.com.au — Cisco Umbrella Rank: 83992
tags.news.com.au — Cisco Umbrella Rank: 54382
ncg.tags.news.com.au — Cisco Umbrella Rank: 136587
353 KB
12 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
5 KB
12 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
31 KB
11 everesttech.net
cm.everesttech.net
sync-tm.everesttech.net
2 KB
11 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 571
cdn.adsafeprotected.com
pixel.adsafeprotected.com
dt.adsafeprotected.com
114 KB
10 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1011
38 KB
9 google.com
www.google.com
adservice.google.com
2 KB
7 criteo.com
bidder.criteo.com
gum.criteo.com
rtb.jp2.as.criteo.com
ads.as.criteo.com
cat.sg1.as.criteo.com
dis.criteo.com
52 KB
6 imrworldwide.com
cdn-gl.imrworldwide.com
secure-sdk.imrworldwide.com
yajljxnv28nwvymnn8ijtasjyyjwq1677108152.nuid.imrworldwide.com
68 KB
5 linkedin.com
px.ads.linkedin.com
www.linkedin.com
3 KB
5 google.com.au
www.google.com.au
adservice.google.com.au
1 KB
5 snapchat.com
tr.snapchat.com
2 KB
5 rlcdn.com
api.rlcdn.com
check.analytics.rlcdn.com
idsync.rlcdn.com
2 KB
5 dotmetrics.net
au-script.dotmetrics.net
rm-script.dotmetrics.net
20 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 927
id5-sync.com
36 KB
5 omnycontent.com
www.omnycontent.com — Cisco Umbrella Rank: 18909
82 KB
5 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 735
syndication.twitter.com — Cisco Umbrella Rank: 1007
analytics.twitter.com
133 KB
4 tapad.com
pixel.tapad.com
1 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 765
98 KB
4 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 2336
bs.serving-sys.com
lm.serving-sys.com
80 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
225 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
223 KB
3 yandex.ru
an.yandex.ru
978 B
3 ad-m.asia
sync-dsp.ad-m.asia
1 KB
3 facebook.com
www.facebook.com
292 B
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3059
collector.brandmetrics.com
18 KB
3 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3771
geo.privacymanager.io
53 KB
3 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4546
udc-neb.kampyle.com
88 KB
3 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 116474
au.pixel.newscgp.com
48 KB
2 crwdcntrl.net
sync.crwdcntrl.net
855 B
2 zemanta.com
b1sync.zemanta.com
1 KB
2 indexww.com
js-sec.indexww.com
cdn.indexww.com
2 KB
2 pippio.com
pippio.com
881 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 openx.net
us-u.openx.net
500 B
2 bluekai.com
tags.bluekai.com
stags.bluekai.com
964 B
2 bidswitch.net
x.bidswitch.net
2 KB
2 krxd.net
usermatch.krxd.net
beacon.krxd.net
529 B
2 eyeota.net
ps.eyeota.net
1 KB
2 googletagservices.com
www.googletagservices.com
96 KB
2 t.co
t.co
604 B
2 google-analytics.com
www.google-analytics.com
20 KB
2 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 623
30 KB
2 sc-static.net
sc-static.net — Cisco Umbrella Rank: 867
27 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 17241
3 KB
2 tips.com.au
tips.com.au
5 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 92103
144 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
1 appier.net
gocm.c.appier.net
393 B
1 quantserve.com
cms.quantserve.com
594 B
1 ambientdsp.com
cm.ambientdsp.com
653 B
1 1rx.io
sync.1rx.io
99 B
1 taboola.com
trc.taboola.com
380 B
1 linksynergy.com
tags.rd.linksynergy.com
391 B
1 stackadapt.com
sync.srv.stackadapt.com
582 B
1 adkernel.com
dsp.adkernel.com
542 B
1 ctnsnet.com
ipac.ctnsnet.com
612 B
1 scanscout.com
dt.scanscout.com
698 B
1 oribi.io
cdn.linkedin.oribi.io
368 B
1 googleadservices.com
www.googleadservices.com
17 KB
1 licdn.com
snap.licdn.com
5 KB
1 adobedc.net
edge.adobedc.net
840 B
1 reddit.com
alb.reddit.com
157 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com
414 B
1 chartbeat.net
ping.chartbeat.net
201 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 346
2 KB
1 sentry.io
o479328.ingest.sentry.io — Cisco Umbrella Rank: 24296
271 B
1 redditstatic.com
www.redditstatic.com
8 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 19092
20 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1441
24 KB
1 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 16692
5 KB
1 brightcove.net
players.brightcove.net — Cisco Umbrella Rank: 3864
250 KB
0 semasio.net Failed
uipglob.semasio.net Failed
0 adform.net Failed
c1.adform.net Failed
0 turn.com Failed
d.turn.com Failed
ad.turn.com Failed
424 91
Domain Requested by
38 supercoach.heraldsun.com.au 1 redirects supercoach.heraldsun.com.au
24 omny.fm supercoach.heraldsun.com.au
omny.fm
22 cm.g.doubleclick.net 12 redirects f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
eus.rubiconproject.com
19 d32guktqcrn2b4.cloudfront.net supercoach.heraldsun.com.au
15 content.api.news
14 match.adsrvr.org 4 redirects js.adsrvr.org
ssum-sec.casalemedia.com
eus.rubiconproject.com
14 dpm.demdex.net 1 redirects supercoach.heraldsun.com.au
ssum-sec.casalemedia.com
13 static.criteo.net tags.news.com.au
supercoach.heraldsun.com.au
ads.as.criteo.com
static.criteo.net
11 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
11 tags.news.com.au resourcesssl.newscdn.com.au
tags.tiqcdn.com
supercoach.heraldsun.com.au
10 sync-tm.everesttech.net 9 redirects ads.pubmatic.com
10 tags.tiqcdn.com supercoach.heraldsun.com.au
tags.tiqcdn.com
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
tpc.googlesyndication.com
9 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
ads.pubmatic.com
8 ups.analytics.yahoo.com 8 redirects
7 www.google.com supercoach.heraldsun.com.au
securepubads.g.doubleclick.net
f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 ib.adnxs.com 2 redirects supercoach.heraldsun.com.au
acdn.adnxs.com
7 pagead2.googlesyndication.com ad.doubleclick.net
supercoach.heraldsun.com.au
f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
7 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
supercoach.heraldsun.com.au
www.googletagservices.com
6 image2.pubmatic.com ads.pubmatic.com
6 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
5 simage2.pubmatic.com ads.pubmatic.com
5 token.rubiconproject.com 5 redirects
5 tr.snapchat.com 1 redirects sc-static.net
5 www.omnycontent.com 2 redirects omny.fm
4 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
tags.news.com.au
4 px.ads.linkedin.com 2 redirects supercoach.heraldsun.com.au
eus.rubiconproject.com
4 js.adsrvr.org secure-ds.serving-sys.com
match.adsrvr.org
4 www.google.com.au supercoach.heraldsun.com.au
4 pixel.tapad.com 3 redirects
4 pixel.adsafeprotected.com supercoach.heraldsun.com.au
4 googleads.g.doubleclick.net www.googletagmanager.com
www.googleadservices.com
4 au-script.dotmetrics.net tags.news.com.au
au-script.dotmetrics.net
4 analytics.tiktok.com tags.tiqcdn.com
analytics.tiktok.com
4 www.googletagmanager.com tags.tiqcdn.com
www.googletagmanager.com
secure-ds.serving-sys.com
4 connect.facebook.net supercoach.heraldsun.com.au
connect.facebook.net
tags.tiqcdn.com
3 dt.adsafeprotected.com
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 pix.as.criteo.net ads.as.criteo.com
3 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
tags.news.com.au
3 ssum-sec.casalemedia.com s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
3 an.yandex.ru 2 redirects
3 sync-dsp.ad-m.asia 2 redirects ads.pubmatic.com
3 secure.adnxs.com 2 redirects
3 id5-sync.com supercoach.heraldsun.com.au
3 www.facebook.com
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 c.amazon-adsystem.com tags.tiqcdn.com
supercoach.heraldsun.com.au
3 static.adsafeprotected.com resourcesssl.newscdn.com.au
pixel.adsafeprotected.com
supercoach.heraldsun.com.au
2 sync.crwdcntrl.net 1 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 b1sync.zemanta.com 2 redirects
2 prebid-a.rubiconproject.com supercoach.heraldsun.com.au
2 pippio.com 2 redirects
2 sync.search.spotxchange.com 1 redirects
2 sync.mathtag.com 2 redirects
2 um.simpli.fi 2 redirects
2 csm.as.criteo.net ads.as.criteo.com
2 us-u.openx.net 1 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 x.bidswitch.net 2 redirects
2 ps.eyeota.net 2 redirects
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 insight.adsrvr.org 2 redirects
2 ssum.casalemedia.com 2 redirects
2 www.googletagservices.com securepubads.g.doubleclick.net
f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
2 f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
8228261.fls.doubleclick.net
2 8228261.fls.doubleclick.net 1 redirects supercoach.heraldsun.com.au
2 acdn.adnxs.com supercoach.heraldsun.com.au
tags.news.com.au
2 secure-sdk.imrworldwide.com
2 metrics.heraldsun.com.au supercoach.heraldsun.com.au
tags.news.com.au
2 au.pixel.newscgp.com supercoach.heraldsun.com.au
2 geo.privacymanager.io supercoach.heraldsun.com.au
2 analytics.twitter.com supercoach.heraldsun.com.au
2 t.co supercoach.heraldsun.com.au
2 fastlane.rubiconproject.com supercoach.heraldsun.com.au
2 www.google-analytics.com www.googletagmanager.com
supercoach.heraldsun.com.au
2 static.ads-twitter.com tags.tiqcdn.com
supercoach.heraldsun.com.au
2 sc-static.net tags.tiqcdn.com
tr.snapchat.com
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 cdn.id5-sync.com tags.tiqcdn.com
securepubads.g.doubleclick.net
2 nebula-cdn.kampyle.com tags.tiqcdn.com
nebula-cdn.kampyle.com
2 pixel.zprk.io tags.tiqcdn.com
2 secure-ds.serving-sys.com tags.tiqcdn.com
supercoach.heraldsun.com.au
2 tips.com.au supercoach.heraldsun.com.au
2 platform.twitter.com supercoach.heraldsun.com.au
platform.twitter.com
2 fonts.gstatic.com fonts.googleapis.com
2 resourcesssl.newscdn.com.au supercoach.heraldsun.com.au
2 fonts.googleapis.com supercoach.heraldsun.com.au
1 image4.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 dis.criteo.com 1 redirects
1 cms.quantserve.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 stags.bluekai.com 1 redirects
1 js-sec.indexww.com tags.news.com.au
1 sync.1rx.io
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 trc.taboola.com
1 tags.rd.linksynergy.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 check.analytics.rlcdn.com supercoach.heraldsun.com.au
1 tags.bluekai.com 1 redirects
1 dsp.adkernel.com 1 redirects
1 ipac.ctnsnet.com 1 redirects
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 ads.as.criteo.com f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
1 rtb.jp2.as.criteo.com supercoach.heraldsun.com.au
1 dt.scanscout.com 1 redirects
1 image5.pubmatic.com
1 lm.serving-sys.com secure-ds.serving-sys.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 adservice.google.com.au securepubads.g.doubleclick.net
1 www.googleadservices.com secure-ds.serving-sys.com
1 snap.licdn.com supercoach.heraldsun.com.au
1 yajljxnv28nwvymnn8ijtasjyyjwq1677108152.nuid.imrworldwide.com
1 edge.adobedc.net supercoach.heraldsun.com.au
1 rm-script.dotmetrics.net
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 bs.serving-sys.com secure-ds.serving-sys.com
1 alb.reddit.com
1 udc-neb.kampyle.com
1 lb.eu-1-id5-sync.com supercoach.heraldsun.com.au
1 bidder.criteo.com supercoach.heraldsun.com.au
1 hbopenbid.pubmatic.com supercoach.heraldsun.com.au
1 htlb.casalemedia.com supercoach.heraldsun.com.au
1 aax-dtb-cf.amazon-adsystem.com supercoach.heraldsun.com.au
1 api.rlcdn.com supercoach.heraldsun.com.au
1 collector.brandmetrics.com cdn.brandmetrics.com
1 ncg.tags.news.com.au au.tags.newscgp.com
1 ping.chartbeat.net
1 googleads4.g.doubleclick.net supercoach.heraldsun.com.au
1 cdn.jsdelivr.net supercoach.heraldsun.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 o479328.ingest.sentry.io omny.fm
1 www.redditstatic.com tags.tiqcdn.com
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 cdn1.adoberesources.net tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 ad.doubleclick.net tags.tiqcdn.com
1 syndication.twitter.com platform.twitter.com
1 assets.vidora.com resourcesssl.newscdn.com.au
1 players.brightcove.net resourcesssl.newscdn.com.au
1 pubads.g.doubleclick.net supercoach.heraldsun.com.au
1 www.news.com.au supercoach.heraldsun.com.au
0 ad.turn.com Failed ssum-sec.casalemedia.com
0 uipglob.semasio.net Failed ads.pubmatic.com
0 c1.adform.net Failed ads.pubmatic.com
0 d.turn.com Failed
424 158
Subject Issuer Validity Valid
supercoach.heraldsun.com.au
Amazon		 2022-11-02 -
2023-12-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
news.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-15 -
2024-01-14		 a year crt.sh
*.tiqcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-12-02 -
2023-03-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
players.brightcove.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-28 -
2023-07-28		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.vidora.com
Amazon		 2023-01-11 -
2024-02-09		 a year crt.sh
tips.com.au
Amazon		 2022-11-17 -
2023-12-17		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-12		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
omny.fm
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
secure-ds.serving-sys.com
R3		 2022-12-20 -
2023-03-20		 3 months crt.sh
au.tags.newscgp.com
Amazon		 2022-12-26 -
2024-01-23		 a year crt.sh
*.zprk.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-11-17		 9 months crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
*.brandmetrics.com
GTS CA 1P5		 2023-01-12 -
2023-04-12		 3 months crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-05-15		 6 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2022-12-15 -
2024-01-15		 a year crt.sh
sc-static.net
Amazon RSA 2048 M02		 2023-01-20 -
2024-02-18		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.ingest.sentry.io
R3		 2023-02-16 -
2023-05-17		 3 months crt.sh
omnycontent.com
Amazon		 2022-04-02 -
2023-05-01		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh
*.dotmetrics.net
Amazon		 2022-09-23 -
2023-10-21		 a year crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.snap.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-08-16		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-12		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-12		 a year crt.sh
www.newsconnect.com.au
Amazon RSA 2048 M01		 2023-02-13 -
2023-05-08		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-05-14		 6 months crt.sh
bs.serving-sys.com
Amazon RSA 2048 M02		 2023-02-03 -
2023-05-24		 4 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
metrics.heraldsun.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-17 -
2023-07-18		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-03 -
2023-05-27		 4 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
edge.adobedc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-19 -
2023-11-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.nuid.imrworldwide.com
Amazon		 2022-05-12 -
2023-06-10		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh
lm.serving-sys.com
Amazon RSA 2048 M01		 2023-02-14 -
2024-02-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-24 -
2023-03-26		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-20 -
2023-03-18		 3 months crt.sh
analytics.rlcdn.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-19 -
2023-03-21		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-19 -
2023-04-16		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh

This page contains 55 frames:

Primary Page: https://supercoach.heraldsun.com.au/
Frame ID: 9ACD58EB457759F161489B2EF7A315CF
Requests: 207 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fsupercoach.heraldsun.com.au
Frame ID: 84E864E3AC674388EEDBAB5DAEC65C5A
Requests: 2 HTTP requests in this frame

Frame: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Frame ID: 86658811212AEDD0DD257ADDFD9FD79C
Requests: 28 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: AE05B08FA32E9EA2C1D3BA7A839B09CD
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=4dd63809-64d7-47eb-8c17-1b1e3ac5bd62&u_scsid=0ddd91fc-f927-4306-bff3-f5f4b7f3d660&u_sclid=854b47b7-486a-4abb-b855-e2f9d49eeb4c
Frame ID: 8CBC77D2C86541A1C476258604DD03A9
Requests: 2 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: FB1F1D6A7B538D7B0BEC468280A83386
Requests: 22 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1677052993406&pnid=140&pcid=7f302f88-3a89-459f-a1d8-42733c31cae5
Frame ID: A56DFCD058D394CF90025EFBC0E45EAE
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Frame ID: 63BFC87644004BBAAE91401A0A958CA1
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 71B0F6AE7E418BDF913B2F86B80C7AE3
Requests: 3 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 70C17C82FED7A65E7236513D2791E937
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 3E671D8C0C4E9BD6128D7FC7794D73EF
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: B0C7D940D31AEB1594E3D3E17593D686
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: E6AE561A6171A2C7D3CA2E285AEBF321
Requests: 4 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 29CAEDBAF9196AF4DF6A58A25C87370E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 8E69420146AE5B8AC7FE7D96DE940C89
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJSn_92iqv0CFSGd2AUdN_ALdA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9682841358503.352
Frame ID: E4B5B62D6125F4C08001655216886FB1
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: E9D8A151E22A4D84E42DAB74ED8015DE
Requests: 4 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 90A260C33B15E0DC1F406FE7D4B313A6
Requests: 4 HTTP requests in this frame

Frame: https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E765E7A3D8F9757A8FEE30DCF001656E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxJ5BbGGU62Utz7PiI3gQe0OD8YF0_DVN1As2ozxG2siUOczmKg2-M9RT59xMdxPXGjfbwgXJrb-HulW4OB98cGWvPI0oEahwtoJH_ZM_Bgyko69rJI2UjS8si5hSpMAYP2HbMBBpYkG3SVB-PYtEEVMz5vBSCC87AESx0na2ayeAqLZhIh_WUFEfp5hDJB3qGplSJPSFrpEgLCiqoGGHe24EpQW0nrCQ1-hQoOVTbsBqW_yhA2Z6tjdQ5HrmtP2iKZv7WkSnW6JNA23D9-v_I9ShaXQgbRFPExaz_73tCTG-i3H-u0jmHJCrjd_GifCLNVTdColx-gB3GGgTSvyGcBZUdA6kNEyaBH1dzhmnJUXlxLF3kXhhu1Q&sai=AMfl-YRbw5GUH88IiM5acEUyre2BCweiyaJHvbwgee_UvNQFBOwb4tkLgrnkOesezx9U3O8FHGIvDhw44gPfFwAOUEUSVrm6o0hEusW8hdjx-5vSzm5HsYBqNmOqSeusAg&sig=Cg0ArKJSzA_f7Ak8DEnjEAE&uach_m=[UACH]&adurl=
Frame ID: 00DFF4F5CD976D9EC8F49C0AE781CDE2
Requests: 8 HTTP requests in this frame

Frame: https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 67418795728E0CCA8CEA43F569EA7A60
Requests: 10 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: 033765B2D8A3B5282D38146BFC402109
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=supercoach.heraldsun.com.au
Frame ID: A0A596496E8B1E50669E4F34F694B9BC
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: F9057657FEC99B6A46DD22721411E7DD
Requests: 2 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Frame ID: BC6B47809B3785E0649B72ED77F6912F
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 823A97E2CB446A724607E6A8BCBA46AC
Requests: 9 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 03B491BBAE477D6B3933069DEA5DEBD3
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-WrXFWfxE2uIrCoyRL7c3mnWCpsotcCk-~A&gdpr=0
Frame ID: 5B90E025FC1C01A5B5C0EA87C65DBF5C
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 44902D632832CFB156128C565E33DC0E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=9a2a2bb4-361d-4d99-b275-7a9d0d8a8d67&google_gid=CAESEPKL80_1HPezhgp6TX3Dpco&google_cver=1
Frame ID: 4EB0FD7EC073980FD9B86DC21238F6D5
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-WrXFWfxE2uIrCoyRL7c3mnWCpsotcCk-~A&gdpr=0
Frame ID: 5DA7039A53CD6621D62109F00B76F8AE
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&google_gid=CAESEPKL80_1HPezhgp6TX3Dpco&google_cver=1
Frame ID: A94F8A6D0442466E4C2A5CA0810B16E7
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 0D441A87BD9751A67397FC80C0890897
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 6B4FB84BD5436A7BCDE002E45FA497D6
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: C45F275AA454EA89573382778BB5BF04
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 6D402F82016A4AC02DBB3CEB0CCF2BAC
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F8D3D0180D81D0EE171384D258EDFF4C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AAECB1128D7A5E1AFCA9454B6EFBA317
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=21942072462&placementId=5084295962&pubCreative=138347629745&pubOrder=2553375348&cb=247157887&custom=index&custom3=21851376062&adsafe_par&impId=c9dfbe90-b307-11ed-9329-0679fa08ad36
Frame ID: 3884342D6C1D141BB0D8DCBE3D206AE2
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=ACD4DC89-595E-44FC-82AC-72170E50D132&gdpr=0&gdpr_consent=
Frame ID: 9C38FDADE44AAEC681DC598DA2F61503
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c5a963f6-a3bb-4500-8c4f-4616cc457ee6&gdpr=0&gdpr_consent=
Frame ID: 211AD5BC7644E32841B4D59137A256E2
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 250241C542C32D10A098B1AF5C6979E6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDACD4DC89-595E-44FC-82AC-72170E50D132
Frame ID: E6D81DF1861D5E31340A81F158F1A3AF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C17C67A4BD3FC13C5225A8551D4308D9
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 80022DD5CF2076C3EBD86F2D51EDBADA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: 958E1E8714221EC2A2F07E392A1DC0AD
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D834EB7596E9FEF8780A5AABE8AD968C
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: EB89704F733E2A2F7AF74F4E0BE11BA9
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: ADE617378BC9BDA7E0A40BAB2FCC5D95
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z227b3ier56
Frame ID: 204DF288918851A76108FDAA75CBB2C3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3305234269175720309&gdpr=0&gdpr_consent=
Frame ID: 0B46559294F661E901657528AB14A79E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HUyDOEpMh2gGR9U6TUzIORsZhD4GTdY2Exyszoos
Frame ID: BC247F413936BA9E43AA12D855856992
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: CB46FE9F7DCDF0A81C081EB93738A479
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=vEeeLBy3CsWj8oi0v6P2Yw
Frame ID: 7323C3C5BAA41D57BF18B559F98036A8
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 9A338F904D25A732DAA854A7446EA3F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Herald Sun KFC SuperCoach

Page URL History Show full URLs

  1. http://supercoach.heraldsun.com.au/ HTTP 301
    https://supercoach.heraldsun.com.au/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

424
Requests

86 %
HTTPS

0 %
IPv6

91
Domains

158
Subdomains

120
IPs

3
Countries

7264 kB
Transfer

23091 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://supercoach.heraldsun.com.au/ HTTP 301
    https://supercoach.heraldsun.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81
  • https://www.omnycontent.com/d/clips/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/fb8e765c-5a5f-4f6c-b794-afb000718708/image.jpg?t=1599022787&in_playlist=023c69e4-8322-4b09-8c70-ac2a00524b91&size=medium HTTP 302
  • https://www.omnycontent.com/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/image.jpg?size=Medium&t=1599022787
Request Chain 105
  • https://www.omnycontent.com/d/clips/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/fb8e765c-5a5f-4f6c-b794-afb000718708/image.jpg?t=1599022787&in_playlist=023c69e4-8322-4b09-8c70-ac2a00524b91&size=thumbnail HTTP 302
  • https://www.omnycontent.com/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/image.jpg?size=Thumbnail&t=1599022787
Request Chain 158
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1677108150522 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1677108150522
Request Chain 202
  • https://cm.everesttech.net/cm/dd?d_uuid=24030478256935597361233864095430359157 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-ajuQAAAKjAyQM4
Request Chain 210
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1677108152535&u_scsid=d9de51ca-881c-4276-8acf-157805c870dd&u_sclid=cfe378fc-9deb-4eb4-9d92-16739e14230b HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1677052993406%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1677052993406%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://tr.snapchat.com/cm/p?rand=1677052993406&pnid=140&pcid=7f302f88-3a89-459f-a1d8-42733c31cae5
Request Chain 215
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Request Chain 232
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9682841358503.352 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CJSn_92iqv0CFSGd2AUdN_ALdA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9682841358503.352
Request Chain 244
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=3305234269175720309
Request Chain 249
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1677108153756&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1677108153756&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1677108153756%26url%3Dhttps%253A%252F%252Fsupercoach.heraldsun.com.au%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1677108153756&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&cookiesTest=true&liSync=true
Request Chain 250
  • https://token.rubiconproject.com/token?pid=6404&puid=24030478256935597361233864095430359157&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LEGAW4F6-P-HOVR?gdpr=0
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjQwMzA0NzgyNTY5MzU1OTczNjEyMzM4NjQwOTU0MzAzNTkxNTc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGqtU7yeUjM4XSkdah5ncsI&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 258
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=supercoach.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=supercoach.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=1c753e8b-93b5-4981-a8e7-e051ef8a1e71
Request Chain 272
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y-ajujc1ydk-A.QzTynpngAA%264717
Request Chain 273
  • https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Request Chain 276
  • https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Request Chain 278
  • https://dt.scanscout.com/ssframework/uid?UIAA=24030478256935597361233864095430359157&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-bad02f19b69f3872f9c5931fdf6b3d36
Request Chain 288
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=24030478256935597361233864095430359157&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=24030478256935597361233864095430359157&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 292
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=24030478256935597361233864095430359157 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=24030478256935597361233864095430359157
Request Chain 294
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEGVCRzb2SLVVwtbzFh6iqCo&google_cver=1&google_push=Aa02lx9LcxD1XVpqjEHxbj26HK11dUtLohoq-TgNIHQbamHCBO4bpjquJ-eKrhp95ifB6SWvzvetT2EdQZiHYpCMgMUGH9mUYkxwUg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx9LcxD1XVpqjEHxbj26HK11dUtLohoq-TgNIHQbamHCBO4bpjquJ-eKrhp95ifB6SWvzvetT2EdQZiHYpCMgMUGH9mUYkxwUg&google_hm=xiH827uPTJ2_AD8GF9qx34I
Request Chain 295
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEG3GnWwSxkoRAI-huWaPVM4&google_cver=1&google_push=Aa02lx8u0OgQ-Cr6DBmIjLnaDK7rgVr5qqjAZvLhgSRqrjO4n_K3HgAKtB7SpWvKDfH_fHXv9PXu5rf7JHfCF3371B3ZdKbksoxbow HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTUzNTY5NTEyODQyMjczMzQ1NzQ&google_push=Aa02lx8u0OgQ-Cr6DBmIjLnaDK7rgVr5qqjAZvLhgSRqrjO4n_K3HgAKtB7SpWvKDfH_fHXv9PXu5rf7JHfCF3371B3ZdKbksoxbow
Request Chain 296
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAPmK7_1Xt7q8BdI5LKDn2s&google_cver=1&google_push=Aa02lx-AZCpz0S-u1hUXS0jHNzDX17yPrOxT2r-s5q3ZhaO63oiRo7ReAx8-AC6628xcMucBfaI-WbbXFNAkB4t7n3LzyNS0A_BbArg HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAPmK7_1Xt7q8BdI5LKDn2s&google_cver=1&google_push=Aa02lx-AZCpz0S-u1hUXS0jHNzDX17yPrOxT2r-s5q3ZhaO63oiRo7ReAx8-AC6628xcMucBfaI-WbbXFNAkB4t7n3LzyNS0A_BbArg&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1XQ3B3MUhoRTJ1R3hWTDE5ME5nSWFjTXdlSlNjcTlsaX5B&google_push=Aa02lx-AZCpz0S-u1hUXS0jHNzDX17yPrOxT2r-s5q3ZhaO63oiRo7ReAx8-AC6628xcMucBfaI-WbbXFNAkB4t7n3LzyNS0A_BbArg
Request Chain 297
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJaC_XWUhA_eqJ1c6rKbvMI&google_cver=1&google_push=Aa02lx_zt0CVJS3flLEJ8NE_3dqHoXfquIaM304HQvRGK_DDVEWzdd0SsabL9itKkdls9hk47TNsrudwq_k-f_yfuwpsYO1jyvQ3Fb4 HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJaC_XWUhA_eqJ1c6rKbvMI&google_cver=1&google_push=Aa02lx_zt0CVJS3flLEJ8NE_3dqHoXfquIaM304HQvRGK_DDVEWzdd0SsabL9itKkdls9hk47TNsrudwq_k-f_yfuwpsYO1jyvQ3Fb4&uid-set=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=Aa02lx_zt0CVJS3flLEJ8NE_3dqHoXfquIaM304HQvRGK_DDVEWzdd0SsabL9itKkdls9hk47TNsrudwq_k-f_yfuwpsYO1jyvQ3Fb4&google_hm=LUE2U05NbzBFbWdx&suid-set=1
Request Chain 298
  • https://an.yandex.ru/mapuid/google/CAESEFgg6pwud08baLxEoclCUR8?ext-param=Aa02lx_sAJjn7kLSrntXM5-EG-7ynAAoexBPCVYXs1cfWoAV06eBsj3itsXOHFC4b1jcafUPV-jTyKW9d5VAtHUy4wZqNWUUEXLoEis&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEFgg6pwud08baLxEoclCUR8?redir-setuniq=1&ext-param=Aa02lx_sAJjn7kLSrntXM5-EG-7ynAAoexBPCVYXs1cfWoAV06eBsj3itsXOHFC4b1jcafUPV-jTyKW9d5VAtHUy4wZqNWUUEXLoEis&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEFgg6pwud08baLxEoclCUR8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 299
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEMfkm8ls1aYFegmVKH4vxsM&google_cver=1&google_push=Aa02lx_K0-lL7qJKJD88WflhpmqMRHEt4qUvTxbAe_vRKgQB__Dm-ZDWGbVCiLnTFfxTs-PDgLftrYxCbLrnxOKC3vddxEfmDGXm8Lk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzMwNTIzNDI2OTE3NTcyMDMwOQ%3D%3D&google_gid=CAESEMfkm8ls1aYFegmVKH4vxsM&google_cver=1&google_push=Aa02lx_K0-lL7qJKJD88WflhpmqMRHEt4qUvTxbAe_vRKgQB__Dm-ZDWGbVCiLnTFfxTs-PDgLftrYxCbLrnxOKC3vddxEfmDGXm8Lk
Request Chain 300
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENxue9UF2kT5hGPOuAiRyIs&google_cver=1&google_push=Aa02lx9uRprhyMy0R_YB0cPAI7cYq6uOnsJJ3xbcMHSxPmtfQKaBkiFCAMuL32l6jd2OY_R-o763qCbCMhIXBNajdRfO60gfAOvPIYs HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENxue9UF2kT5hGPOuAiRyIs&google_cver=1&google_push=Aa02lx9uRprhyMy0R_YB0cPAI7cYq6uOnsJJ3xbcMHSxPmtfQKaBkiFCAMuL32l6jd2OY_R-o763qCbCMhIXBNajdRfO60gfAOvPIYs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5568ccc7-59c5-4ea5-bffd-02f2288e27f1&%%GOOGLE_PUSH_PAIR%%
Request Chain 303
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=9a2a2bb4-361d-4d99-b275-7a9d0d8a8d67&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=9a2a2bb4-361d-4d99-b275-7a9d0d8a8d67&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-WrXFWfxE2uIrCoyRL7c3mnWCpsotcCk-~A&gdpr=0
Request Chain 304
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9a2a2bb4-361d-4d99-b275-7a9d0d8a8d67&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OWEyYTJiYjQtMzYxZC00ZDk5LWIyNzUtN2E5ZDBkOGE4ZDY3&gdpr=0&gdpr_consent=&ttd_tdid=9a2a2bb4-361d-4d99-b275-7a9d0d8a8d67 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=9a2a2bb4-361d-4d99-b275-7a9d0d8a8d67&google_gid=CAESEPKL80_1HPezhgp6TX3Dpco&google_cver=1
Request Chain 306
  • https://tags.bluekai.com/site/43981?id=24030478256935597361233864095430359157&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 307
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-WrXFWfxE2uIrCoyRL7c3mnWCpsotcCk-~A&gdpr=0
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZjRhMmYyNDQtYWFiZS00YzZhLTlhYjItMzhmZGU5NmU3NTgx&gdpr=0&gdpr_consent=&ttd_tdid=f4a2f244-aabe-4c6a-9ab2-38fde96e7581 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&google_gid=CAESEPKL80_1HPezhgp6TX3Dpco&google_cver=1
Request Chain 309
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Request Chain 311
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1hanVRQUFBS2pBeVFNNA==
Request Chain 317
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y-ajuQAAAKjAyQM4&expires=90
Request Chain 321
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-ajuQAAAKjAyQM4
Request Chain 327
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=Y-ajuQAAAKjAyQM4
Request Chain 335
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y-ajuQAAAKjAyQM4 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y-ajuQAAAKjAyQM4
Request Chain 344
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-ajuQAAAKjAyQM4
Request Chain 349
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_ajujc1ydk_A-QzTynpngAAEm0AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFhe4v0VODHt4hZ4donqqF4&google_cver=1
Request Chain 350
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-ajujc1ydk-A.QzTynpngAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH3cubcdzGT8736veeLNznA&google_cver=1&google_hm=2
Request Chain 351
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=AA004B20EEAA4105BD6F5363719A6464
Request Chain 352
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=VwwIMXjRSQlRsqZHTn1VLGfR_oI
Request Chain 353
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b5ea63f6-a3bb-4500-ba36-f095ab8e756b
Request Chain 358
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-ajuQAAAKjAyQM4&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-ajuQAAAKjAyQM4&img=1&__user_check__=1&sync_id=ca7f89ac-b307-11ed-b456-1eadad6c0107
Request Chain 360
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y-ajuQAAAKjAyQM4&t=2592000&o=0
Request Chain 361
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LEGAW4F6-P-HOVR HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LEGAW4F6-P-HOVR&ex=d-rubiconproject.com&status=ok
Request Chain 363
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c5a963f6-a3bb-4500-8c4f-4616cc457ee6&gdpr=0&gdpr_consent=
Request Chain 366
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rNTciVleRPyCrHIXDlDRMg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 367
  • https://idsync.rlcdn.com/420486.gif?partner_uid=ACD4DC89-595E-44FC-82AC-72170E50D132 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEFDRDREQzg5LTU5NUUtNDRGQy04MkFDLTcyMTcwRTUwRDEzMhAAGg0Iu8fanwYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=43e7c67a8aea897eed261609f8634bc8ae5577c2844e2846838c14819a72eef3791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA0M2U3YzY3YThhZWE4OTdlZWQyNjE2MDlmODYzNGJjOGFlNTU3N2MyODQ0ZTI4NDY4MzhjMTQ4MTlhNzJlZWYzNzkxNDI2YjU0MTdkY2UyMRAAGgwIvMfanwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA0M2U3YzY3YThhZWE4OTdlZWQyNjE2MDlmODYzNGJjOGFlNTU3N2MyODQ0ZTI4NDY4MzhjMTQ4MTlhNzJlZWYzNzkxNDI2YjU0MTdkY2UyMRAAGgwIvMfanwYSBAgCEABCAEoA&google_gid=CAESEGyFcbCvMdXn0n-KlcuCbg0&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=80847ca0-c185-448e-8871-f7f2c4f73926
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUNENERDODktNTk1RS00NEZDLTgyQUMtNzIxNzBFNTBEMTMy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHeZEPW_vNw4aQgCqo0lqsE&google_cver=1
Request Chain 371
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B6F1F1BB10AE4E7192DC4D015AF4FF9C
Request Chain 374
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/FyfaHNP-oQiGRg93p0LN8w?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-OEixWr5E2oLOSET2ag1l4ZrYkuTKUT1DozR8ww--~A
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELCOOyEa7epjzkZhdiwP4go&google_cver=1
Request Chain 376
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_43pOYKEQ46r5rmdYDg0JQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_43pOYKEQ46r5rmdYDg0JQ
Request Chain 378
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVHQVc0RjYtUC1IT1ZS
Request Chain 379
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEGAW4F6-P-HOVR
Request Chain 380
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWI5Zjk0ODY4ZDA0MmVjZDk2YzYxYzA2OThjNDkwYjgxNzhhZDE2MA
Request Chain 399
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3305234269175720309
Request Chain 401
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y_ajujc1ydk_A-QzTynpngAAEm0AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y_ajujc1ydk_A-QzTynpngAAEm0AAAIB
Request Chain 403
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-ajuQAAAKjAyQM4
Request Chain 404
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-ajujc1ydk-A.QzTynpngAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH3cubcdzGT8736veeLNznA&google_cver=1&google_hm=2
Request Chain 406
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=ImCkaJZrN_I_SL1wcV8Y&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SLNINVWCSS2OJHF6SK7KNGDC53DKY4FS HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SLNINVWCSS2OJHF6SK7KNGDC53DKY4FS HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=ImCkaJZrN_I_SL1wcV8Y
Request Chain 412
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z227b3ier56
Request Chain 413
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3305234269175720309&gdpr=0&gdpr_consent=
Request Chain 414
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HUyDOEpMh2gGR9U6TUzIORsZhD4GTdY2Exyszoos
Request Chain 415
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 416
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=vEeeLBy3CsWj8oi0v6P2Yw
Request Chain 418
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=ACD4DC89-595E-44FC-82AC-72170E50D132&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=ACD4DC89-595E-44FC-82AC-72170E50D132&gdpr=0&gdpr_consent=&ct=y
Request Chain 419
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=ACD4DC89-595E-44FC-82AC-72170E50D132 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=7f302f88-3a89-459f-a1d8-42733c31cae5%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&ttd_puid=7f302f88-3a89-459f-a1d8-42733c31cae5%2C%2C
Request Chain 420
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&gdpr=0&gdpr_consent=
Request Chain 421
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ACD4DC89-595E-44FC-82AC-72170E50D132&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HLfUL4lE2uXcH97gQ8O8_TAczetbWCg-~A&gdpr=0
Request Chain 423
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5568ccc7-59c5-4ea5-bffd-02f2288e27f1 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5568ccc7-59c5-4ea5-bffd-02f2288e27f1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=659f28e0-481d-47fe-8ff6-df957959bc73&user_group=1&ssp=pubmatic&bsw_param=5568ccc7-59c5-4ea5-bffd-02f2288e27f1

424 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
supercoach.heraldsun.com.au/
Redirect Chain
  • http://supercoach.heraldsun.com.au/
  • https://supercoach.heraldsun.com.au/
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
f65a324b2e4003515de55535f4a6b4f2e1e0160fd479510c6fbd51d63961c738
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
56
cache-control
max-age=60
content-encoding
gzip
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-type
text/html
date
Wed, 22 Feb 2023 23:21:27 GMT
etag
W/"5e2148961a5d04a47f4d61779d0aacc2"
last-modified
Wed, 22 Feb 2023 05:18:30 GMT
server
CloudFront
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-id
dBB7OZePjyhxY4UxTZwmgUpcT03xVCyzTpTHZQYkkTdJaaCuprvGfQ==
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-xss-protection
1

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Wed, 22 Feb 2023 23:22:22 GMT
Location
https://supercoach.heraldsun.com.au/
Server
CloudFront
Via
1.1 d349739893df3b59b8ea4953ff21a5e8.cloudfront.net (CloudFront)
X-Amz-Cf-Id
973XvAd1MNq7rBZzvspXa9v4SVuEV-FwC1Aps7lR_Wg6lJ19Z7x6Wg==
X-Amz-Cf-Pop
SIN2-P2
X-Cache
Redirect from cloudfront
icon
fonts.googleapis.com/ 		569 B
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Feb 2023 23:22:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 23:22:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Feb 2023 23:22:23 GMT
css
fonts.googleapis.com/ 		6 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Feb 2023 23:22:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 23:09:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Feb 2023 23:22:23 GMT
rampart.js
www.news.com.au/remote/identity/rampart/latest/ 		282 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.news.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4468d08891fca625d4051ab4e7a33725527fe4174864c8c6866c93a88defe88a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Wed, 22 Feb 2023 23:22:23 GMT
server
AkamaiNetStorage
etag
"af816b6ce032f3422eee490ee10544a4:1674101957.670601"
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.news.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=729
is-https
true
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 22 Feb 2023 23:34:32 GMT
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5fa179bb6a43d208de3a3fcfb289e117067e152f9c6fcbd5b68a1187ea2210d9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:24 GMT
content-encoding
gzip
last-modified
Mon, 20 Feb 2023 03:58:47 GMT
server
AkamaiNetStorage
etag
"04ef17c5d2039f3cd562d15716bd1bce:1676865527.006617"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1552
expires
Wed, 22 Feb 2023 23:27:24 GMT
player.css
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/ 		287 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.css
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
830bf311604c3303fa7726756aa6ea1a96ceedc07f5e77ab0d54d16fdcab8c97

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:25 GMT
content-encoding
gzip
x-amz-request-id
6M5NBXFTV94KNJ35
x-amz-server-side-encryption
AES256
content-length
47624
x-amz-id-2
EY8tCP407gUSTY/KSIRFv9+sJSRGK/bpLPMs/aCtAq7JBjKOLesSJbAmuFYkbJ81+b5Ip1Uc20A=
last-modified
Wed, 15 Feb 2023 03:25:31 GMT
server
AmazonS3
etag
"aacf3bf633e23d993f6c54e09a9b2ca5"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=192
accept-ranges
bytes
expires
Wed, 22 Feb 2023 23:25:37 GMT
styles.7daf0f9e4a716e60.css
supercoach.heraldsun.com.au/ 		1 MB
148 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
56963003b01734c810ca2aa6ac651871f418a1d54461f06a60bd7010b2bd8aa3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:36 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64429
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:30 GMT
server
CloudFront
etag
W/"265248b2d69f61a8c7779c6706cb2a8a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
G-v1JvJFudcbalHuwh1O-BW3UXYcRBpUwq90b9iyXcJY9HcwSqr5fA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
78e5eef5a4c0897721038a13810d3a39cc3779c2f308de609cd34823a90bf0a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 23:22:25 GMT
content-md5
mnr6nrGxlnT7EzbzSAdSrw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
AK5mK3QWHAk0VMiQOnP8OCROWGATRu8AIkFbwN25V//MyI8NKwLDPySPv2zX7MMAb2J16xyEo0YGvXjvzfMu/A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
548340344
x-fb-content-md5
8fa1aa002ad663802bf73f2c47902b37
cross-origin-opener-policy
same-origin-allow-popups
etag
"8df8014464917a75095d27222c9971a1"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Wed, 22 Feb 2023 23:42:12 GMT
sdk.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=64f165777d90253cf5a0a22d3b8fa50c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.15.13 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
9f4e0d95d076668b9a5b15c8dcad8de90867decce2e5acf9a1020d8b6e86a1cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://supercoach.heraldsun.com.au/
Origin
https://supercoach.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 23:22:25 GMT
content-md5
W60X4DhkCxS6r7IdU2kTJQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87019
x-fb-rlafr
0
x-fb-debug
FRzaypQJHBy4bbDhP6L6Mej34TvKEvDB1jMP2UMCbbiZde5U4d37ARFy03j7VMF6wy4dgHm7HpJPwf/te6iv6w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
8b396d17deb2f2840db4ed1401d7f546
cross-origin-opener-policy
same-origin-allow-popups
etag
"def60e77425349ed1f4784b42e0f7904"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 22 Feb 2024 21:30:13 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://supercoach.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 11:30:23 GMT
x-content-type-options
nosniff
age
388323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Feb 2024 11:30:23 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.237.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mbw/47A5) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 23:22:26 GMT
Content-Encoding
gzip
Age
828
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
x-amzn-internal-status
304
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (mbw/47A5)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
player.js
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/ 		440 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d6d86d147ad21764c3b7567678f063a1fe48b5fbed5feb4d2c87932ec2c5cad6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:26 GMT
content-encoding
gzip
x-amz-request-id
JX9A1RRX74A27BV0
x-amz-server-side-encryption
AES256
content-length
98477
x-amz-id-2
FAZdceQPT+FE1mywf0yQSb3fQSlrPhemOZ8Lhh4VD9331uuyWnU/JAVPfmrpk0yoZ+DmhBwaEQI=
last-modified
Wed, 15 Feb 2023 03:25:32 GMT
server
AmazonS3
etag
"1f865b7f1bd2a957a4fc4a3013a2ad55"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1398
accept-ranges
bytes
expires
Wed, 22 Feb 2023 23:45:44 GMT
DFPAudiencePixel;ord=7716968848716235;dc_seg=7434215122
pubads.g.doubleclick.net/activity;dc_iu=/5129/ 		42 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/5129/DFPAudiencePixel;ord=7716968848716235;dc_seg=7434215122?
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runtime.add52d8e9de2b86c.js
supercoach.heraldsun.com.au/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/runtime.add52d8e9de2b86c.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
c12518607dd5c7393565336721a3c04e1b735d2f53b01b367ee705fa17db006a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://supercoach.heraldsun.com.au/
Origin
https://supercoach.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:26:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64582
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:30 GMT
server
CloudFront
etag
W/"5cd4ace6ca44939492fee5108bffbba4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
Swvrt_wQcscoWKe40h4UkGaKHg4WpYcsroHPp7v2TQNsCRQXVU_EPg==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
polyfills.0934b4cf86f77af5.js
supercoach.heraldsun.com.au/ 		100 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
ba2e5178a90693f8371e7b9989bb699c649d1f33bef2ceb6dd67c8118813e7a7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://supercoach.heraldsun.com.au/
Origin
https://supercoach.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:33 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64434
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:30 GMT
server
CloudFront
etag
W/"7411d8e653dd27593fc211e6883aba87"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
06lDZA2DZXkV2yylhWDOLjjAZRKSg0b-jqwuyZVTR4Y358RTbfBtng==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
scripts.75a156d632c94d99.js
supercoach.heraldsun.com.au/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/scripts.75a156d632c94d99.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
21253b645972db8c8f07eab412d7bc2ec0de10a81144d544e340879822b4d35d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:33 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64434
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:30 GMT
server
CloudFront
etag
W/"5f6e41ab62a78441d673d53902657a33"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
fJoQez0oKElYS3gIP5k3R3aKuispNoHhxrcJrLbyO7ph0cQ5L5PgGA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
vendor.67e707c093d4cf0f.js
supercoach.heraldsun.com.au/ 		3 MB
796 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/vendor.67e707c093d4cf0f.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
b27c0bd61116f98e23e6d181ff31043cbba1f5e2c8c0cbfa4b8fb350f9e11650
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://supercoach.heraldsun.com.au/
Origin
https://supercoach.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:33 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64434
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:30 GMT
server
CloudFront
etag
W/"788c3eb5c6c58841c197a13b9dad7c4e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
oP5s1jn9HsvZKM6_94LGOu1bcYUtah9hV9I4Cizvujfy6zcxzWeQyw==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
main.693938e49c49fd47.js
supercoach.heraldsun.com.au/ 		2 MB
515 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/main.693938e49c49fd47.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
d7d66a94efc44da1e7c2b34fa5463b6326d706548e90f9dde0f77fe0582169f1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://supercoach.heraldsun.com.au/
Origin
https://supercoach.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:33 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64434
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:30 GMT
server
CloudFront
etag
W/"41edefaae3dca68350648c83ca921ae8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
BRJp0-bhPJk7jeIHUn8pGE5xi0zrOVB8_HNBi8L9jfMHumuHXC6glA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
index.min.js
players.brightcove.net/5348771529001/938M1Zecs_default/ 		931 KB
250 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.207.181.29 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-29.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
714f6738376a61459e39558628b73496acaabd5b90516c8bff2b44b7b36609a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
PeOMqIIQk0AX.dt12S5B9WegUKTCIoLY
Content-Encoding
gzip
Date
Wed, 22 Feb 2023 23:22:27 GMT
x-amz-request-id
J7991XX78DNEHM3R
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
255199
x-amz-id-2
usFIX+NXRI8NldrIR2lAvW8Zia+ovTCv6hlf3hhlzoJRZQjvLdhge4jh5et1kERL7B8jlBGg7Ao=
X-BCOV-Response-Mode
1
X-Served-By
cache-qpg1228-QPG
Last-Modified
Mon, 18 Jul 2022 05:27:06 GMT
Server
AmazonS3
X-Timer
S1665744414.270841,VS0,VE1
ETag
"ee60f1c90237e0fc32d8071fe73d0e86"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=78
Accept-Ranges
bytes
X-Cache-Hits
1
MediaSDK.min.js
tags.news.com.au/prod/heartbeat/v2.2.0/ 		175 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:26 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"c347a09f51bb895d757c5e600ad18d57:1565826404"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=19388
content-length
35262
vans-adapter-google-ima.js
static.adsafeprotected.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-37.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
content-encoding
gzip
via
1.1 0e57ab7e4e13f8d49df5255d2b26c06e.cloudfront.net (CloudFront)
date
Wed, 22 Feb 2023 01:09:59 GMT
x-amz-cf-pop
HAM50-P1
age
80255
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jul 2021 19:25:58 GMT
server
AmazonS3
etag
W/"8ec0c211dda60907ae57f46e621bc794"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
Qsw-IKNjer0cNKpHrjj6nZSd24W79jZekEvxUWzxWNByIHSMnj-Z6A==
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-85.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 01:02:50 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
via
1.1 fa00891de7530b64fd59452dc928b0b6.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
age
80378
x-amz-cf-id
PDV-hohh5jJc8URwApYWl37C3myu48iTUlqRt8WFxAEErsCdoUmxDg==
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 84E8 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fsupercoach.heraldsun.com.au
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.237.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mbw/47C6) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2511544
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Wed, 22 Feb 2023 23:22:27 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mbw/47C6)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
settings
supercoach.heraldsun.com.au/2023/api/afl/classic/v1/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2023/api/afl/classic/v1/settings?min=false
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
28d3c4990c5bb406c545ecdb67410f4216f47fd67c8bc62532fdad5adc307efc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:21:28 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
59
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
access-control-allow-headers
authorization, content-type
x-amz-cf-id
mQkFaLL6CGG17Xk1H4bU_9dd3tj7KPJUiKeTnOaFF9JUvTVkARSyqg==
settings
supercoach.heraldsun.com.au/2023/api/afl/draft/v1/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2023/api/afl/draft/v1/settings?min=false
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
0ff9ef6b85bd1143ab294e2837bf1363e938de5869971280e1858140cc9966cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:21:28 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
59
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
access-control-allow-headers
authorization, content-type
x-amz-cf-id
U0DlzhGcPvNg2K3tfjQO4al02Kf8KsO-ReE5kR0DnB5O9EeKYbS-Mw==
settings
tips.com.au/2023/api/afl/tipping/v1/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tips.com.au/2023/api/afl/tipping/v1/settings?min=false
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-41.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
063c160558a5e2371f6c9c997695773937c868bcfe24c863851e8384b25f5813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:28 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 16074517396ff3ce754e4ac422c346c8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
access-control-allow-headers
authorization, content-type
x-amz-cf-id
9GClN7W89jxprKbOeXGZgpNoRGvuaMVYNGQhF4MDMeXvMxyNy8TmXA==
settings
supercoach.heraldsun.com.au/2023/api/nrl/classic/v1/ 		14 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2023/api/nrl/classic/v1/settings?min=false
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
98addbe891312888a794d312286b44b4551eb9d349c8ec621ba40c7c233cd45e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:21:28 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
59
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
access-control-allow-headers
authorization, content-type
x-amz-cf-id
RfKLXfW6SGMdV-5uzHNLsmqO6dKIh0dqNEiVYmuMjsgEXY96qdwEAQ==
settings
supercoach.heraldsun.com.au/2023/api/nrl/draft/v1/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2023/api/nrl/draft/v1/settings?min=false
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
c75ea671538d44847b052d7799de9a7b1333294174733b8139495faed6e67108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:21:28 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
59
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
access-control-allow-headers
authorization, content-type
x-amz-cf-id
_pJc2mIKguFdZl0RRPYml9Xrm4nYel6dVebDlI-oscUKdRcCQ2Vgqg==
settings
tips.com.au/2023/api/nrl/tipping/v1/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tips.com.au/2023/api/nrl/tipping/v1/settings?min=false
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-41.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
8fc6970335c9c9c3ee415b6ceb954a1ee2fbfea9a70807433b9db4594882af9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:28 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 16074517396ff3ce754e4ac422c346c8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
access-control-allow-headers
authorization, content-type
x-amz-cf-id
63MHdlqhwGTAbpmf0wc4Y53gWbGTGuA3EaMT2sBrvOpXE-K86rLZ8w==
settings
supercoach.heraldsun.com.au/2022/api/bbl/classic/v1/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2022/api/bbl/classic/v1/settings?min=false
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
908e597c2ed91743a74246e2ec3f4ab39966afaa49f601b3d3d5b902dd6fd661
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:21:28 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
58
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
access-control-allow-headers
authorization, content-type
x-amz-cf-id
o7wzF92K2xGUrzTe_qPg40wel9OgUyw_CMejlBU8wVPDomnUo8d2VA==
settings
supercoach.heraldsun.com.au/2021/api/racing/classic/v1/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2021/api/racing/classic/v1/settings?min=false
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
4daa16a8baa1863d649ad0e3569a2ea5c3ef5584601ca8544eff030fb9c2cb29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:21:28 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
59
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
access-control-allow-headers
authorization, content-type
x-amz-cf-id
WvHG-4CCs4qReDBaTifxBdcYp1mSs2Gk7SsD4wKmMpI-KlIEgEdTVw==
settings
syndication.twitter.com/ Frame 84E8 		920 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=2e96b134782a03138be6cbf4f2db038e8121c5bd
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fsupercoach.heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
0e6809406e07c770b85da35a4faf706f8750b5db94cdc475aa4dfa79033f80eb
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time
148
date
Wed, 22 Feb 2023 23:22:28 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Wed, 22 Feb 2023 23:22:28 GMT
server
tsa_l
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
750e1fb8bbcc8770
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
e1db10bdc0792809ab20ad47361845b9928ebaabf00ab69b9fef9748ed1e2bd8
content-length
327
header_logo.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		25 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/header_logo.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/vendor.67e707c093d4cf0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
7d7b30f197a9b1808a59410e51c0bf4e0924790b73606c5b54dc537d536a7361
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64430
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:20 GMT
server
CloudFront
etag
W/"57d655e5ef836e892be79febc2b53232"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
FsoOzV0XOMc7Ywd1np-8enFWrLLU7IsuSTmmf92JW_wTO7vVd_qp7Q==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
real_fixture
supercoach.heraldsun.com.au/2023/api/afl/classic/v1/ 		8 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2023/api/afl/classic/v1/real_fixture?round=1&page=1&page_size=9998
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
92f64f8f0ea9ef0c2d74b7cd8c9843fc0b3303c9552793f0d7da34f40bcda244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:21:29 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
59
x-cache
Hit from cloudfront
server
nginx
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
link
access-control-allow-headers
authorization, content-type
x-amz-cf-id
ZbE3ksXlnCZsQZyCJ6hB0zf2Dz8E5iFTkzPc9pe18GQPFy2GJDXqdg==
players
supercoach.heraldsun.com.au/2023/api/afl/classic/v1/ 		0
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2023/api/afl/classic/v1/players?round=0&embed=notes,odds,player_stats,positions&xredir=1
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
pragma
no-cache
server
nginx
content-type
text/html; charset=UTF-8
x-vm-location
https://supercoach.heraldsun.com.au/2023/api/afl/classic/v1/players-cf?embed=notes%2Codds%2Cplayer_stats%2Cpositions&round=0&xredir=1
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
must-revalidate, no-cache, no-store, private
access-control-allow-headers
authorization, content-type
x-amz-cf-id
xOztXL_ckmNsvn9p1miPCRlgDo5SbiAow6Ia0uOKo6zH2XtWZYf4wA==
angle_down_icon.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/angle_down_icon.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
d1d9996adf227409e389ca01edbee915547f33a9765e24cf542a259e25210cd2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:32:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64206
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:20 GMT
server
CloudFront
etag
W/"0d21df6946b64bcfd5a26d6726be3e1f"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
q7OnwFKxTDQkf0djKUnU7eEOif27LBXnK5f4Te4JG6uF5rS1ZuSTaA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
landing.jpg
supercoach.heraldsun.com.au/assets/sites/news/lobby/images/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/lobby/images/landing.jpg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
8ec974f98a68710a1f33994e4b94ce7b131097a5adf24baf9d669577b133a384
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 07:49:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
55960
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
135805
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:22 GMT
server
CloudFront
etag
"08d2c02a29371b9ae9063e68ffcaf88a"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
A6THOIc_JUwfCISMEmZlivFbMJ691BGzWeaxfRojJQkklEpnumR3VA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://supercoach.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 02:20:09 GMT
x-content-type-options
nosniff
age
507739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Feb 2024 02:20:09 GMT
ba57388c3d44b87341dc5e49c4cb78ad
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		26 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/ba57388c3d44b87341dc5e49c4cb78ad?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
78f435971e581d9b2f5c439af8bd45d67dd619d4bfe46bd9cad21e733d748a76

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:17:36 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-P1, SIN5-C1
age
293
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
ba57388c3d44b87341dc5e49c4cb78ad
x-cache
Hit from cloudfront
x-amzn-requestid
23410c86-00af-4cb3-a1e4-5d2486038f5a
x-newsapi-timestamp
2023-02-22T23:17:36.118166Z[UTC]
x-newsapi-traceid
997044526f738de4
x-amz-apigw-id
Aw5WjENLSwMFSiA=
content-length
6595
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
22
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:17:36 GMT
x-amz-cf-id
mgTrye0ISDuXCDbZyrtMa1wQLtsRTdlKV7yy6tDMXmEHtZXuDQeNLA==
expires
Wed, 22 Feb 2023 23:17:36 GMT
20be9908486ec37075f8ee7d11944ac5
d32guktqcrn2b4.cloudfront.net/v3/collections/ 		326 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/collections/20be9908486ec37075f8ee7d11944ac5?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
181fa83a06680650c0e2b20baefdb54f98d542cee596bbdd4cb1da88c71a6527

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:17:36 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, SIN5-C1
age
293
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
20be9908486ec37075f8ee7d11944ac5
x-cache
Hit from cloudfront
x-amzn-requestid
9dc43be8-ecf8-40df-9630-d0c918c73ab3
x-newsapi-timestamp
2023-02-22T23:17:36.476046Z[UTC]
x-newsapi-traceid
a63dbde774906609
x-amz-apigw-id
Aw5WjHkzywMF3iA=
content-length
19550
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
417
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:17:36 GMT
x-amz-cf-id
EgrylvQdUFKRCV_nNq7SU9284vb94L0PQa9TB_sUkWqHzfADd6xPCQ==
expires
Wed, 22 Feb 2023 23:17:36 GMT
a4fd0c1637800ad9b8e7c9222c862a9c
d32guktqcrn2b4.cloudfront.net/v3/collections/ 		367 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/collections/a4fd0c1637800ad9b8e7c9222c862a9c?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
6e7f4e5b7b6fba8fe6be832513c9a2bdc4aeb6f4e37ee20bbff9c6abbb0a674f

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:20:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, SIN5-C1
age
97
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
a4fd0c1637800ad9b8e7c9222c862a9c
x-cache
Hit from cloudfront
x-amzn-requestid
433d070b-c79a-45cf-afb5-0cbfb15582ab
x-newsapi-timestamp
2023-02-22T23:20:51.735832Z[UTC]
x-newsapi-traceid
9f372a6e83229c2
x-amz-apigw-id
Aw51EGi9ywMFp4g=
content-length
21249
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
372
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:20:51 GMT
x-amz-cf-id
9fKVAge14LbV9Ou2s64a4FsruF-Iqad6_GSgxh_9cBLQKWcTz0Tf7Q==
expires
Wed, 22 Feb 2023 23:20:52 GMT
51116fb4e343ec5901e36a06bb29d8c0
d32guktqcrn2b4.cloudfront.net/v3/collections/ 		108 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/collections/51116fb4e343ec5901e36a06bb29d8c0?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
b95044263f3f5e3922fc23918a43efa57b42d73c6ce374219e9b323770b3d438

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:20:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, SIN5-C1
age
97
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
51116fb4e343ec5901e36a06bb29d8c0
x-cache
Hit from cloudfront
x-amzn-requestid
3498fc31-d016-4f8b-897e-882162ad117b
x-newsapi-timestamp
2023-02-22T23:20:51.713153Z[UTC]
x-newsapi-traceid
dda08cef7c7e2a78
x-amz-apigw-id
Aw51GFlaSwMF8Cw=
content-length
6891
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
179
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:20:51 GMT
x-amz-cf-id
bHKWDSJkaZNfWPcnapSEB9BOQoWwZEWp8psr5TWpnkIDnifi0asYww==
expires
Wed, 22 Feb 2023 23:20:52 GMT
check_circle_icon.svg
supercoach.heraldsun.com.au/assets/sites/common/icons/ 		662 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/assets/sites/common/icons/check_circle_icon.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
ca62753320e665f9ba3578bed450c7133a325ad74057b5d9a411c005bf444ff1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:32:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
64212
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
662
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:03 GMT
server
CloudFront
etag
"435255a40dfea8c77f09e6fe61c5ba10"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
e6xYvXF0MJt1skvmuOejzBOEf6lR9uV8BAv5dOxLWukA3qTIzvqhxg==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
embed
omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/ Frame 8665 		369 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/vendor.67e707c093d4cf0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1b6dc9b42b86d5683ee9463cae1d8865287d99da99a526511b1f09d04e31c6e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://omny.fm;connect-src 'self' https: https://*.googletagmanager.com https://*.google-analytics.com;script-src 'self' https://www.google-analytics.com https://ssl.google-analytics.com https://*.googletagmanager.com https://static.cloudflareinsights.com 'sha256-6pA+OLZkWFNcDsOkbEY8B8aF2uV+AHr8J3RzrTdq8j0=' https://connect.facebook.net;style-src 'self' 'unsafe-inline';font-src 'self';img-src 'self' data: https://www.omnycontent.com https:;media-src 'self' https:;worker-src 'none';object-src 'none'

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=120
cf-cache-status
HIT
cf-ray
79db76cb89c25a85-MEL
content-encoding
br
content-security-policy
default-src 'self' https://omny.fm;connect-src 'self' https: https://*.googletagmanager.com https://*.google-analytics.com;script-src 'self' https://www.google-analytics.com https://ssl.google-analytics.com https://*.googletagmanager.com https://static.cloudflareinsights.com 'sha256-6pA+OLZkWFNcDsOkbEY8B8aF2uV+AHr8J3RzrTdq8j0=' https://connect.facebook.net;style-src 'self' 'unsafe-inline';font-src 'self';img-src 'self' data: https://www.omnycontent.com https:;media-src 'self' https:;worker-src 'none';object-src 'none'
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 23:22:29 GMT
last-modified
Wed, 22 Feb 2023 23:20:19 GMT
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex
classic_icons.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		10 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/classic_icons.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/vendor.67e707c093d4cf0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
c7f529f4d3725a569a24d24f4203ce0ff79d2b7ffca48a30ce7444728808fb2f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64429
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:20 GMT
server
CloudFront
etag
W/"ba4b8a5d1b58bc96087b118c5f663529"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
t1G5Zb8_acGW0Q3o2bYWS_O37njb2bP767dJ20IubL7hl8CQdxivTg==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
facebook_icon.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		341 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/facebook_icon.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
968c616f3fadaad9f59bf5572a74e9c94a2563d094e0f9c9f669a0ef1c6bd87e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:32:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
64212
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
341
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:20 GMT
server
CloudFront
etag
"9b0a0142bae6a4888d7866a8d4e5a677"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
r0hnQPpLDHP62onsV3Q5rCfvLk2IaiyTNFr6CTAiKbY3sN8ZxosIgA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
twitter_icon.svg
supercoach.heraldsun.com.au/assets/sites/common/icons/ 		952 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/assets/sites/common/icons/twitter_icon.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
7772e1b342f357e35fb462355432ffdb9dfae2263b99b4addd2c1ff95f4ab7cd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:32:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
64212
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
952
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:03 GMT
server
CloudFront
etag
"e2fb5def62bda5fc73d9fc8d3beb1562"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
F8IyYj58dmgV_MOeJoCZwFzUDhAKezBLiOEe2nV5xz1juEsmDK0ZNg==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
landing_promoicon1.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/landing_promoicon1.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
6e3c6e47d66f83b38e35d392575e43a35356de10f0246e001c2f7f411d0791f2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 07:49:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
55960
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:20 GMT
server
CloudFront
etag
W/"a2c9f46b46342ba1dcf93d1d5c36b431"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
u7N2z19zD2JiWAjJ-Cxvmla07ing-_lfgojyrBGe_KQ5xro9XTLVSw==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
landing_promoicon2.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/landing_promoicon2.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
736c7404f183cc3f13ccd9d0ff3a1b2045a2f3dd0130014354d3327e74237a7a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 07:49:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
55960
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:20 GMT
server
CloudFront
etag
W/"f3d0e2c056571afc32a32cd4de7c71fb"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
Y_ztElz970pbCq2hE6V2tHI-BWjI38kfgOYvRDGlbefXehuC6ALpHw==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
landing_promoicon3.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		10 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/landing_promoicon3.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
5e5f8726820e9fceadb021dcfb8f22324c0c6cefa269ed8d04c8420357a6b8d0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 07:49:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
55960
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:20 GMT
server
CloudFront
etag
W/"f32f81999141175969e45634243c82fe"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
z9zdaLJLUjrVyB_ImVczYZadLsaZCw2ONbEX_NHNU6ZEVhi_aAHRjw==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
landing_promoicon4.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		6 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/landing_promoicon4.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
cba86c0f026f9b8b1bccee7425c5995248755566cc59a8cc9878f520523d6961
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 07:49:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
55960
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:20 GMT
server
CloudFront
etag
W/"bdaa19774961b089c94ed902951cb5b5"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
fTO3P7P-nIlsLRB-_I5wYIt3XsvQ9eumsEDvOFN5gZLrwWfi04shpw==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
logo.svg
supercoach.heraldsun.com.au/assets/sites/news/images/mastheads/hwt/ 		18 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/mastheads/hwt/logo.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
df86ee1ff38b797cd52103e90a8f3ae36e86e48379461bd13e3da267c0f23312
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64429
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:21 GMT
server
CloudFront
etag
W/"5a86c8eecc9b165d58ec72141173a226"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
EpLc1rZ3laTyW5Oq2s6NvAzwLsFCMwyyy_LaL1K2lyTAr31OAsE3mg==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
vslogo.png
supercoach.heraldsun.com.au/assets/sites/news/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/vslogo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
1dabb10f9fbc8b4da438d3dd37af3f3202ac3184d83497536cdbaa1c12036a45
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
64430
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2588
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:22 GMT
server
CloudFront
etag
"5c250f930d84d098820ef2202e18988e"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
Phv7Sl44ixVHin1tIcU1PpAJfSy6xKClZ3Luu2F3vKywGzegLtZO-Q==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
supercoach_white_logo.png
supercoach.heraldsun.com.au/assets/sites/news/images/ 		14 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/supercoach_white_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
3e4ebcd05765b7a44a22a4e5bba0c6029d2f1ff6c2866619bcc0c328af0f911e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 07:49:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
55960
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14634
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:22 GMT
server
CloudFront
etag
"0dfaa3d4beb8fc32b1880e9482a8b75d"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
IIoJXT-tdHVEYQRJ94OrwdDeoczR0Zz7fucoZeltIelS3IVMjjvANw==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
sc_stats_black.png
supercoach.heraldsun.com.au/assets/sites/news/images/indexPage/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/indexPage/sc_stats_black.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
08424461d604369f06ece55690acc9f07d675f5433525cf544aef3e0ac48ac66
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:55 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
64414
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14860
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:21 GMT
server
CloudFront
etag
"000ebbe59a549eb84679141e98fe8a74"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
Q7QAtDQrZJNeWMX3qWV_EsnDlfD2fUgSzFqPpiAJWXhYdnV3V76BEA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
sc_mobile_logo.png
supercoach.heraldsun.com.au/assets/sites/news/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/sc_mobile_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
a18181c6470ff5f55ef69ab926e01d6b4dac897db3e6aeb953b91fafd086dcec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 07:49:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
55960
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3303
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:21 GMT
server
CloudFront
etag
"277bb156ab62350146b063db21678591"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
FSdQENAlqvwse45nH7iV3W7kar--8_gH1WQRrZzImk6GMRy_ZX8dOQ==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
kfc_supportingpartner.png
supercoach.heraldsun.com.au/assets/sites/news/images/sponsors/kfc/ 		6 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/sponsors/kfc/kfc_supportingpartner.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
523dd657c4dfc24fb3581266d122a1addd4afcf2a391002b2fb2747a7ee4c085
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
64429
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6482
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:22 GMT
server
CloudFront
etag
"105632685eead8d368a848e08c5359c5"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
PlEPH12vrTlfOufydMgI0Hi0aHIdRSPGZ9ej5hsmNwvv-Vte7VE28A==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		85 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/main.693938e49c49fd47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
904533dd74f54a6def75360f7e7793fbb83762aad9097f2601895c6960e784bc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:28 GMT
content-encoding
gzip
last-modified
Mon, 20 Feb 2023 03:58:46 GMT
server
AkamaiNetStorage
etag
"20a5317dea9f98180753fb35038d51c5:1676865526.849671"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
21834
expires
Wed, 22 Feb 2023 23:27:28 GMT
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16771081490770.523251565829741
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
73a2e968573cdebeb06619be73e0eed1863d513e6ff521fe671d9379f4315eeb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
839
expires
Wed, 22 Feb 2023 23:22:29 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
application/x-javascript
date
Wed, 22 Feb 2023 23:22:29 GMT
cache-control
max-age=41968
server
AkamaiNetStorage
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:29 GMT
server
AkamaiGHost
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://supercoach.heraldsun.com.au
cache-control
max-age=0, no-cache
content-length
65
mime-version
1.0
expires
Wed, 22 Feb 2023 23:22:29 GMT
utag.980.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.980.js?utv=ut4.46.201912020327
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
633481ce37a872535a865e6095f9612b179508e20e917ae63fcf9adc5f63ce16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 02:18:18 GMT
server
AkamaiNetStorage
etag
"37ebc9cecd3d8b69549cd235402265bc:1632190698.557474"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
4579
expires
Thu, 09 Mar 2023 23:22:29 GMT
cbd76663d97d6e4e.css
omny.fm/_next/static/css/ Frame 8665 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/css/cbd76663d97d6e4e.css
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7302d68eaa15a67a7cce67a4b5c226cdcfe546d37c56cdc21aec4e5ef5799bb2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:36 GMT
server
cloudflare
age
7245848
etag
W/"284c-184cdabc040"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d079a45a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
02a0d1f6add81187.css
omny.fm/_next/static/css/ Frame 8665 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/css/02a0d1f6add81187.css
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf16303d01177252671bfd19187a9da327f415095570b5467131e4b4b0e607a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:36 GMT
server
cloudflare
age
5619194
etag
W/"126b-184cdabc040"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d079a85a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
webpack-85728e56876881be.js
omny.fm/_next/static/chunks/ Frame 8665 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/webpack-85728e56876881be.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e8bde2a648a9e234472ec5f1316bdd57ab22d9d89a83a36192e980075b0c32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Feb 2023 12:29:46 GMT
server
cloudflare
age
1888645
etag
W/"1206-1860cf45a90"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d0ca095a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
framework-01abbd8e2ff6770a.js
omny.fm/_next/static/chunks/ Frame 8665 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/framework-01abbd8e2ff6770a.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea1b9f18cee0738c081464e9e858b9233873af009dbd436d3abae9371440c103

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:36 GMT
server
cloudflare
age
5476216
etag
W/"22704-184cdabc040"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d0ca0c5a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main-022e8259ff483e04.js
omny.fm/_next/static/chunks/ Frame 8665 		117 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/main-022e8259ff483e04.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69a20fd1d9704b066c532b34dabb78d00d163b8b701a16c5c83bce2f972a65a7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Jan 2023 09:46:14 GMT
server
cloudflare
age
3628100
etag
W/"1d26b-185a55f7270"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d0ca0d5a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
_app-f21101dfdff87f8e.js
omny.fm/_next/static/chunks/pages/ Frame 8665 		427 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/pages/_app-f21101dfdff87f8e.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67af5d26be860bfcb6d7db018155f558ff1dedaeafa98aca97e7042ca15924c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 10:49:40 GMT
server
cloudflare
age
168609
etag
W/"6acac-1867397e5a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d0ca0f5a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
672-8e87d114cbd038ad.js
omny.fm/_next/static/chunks/ Frame 8665 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/672-8e87d114cbd038ad.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56409900ffa5c01279fcfe9f156fe2aae0c9de26e10a39bb3b6c666826eea12e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Dec 2022 15:00:24 GMT
server
cloudflare
age
5607661
etag
W/"21cd-184ed1a2340"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d0ca105a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
8173-9ec53d9d4d3ec5eb.js
omny.fm/_next/static/chunks/ Frame 8665 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/8173-9ec53d9d4d3ec5eb.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db93ff8f6e0112424b4ace4a4b7688ac223517a4cf12e36bc8cac5edae07c38

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Jan 2023 10:39:26 GMT
server
cloudflare
age
3713207
etag
W/"f387-185a069cb30"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d0ca125a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1063-71b1355aace49f2e.js
omny.fm/_next/static/chunks/ Frame 8665 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/1063-71b1355aace49f2e.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdba86a2301573400c8eaaaf90d7660e27234413118c39b3618e8572c25c562f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:36 GMT
server
cloudflare
age
7245848
etag
W/"1e9b-184cdabc040"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d0ca135a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
9586-a98a161b5c678d14.js
omny.fm/_next/static/chunks/ Frame 8665 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/9586-a98a161b5c678d14.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1abf66584a146abcfa0a1635ede00e0dfce3844c436628a7edbb924bbb2d67a5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Feb 2023 15:35:50 GMT
server
cloudflare
age
1790973
etag
W/"e732-18612c50ff0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d0ca145a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
4072-2a051f3414b93e3d.js
omny.fm/_next/static/chunks/ Frame 8665 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/4072-2a051f3414b93e3d.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1484780c45d02ababcf072d136c2129f9406905d2e6e616746271b8ee0f257f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Dec 2022 15:00:24 GMT
server
cloudflare
age
6655489
etag
W/"10870-184ed1a2340"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d10a695a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
28-fc8d6921275b7a48.js
omny.fm/_next/static/chunks/ Frame 8665 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/28-fc8d6921275b7a48.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a143ca1ac0ac1866eb1e1532bbb7835b0b8597fa370fcf0283a6f3a21f67428

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:36 GMT
server
cloudflare
age
5607884
etag
W/"d51-184cdabc040"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d10a6c5a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
5320-f6d3b53d0eddf70b.js
omny.fm/_next/static/chunks/ Frame 8665 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/5320-f6d3b53d0eddf70b.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d568103e057eac05bc2f99b84bd3a783ea711059bd9e0056ec6af9f5c2461cec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Jan 2023 17:03:18 GMT
server
cloudflare
age
1536276
etag
W/"2947-185a6ef97f0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d10a6d5a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
8346-0de19e1aa8527fbb.js
omny.fm/_next/static/chunks/ Frame 8665 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/8346-0de19e1aa8527fbb.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6deeefb6cafea5221f3f64d75ce76e36959d58a55fea1515e216f7a42de4267

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:36 GMT
server
cloudflare
age
7245848
etag
W/"4d78-184cdabc040"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d10a6e5a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
8214-e86c5c24d6f505b9.js
omny.fm/_next/static/chunks/ Frame 8665 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/8214-e86c5c24d6f505b9.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6bdf9a5758c26137e3fb8bab7b67fb05cd507d374f3524fe056730d6e7c2660

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 10:49:40 GMT
server
cloudflare
age
168614
etag
W/"20ed7-1867397e5a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d10a6f5a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
664-b888ec84cd7d9c97.js
omny.fm/_next/static/chunks/ Frame 8665 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/664-b888ec84cd7d9c97.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c38a71b9483a8bb743b6dcb7835c7fb1d9c1902368efc2f3704232eee9433bf2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 05 Dec 2022 14:14:46 GMT
server
cloudflare
age
5525657
etag
W/"b4a-184e2a3a3f0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d10a705a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
3345-70f27f27d72bdf67.js
omny.fm/_next/static/chunks/ Frame 8665 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/3345-70f27f27d72bdf67.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df6da203d9b63b236ea56b22153bd7c21ff3a7b311a9a75ccfda97a37c3df6d5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 13:52:28 GMT
server
cloudflare
age
5515516
etag
W/"370a-18534f4f960"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d10a715a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed-f7eeac7ca87051d9.js
omny.fm/_next/static/chunks/pages/shows/%5BprogramSlug%5D/playlists/%5BplaylistSlug%5D/ Frame 8665 		459 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/pages/shows/%5BprogramSlug%5D/playlists/%5BplaylistSlug%5D/embed-f7eeac7ca87051d9.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59e252a74692a8029c6f1f033f68815f2781fbcb047327a49595bd88df50174d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Feb 2023 08:52:20 GMT
server
cloudflare
age
1814422
etag
W/"1cb-1861153a5a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d10a725a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
_buildManifest.js
omny.fm/_next/static/PL1ijeMIEy5rH-uYE1pNA/ Frame 8665 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/PL1ijeMIEy5rH-uYE1pNA/_buildManifest.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e329edbe678b8a3615eeff892d7c5094ee04bb6a7256a9ab5a8e1d4a6d51d4f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 10:49:18 GMT
server
cloudflare
age
168609
etag
W/"1194-18673978fb0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d10a745a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
_ssgManifest.js
omny.fm/_next/static/PL1ijeMIEy5rH-uYE1pNA/ Frame 8665 		77 B
194 B 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/PL1ijeMIEy5rH-uYE1pNA/_ssgManifest.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 10:49:18 GMT
server
cloudflare
age
168614
etag
W/"4d-18673978fb0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db76d10a755a85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
image.jpg
www.omnycontent.com/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/ Frame 8665
Redirect Chain
  • https://www.omnycontent.com/d/clips/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/fb8e765c-5a5f-4f6c-b794-afb000718708/image.jpg?t=1599022787&in_playlist=023c69e4-8322-4...
  • https://www.omnycontent.com/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/image.jpg?size=Medium&t=1599022787
59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.omnycontent.com/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/image.jpg?size=Medium&t=1599022787
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Server
52.84.45.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-80.mrs52.r.cloudfront.net
Software
cloudflare /
Resource Hash
7dd9adee5089f16796091e7f9b4df758cafb95bf7b3742709e4e237316f95f59

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 05:55:51 GMT
via
1.1 70c565ac15f71f0aa26aecd3763d4108.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
MRS52-P1
age
3346000
x-cache
Hit from cloudfront
content-length
60864
last-modified
Wed, 30 Sep 2020 14:56:34 GMT
server
cloudflare
etag
"0x8D86551065A732F"
access-control-max-age
86400
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
789c5d61df515c8c-FRA
x-amz-cf-id
iL5pvmQFiRxPyx06WElVaXwwz1H2zLxCmsm-pcC8YkCK4LDdMoUvyw==

Redirect headers

date
Wed, 22 Feb 2023 23:22:31 GMT
via
1.1 70c565ac15f71f0aa26aecd3763d4108.cloudfront.net (CloudFront)
cf-cache-status
HIT
server
cloudflare
x-amz-cf-pop
MRS52-P1
access-control-max-age
86400
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/image.jpg?size=Medium&t=1599022787
cache-control
public, max-age=60
x-cache
Miss from cloudfront
cf-ray
79db76d56b792c36-FRA
content-length
278
x-amz-cf-id
7OHVyrUhYOCVOAn4kOjER96heYGfcqAgBerAn1Hol574jKL50cNr0w==
players-cf
supercoach.heraldsun.com.au/2023/api/afl/classic/v1/ 		1 MB
66 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2023/api/afl/classic/v1/players-cf?embed=notes%2Codds%2Cplayer_stats%2Cpositions&round=0&xredir=1
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
9711945e90a656dc7c6e00b4b323adf711fb00d2b9f1fb3e231e3373eb0df5ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
link
access-control-allow-headers
authorization, content-type
x-amz-cf-id
BsFHUW_juhqK_5MWfv0C6FrhoVqLVR2myIZoIUeayfAdenyNG06hyA==
4f6f9883502761d51b9fb6023ef12671
content.api.news/v3/images/bin/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/4f6f9883502761d51b9fb6023ef12671?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a91c30598cdddf4e87ed879037c9fe0b11cb58fff18e9b2b19cd598e22a4b7f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
x-check-cacheable
YES
edge-cache-tag
4f6f9883502761d51b9fb6023ef12671
content-length
26150
last-modified
Wed, 25 Jan 2023 03:55:40 GMT
server
Akamai Image Manager
x-serial
1594
etag
59b381531b3e547f179a9db4bdfc8180-4f6f9883502761d51b9fb6023ef12671-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4915198
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Thu, 20 Apr 2023 20:42:27 GMT
ef1b67391056c374e9e8a49554be9526
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		62 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/ef1b67391056c374e9e8a49554be9526?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
7d63edf7f87aa61c04007b82979869e188abbe204bcaca04c6cad59e988a1bc5

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:20:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-P1, SIN5-C1
age
97
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
ef1b67391056c374e9e8a49554be9526
x-cache
Hit from cloudfront
x-amzn-requestid
61203597-f79d-48c7-ad52-cd02274148fe
x-newsapi-timestamp
2023-02-22T23:20:52.726652Z[UTC]
x-newsapi-traceid
2971627de594e5aa
x-amz-apigw-id
Aw51RGFGywMF6Fw=
content-length
10453
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
90
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:20:52 GMT
x-amz-cf-id
UR0mO3OmnKs3L1tilqWNHKELAvfkJQz-QmLJYZHLw2b2IiW2N5Eu1Q==
expires
Wed, 22 Feb 2023 23:20:52 GMT
d482264fb3944ec3e51145c8ae7169ff
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		65 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/d482264fb3944ec3e51145c8ae7169ff?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
827769c908fa8126c58d2dd7716a2150ec4395ed373035b5ec3164760218044f

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:20:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-P1, SIN5-C1
age
97
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
d482264fb3944ec3e51145c8ae7169ff
x-cache
Hit from cloudfront
x-amzn-requestid
19596b48-8621-458d-86cf-60583338a25d
x-newsapi-timestamp
2023-02-22T23:20:52.697851Z[UTC]
x-newsapi-traceid
a217a557c7e6976b
x-amz-apigw-id
Aw51RH8XSwMF21Q=
content-length
10890
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
39
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:20:52 GMT
x-amz-cf-id
fj19d0vtE2avtUq-NXCPD-Xhk8Vkpsf9oBbr3OHKyIHoDJigB-FGmw==
expires
Wed, 22 Feb 2023 23:20:52 GMT
01937bdd9dedfd26b9e05fee0d0231f9
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		61 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/01937bdd9dedfd26b9e05fee0d0231f9?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
eca790872a71c33c5c1c9f8f512e90d6098d460d15c1bb3c5c65e90c2d1e137b

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:20:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-P1, SIN5-C1
age
97
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
01937bdd9dedfd26b9e05fee0d0231f9
x-cache
Hit from cloudfront
x-amzn-requestid
41de889d-4a79-4508-b5c8-005c2e413c3c
x-newsapi-timestamp
2023-02-22T23:20:52.609675Z[UTC]
x-newsapi-traceid
21e91dcfedbfcbd5
x-amz-apigw-id
Aw51QH_mywMFhFg=
content-length
11083
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
25
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:20:52 GMT
x-amz-cf-id
f2HVivnnJ7573B01Vo1RTQO_NOP2a_PRdLtjGaA_HqG8zpDC63K6dA==
expires
Wed, 22 Feb 2023 23:20:52 GMT
8039f713cb1104b2d2ce1908bc423100
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		54 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/8039f713cb1104b2d2ce1908bc423100?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
b849b031ac7cfac8604135e7dea2d28d522b2689a9276e4d0b0c00dfb8157255

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:20:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-P1, SIN5-C1
age
97
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
8039f713cb1104b2d2ce1908bc423100
x-cache
Hit from cloudfront
x-amzn-requestid
8634b32f-2091-4c1a-82cf-fec4f1810022
x-newsapi-timestamp
2023-02-22T23:20:52.708388Z[UTC]
x-newsapi-traceid
f787d78dc5100738
x-amz-apigw-id
Aw51RH6BywMFr-w=
content-length
9716
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
28
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:20:52 GMT
x-amz-cf-id
CR7uS9BvGJ9vqiiTCSWhXBFE6ByHxTieZx3hnRjH6JNRZAcsjRnAqg==
expires
Wed, 22 Feb 2023 23:20:52 GMT
b09d9709ed9b9669aff58ee7803eebe7
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		79 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/b09d9709ed9b9669aff58ee7803eebe7?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
96d784299df20c5c1570d5d04a0a6c43f29d7c950355305ffa83a220bdfd2242

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:20:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, SIN5-C1
age
97
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
b09d9709ed9b9669aff58ee7803eebe7
x-cache
Hit from cloudfront
x-amzn-requestid
c1f47a9a-7f34-49d7-884f-562661485df0
x-newsapi-timestamp
2023-02-22T23:20:52.440189Z[UTC]
x-newsapi-traceid
47ff85da2e0f9d81
x-amz-apigw-id
Aw51PEJkSwMF8mA=
content-length
14252
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
30
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:20:52 GMT
x-amz-cf-id
1N7fjfOBQ9ZfD8XcFZNnXr3A9I7APoLbvemAhCxkMU-RtgdtP1LOqw==
expires
Wed, 22 Feb 2023 23:20:52 GMT
439049cac3d291ba56e6d838ac9fb561
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		85 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/439049cac3d291ba56e6d838ac9fb561?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
513567f0a1c3de9417ae31e22229e54b75812a12a6460343f4e965a49413ff9b

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:20:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-P1, SIN5-C1
age
97
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
439049cac3d291ba56e6d838ac9fb561
x-cache
Hit from cloudfront
x-amzn-requestid
57be8162-f2b0-4223-b52a-a02e9077b989
x-newsapi-timestamp
2023-02-22T23:20:52.276802Z[UTC]
x-newsapi-traceid
c7c1697d68dd67a7
x-amz-apigw-id
Aw51NH82SwMF0Wg=
content-length
19647
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
33
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:20:52 GMT
x-amz-cf-id
qpfMZWHnlMR0bMzTTVMPGzvreKkyQDmdmElSI4WwtKjTibVPv_Y2tw==
expires
Wed, 22 Feb 2023 23:20:52 GMT
468cc251ffe088dfe919e675b75c8696
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		60 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/468cc251ffe088dfe919e675b75c8696?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
f98f32da5345bbd9be694eab9f2632c8da0a3ba8e9d2722bac2547e7da3f0020

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:20:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-P1, SIN5-C1
age
97
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
468cc251ffe088dfe919e675b75c8696
x-cache
Hit from cloudfront
x-amzn-requestid
59b62e16-ce87-4120-968f-353e03757df0
x-newsapi-timestamp
2023-02-22T23:20:52.539534Z[UTC]
x-newsapi-traceid
f049b44c3be91579
x-amz-apigw-id
Aw51QGgDywMFbag=
content-length
13016
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
24
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:20:52 GMT
x-amz-cf-id
o1hEJeDMt4pim6X8nDrSp_Lp4iJCn-qVJfyP50wmXLDC0XcyynNK-g==
expires
Wed, 22 Feb 2023 23:20:52 GMT
3ca9bb74c42522cf6a91c846ef0ad5b3
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		87 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/3ca9bb74c42522cf6a91c846ef0ad5b3?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
db0831a34e819cfa5f97493b09468ef8c18d79c5da07498cee2a6a93ab491f48

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:20:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, SIN5-C1
age
97
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
3ca9bb74c42522cf6a91c846ef0ad5b3
x-cache
Hit from cloudfront
x-amzn-requestid
3d30c11e-7352-49c4-8b7f-e1aeb52739d2
x-newsapi-timestamp
2023-02-22T23:20:52.485355Z[UTC]
x-newsapi-traceid
818eda30a3dd29e6
x-amz-apigw-id
Aw51PEu4SwMF_4Q=
content-length
18015
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
30
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:20:52 GMT
x-amz-cf-id
5aPK-tNfkPrOKTSchzH484iOBoGDQyRRB1a7sn63Z0ZeJVDVb5r5DA==
expires
Wed, 22 Feb 2023 23:20:52 GMT
df005b948913ce10a9f8f66cd455e268
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		162 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/df005b948913ce10a9f8f66cd455e268?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
a425781e5011a59c6ff17f843db625b6043be7f1839dbbdf0037aa7d01a44c3a

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:20:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-P1, SIN5-C1
age
97
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
df005b948913ce10a9f8f66cd455e268
x-cache
Hit from cloudfront
x-amzn-requestid
b4b84624-75d6-49ab-983b-68ecf7698d3e
x-newsapi-timestamp
2023-02-22T23:20:52.419698Z[UTC]
x-newsapi-traceid
9521f3a4e20ce570
x-amz-apigw-id
Aw51OHJWywMFm6Q=
content-length
35281
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
63
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:20:52 GMT
x-amz-cf-id
K5-luNkEFN55-3JZjkven6FTWWzz_4HOg3LP_YlvLRu7DNnRmXp7vA==
expires
Wed, 22 Feb 2023 23:20:52 GMT
1823525c1b4d2f702c7b65929e577b45
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		71 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/1823525c1b4d2f702c7b65929e577b45?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
497d3d4831577f4709bd54ec99dfd082331edd599013d7911d5c812db2a9d47c

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:20:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, SIN5-C1
age
97
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
1823525c1b4d2f702c7b65929e577b45
x-cache
Hit from cloudfront
x-amzn-requestid
cd49ed2a-66bf-44c2-bc97-66983fbd61b9
x-newsapi-timestamp
2023-02-22T23:20:52.496095Z[UTC]
x-newsapi-traceid
bf65aacd12312aca
x-amz-apigw-id
Aw51PEDWywMFVqA=
content-length
16410
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
37
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:20:52 GMT
x-amz-cf-id
J1OzS1ppDg8feOrzpQKDRFG8EZ37wj6oDkhLJe4FZ2w4CtYOw37zxw==
expires
Wed, 22 Feb 2023 23:20:52 GMT
316aa97cc70dd9dafabb6a5c35e6016d
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		36 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/316aa97cc70dd9dafabb6a5c35e6016d?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
a3921275e306d0d74e1b313495d991946065661bf614742a9505f7ca274845cf

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:17:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, SIN5-C1
age
278
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
316aa97cc70dd9dafabb6a5c35e6016d
x-cache
Hit from cloudfront
x-amzn-requestid
317b88e7-2928-4ef0-98ab-abb18e77a442
x-newsapi-timestamp
2023-02-22T23:17:52.426653Z[UTC]
x-newsapi-traceid
5f3189df5b3ee45e
x-amz-apigw-id
Aw5ZGH_0ywMFp4g=
content-length
6240
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
25
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:17:52 GMT
x-amz-cf-id
TI2UoMc90xCmY555gZb0YBUlyQ0RrQhLVKCvQX7BRg-_K4AzmXbk7g==
expires
Wed, 22 Feb 2023 23:17:52 GMT
5cc4e6d27bbd77f4791ca6dad1416a75
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		56 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/5cc4e6d27bbd77f4791ca6dad1416a75?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
3d251f5ee1c4ed268ca1753204e8209ac779d7cd1ed7103967d6d03e91de609e

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:17:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, SIN5-C1
age
278
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
5cc4e6d27bbd77f4791ca6dad1416a75
x-cache
Hit from cloudfront
x-amzn-requestid
9419c6aa-f65f-495f-ae4e-76b61480f741
x-newsapi-timestamp
2023-02-22T23:17:52.414065Z[UTC]
x-newsapi-traceid
717e124a3e2f15d4
x-amz-apigw-id
Aw5ZGG6BywMF61w=
content-length
11354
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
35
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:17:52 GMT
x-amz-cf-id
Cz-cqUIT_pFUwKC0lt_Ouwf-hw4G6CqY9tKBI4o-dm8RPrZvb4CgHw==
expires
Wed, 22 Feb 2023 23:17:52 GMT
9098f1de5f9499f624dcb41fc67a00e5
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		75 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/9098f1de5f9499f624dcb41fc67a00e5?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
fc298c7755e31bf1ba06104b3af5ad3cd3515fb7a23688c3e5a576ed9f8afc86

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:17:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, SIN5-C1
age
278
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
9098f1de5f9499f624dcb41fc67a00e5
x-cache
Hit from cloudfront
x-amzn-requestid
243c28b4-f783-4719-8dd6-0b77ec40e0b9
x-newsapi-timestamp
2023-02-22T23:17:52.486718Z[UTC]
x-newsapi-traceid
89a183fa11619f18
x-amz-apigw-id
Aw5ZHH79ywMFbMw=
content-length
16153
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
28
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:17:52 GMT
x-amz-cf-id
F5Zd9ZnNyOOlM8-JPCFJqqBN9HVp9a3i8SWed_IsXhGH7WXWfOMqxw==
expires
Wed, 22 Feb 2023 23:17:52 GMT
22d1cf4dc6ac9770c09b9f7c74d7ca09
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		48 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/22d1cf4dc6ac9770c09b9f7c74d7ca09?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
7ba518735f5e5de6fe2af75b8550e0987dd5a9fbb83730a9f1cb652a69a97e93

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:17:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, SIN5-C1
age
278
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
22d1cf4dc6ac9770c09b9f7c74d7ca09
x-cache
Hit from cloudfront
x-amzn-requestid
717fc870-c1ff-403a-81f0-35356cb6f361
x-newsapi-timestamp
2023-02-22T23:17:52.450682Z[UTC]
x-newsapi-traceid
8b9c0f0dcdbf762e
x-amz-apigw-id
Aw5ZGHAESwMFtaw=
content-length
11516
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
46
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:17:52 GMT
x-amz-cf-id
0G7dR-fNHJOxAkqvjDVQc8pQo_1oYrLUEkgaQgdQJ1DWUbZEEhEOUA==
expires
Wed, 22 Feb 2023 23:17:52 GMT
1c725600676a9fbbcb68b1f2cd778c37
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		26 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/1c725600676a9fbbcb68b1f2cd778c37?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-167.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
a0fd23377bea298c10c9a673c34261eed03f6b33a326113335b5025a88a7a25c

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:17:52 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, SIN5-C1
age
278
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
1c725600676a9fbbcb68b1f2cd778c37
x-cache
Hit from cloudfront
x-amzn-requestid
295e95ac-45fa-4d9a-86d5-e0b15502ec2c
x-newsapi-timestamp
2023-02-22T23:17:52.435657Z[UTC]
x-newsapi-traceid
9277032718ce6590
x-amz-apigw-id
Aw5ZGFCCSwMFQbA=
content-length
5907
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
30
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:17:52 GMT
x-amz-cf-id
qK2Lx2yODKPc50NDejOYDcC8c3B0WD-1-Sy75biqPuOl5IpBunz2gg==
expires
Wed, 22 Feb 2023 23:17:52 GMT
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 02:18:16 GMT
server
AkamaiNetStorage
etag
"479ba55551c0a2369f399625b1c2c4ea:1632190696.475182"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
899
expires
Thu, 09 Mar 2023 23:22:29 GMT
utag.1139.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1139.js?utv=ut4.46.202301292355
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7f6008ca479fb9e50da5b7cee97fa7c1251f20373ab588273803f69545005080

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
gzip
last-modified
Sun, 29 Jan 2023 23:55:24 GMT
server
AkamaiNetStorage
etag
"1ad6bff54afa9220d8e2c6a5585c75b2:1675036524.06003"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1225
expires
Thu, 09 Mar 2023 23:22:29 GMT
utag.1140.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1140.js?utv=ut4.46.202301310444
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
25bb1113068c1c7b9996ee51c22119c5379c6284be87e4b4000596a777a522ab

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
gzip
last-modified
Tue, 31 Jan 2023 04:44:20 GMT
server
AkamaiNetStorage
etag
"c9e4c7d7f8131e8ac8e7728312ef39c8:1675140260.515455"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1077
expires
Thu, 09 Mar 2023 23:22:29 GMT
utag.1141.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1141.js?utv=ut4.46.202301292355
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b404b9a484eabf02274d1b2903119f3b3355ccda686cb1ca264b9e034496823

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
gzip
last-modified
Sun, 29 Jan 2023 23:55:24 GMT
server
AkamaiNetStorage
etag
"07f2c37c2d514060e67fcc1166094864:1675036524.223807"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1064
expires
Thu, 09 Mar 2023 23:22:29 GMT
utag.1187.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1187.js?utv=ut4.46.202302200358
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c00abf7da8a246c460de8fe5192f8850f247de82230d9d8b9f040ee6ddd853ce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
gzip
last-modified
Tue, 07 Feb 2023 00:30:43 GMT
server
AkamaiNetStorage
etag
"72156245336080cd097a0ecf0aed36b8:1675729843.630627"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
3642
expires
Thu, 09 Mar 2023 23:22:29 GMT
utag.1192.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1192.js?utv=ut4.46.202302200358
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fb8f7653f8e9eb5bb33992cce33fa43c3379d5aa1873ad36e6885a719f91ae66

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
content-encoding
gzip
last-modified
Mon, 20 Feb 2023 03:58:46 GMT
server
AkamaiNetStorage
etag
"b81ad4b34a92133c8e0f8a17e35a3fa9:1676865526.721149"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1027
expires
Thu, 09 Mar 2023 23:22:29 GMT
image.jpg
www.omnycontent.com/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/ Frame 8665
Redirect Chain
  • https://www.omnycontent.com/d/clips/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/fb8e765c-5a5f-4f6c-b794-afb000718708/image.jpg?t=1599022787&in_playlist=023c69e4-8322-4...
  • https://www.omnycontent.com/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/image.jpg?size=Thumbnail&t=1599022787
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.omnycontent.com/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/image.jpg?size=Thumbnail&t=1599022787
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Server
52.84.45.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-80.mrs52.r.cloudfront.net
Software
cloudflare /
Resource Hash
fe5b9fce5a9f999cf3d5e4778e38011c5a003ec08a1facdca8fa5690aabe654b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 04:01:21 GMT
via
1.1 70c565ac15f71f0aa26aecd3763d4108.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
MRS52-P1
age
2920870
x-cache
Hit from cloudfront
content-length
2493
last-modified
Wed, 30 Sep 2020 14:59:31 GMT
server
cloudflare
etag
"0x8D865516FB99DC3"
access-control-max-age
86400
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
78c4e88808899295-FRA
x-amz-cf-id
Sk7myF8YBi-US3WMu20fNhoun-xBx9iLdzMIYCjw6g7u02Rr2MV2gQ==

Redirect headers

date
Wed, 22 Feb 2023 23:22:30 GMT
via
1.1 70c565ac15f71f0aa26aecd3763d4108.cloudfront.net (CloudFront)
cf-cache-status
HIT
server
cloudflare
x-amz-cf-pop
MRS52-P1
access-control-max-age
86400
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/image.jpg?size=Thumbnail&t=1599022787
cache-control
public, max-age=60
x-cache
Miss from cloudfront
cf-ray
79db76d57a1f2bb6-FRA
content-length
281
x-amz-cf-id
eh9Ove59axDxMPSKIgGjdUs7ekJMGnyAc-qCB_OLYKXuZWHp-miokQ==
open-sans-latin-600-normal.0270e39b.woff2
omny.fm/_next/static/media/ Frame 8665 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/media/open-sans-latin-600-normal.0270e39b.woff2
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/css/cbd76663d97d6e4e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134

Request headers

Referer
https://omny.fm/_next/static/css/cbd76663d97d6e4e.css
Origin
https://omny.fm
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:18 GMT
server
cloudflare
age
5615627
etag
W/"419c-184cdab79f0"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
79db76d12ef529ab-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16796
open-sans-latin-700-normal.58fa2153.woff2
omny.fm/_next/static/media/ Frame 8665 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/media/open-sans-latin-700-normal.58fa2153.woff2
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/css/cbd76663d97d6e4e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3

Request headers

Referer
https://omny.fm/_next/static/css/cbd76663d97d6e4e.css
Origin
https://omny.fm
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:18 GMT
server
cloudflare
age
7245841
etag
W/"3fe8-184cdab79f0"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
79db76d13ef829ab-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16360
open-sans-latin-400-normal.abd3eb12.woff2
omny.fm/_next/static/media/ Frame 8665 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/media/open-sans-latin-400-normal.abd3eb12.woff2
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/css/cbd76663d97d6e4e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Request headers

Referer
https://omny.fm/_next/static/css/cbd76663d97d6e4e.css
Origin
https://omny.fm
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:29 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:18 GMT
server
cloudflare
age
5607867
etag
W/"4150-184cdab79f0"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
79db76d13efa29ab-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16720
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202302200358&cb=1677108150112
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Wed, 22 Feb 2023 23:32:30 GMT
B7670439;dcadv=4149947;sz=1x2;ord=631542279778.3805
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=631542279778.3805?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
cafe /
Resource Hash
938d6eea0a7c5a36e1d43a577fb0184836ebd74ed6751b2665b029e9aa572301
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13027
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-92560-41
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
213cb40fff694b43f72ec5ab10fc1f76340c8399a6c4a4b91dccc84c300cea1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44123
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 22:24:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Feb 2023 23:22:30 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.228.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-228-177.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 03:25:50 GMT
content-encoding
gzip
via
1.1 4e0b5cb07c18d66b4d938e898c1c7bf2.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:02:37 GMT
server
nginx
x-amz-cf-pop
SIN52-C3
age
71800
etag
W/"639218ad-11856"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
LwMeZ3WZPDl9wgK_g6Stz9eqLN4A3zIVr1v4yTwzCKBI64IuQ6KSiw==
expires
Thu, 23 Feb 2023 03:25:50 GMT
metrics.js
tags.news.com.au/prod/metrics/ 		185 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
eedd49621b38f275303c3f88a999ee576072d8e100aac6b0ce08e488682f0e42

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"1bf2800232147702827e8ee9c4c954ea:1676958133.735979"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=14144
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=18450
content-length
9840
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		75 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.162 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-162.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e7473c9f2a9669a45104b31ad19fc9c8570a8c0b710112402275fd686fda81c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
last-modified
Sun, 18 Dec 2022 11:30:40 GMT
server
AmazonS3
x-amz-request-id
8D3B045WC00VVMSR
x-amz-cf-pop
ATL58-P1
etag
"f1a4e674158b6b0ef75f5ba312c64b88"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
76452
x-amz-id-2
2XO/H9abSTvCKRI6it7Wfyv2F0CojzZwAAbpvi5GBSqcrGZ65zoiLFZsRDIIIca47zDlpvdnTEg=
x-amz-cf-id
md2IomCKvkUwbgUgM4j4zWMk08_MCs8d9CuVlVR-vTXUg024g3cQkA==
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-80.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 22:57:40 GMT
Content-Encoding
gzip
Via
1.1 bf928fe3a859cf8cab4cd81be24e61de.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Mar 2022 03:18:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN52-P1
Age
1491
ETag
W/"cd21e4d44772e851dcd7105fef09c01e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600
Connection
keep-alive
X-Amz-Cf-Id
pcil_NLQ74Q6JA6EhCJZ39T92c-YbzWXg6Q3hpTbQZrN80anXzLyNQ==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2023-02-22T23%3A22%3A30.120Z&country=au&newsconnectId=&fpid=
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.205.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-205-227.compute-1.amazonaws.com
Software
/
Resource Hash
efdf5d065d224a0bc5a15c4db8dad2cc0e1f84ae129bb1d4c284845e249ae327

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2830
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e978d238d5c41225bcd905cf8add12e444e2cf30f04691a949cebe0789f174c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
wjnDuuLX59sOKR5weVSPTApJevg8A974
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Feb 2023 23:22:30 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
76H9CQGN6N84752R
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
520
x-amz-id-2
jmQ57nMEZDmy5ZuqenpPvo8DuZLl+0vw7lJOlfVnli4Y5ly1Vi2FaU/X+3klgFcKEODCnMmbba8=
x-served-by
cache-fty21339-FTY
last-modified
Sun, 22 Jan 2023 10:32:35 GMT
server
AmazonS3
x-timer
S1677108151.815782,VS0,VE0
etag
"4e461faf14ac3f921d3adc4f754611d5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
177
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 11:21:55 GMT
server
cloudflare
x-amz-request-id
JV2RJXJ0QJCDP7AA
age
3138
etag
W/"7586740695219e27c1483ac351f18884"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
79db76d3afbefe99-MEL
x-amz-id-2
uOl/IPqMBEKxot042YnQYs1PUh4+xNknvHLXLEUgqC7xxb6ieRrF2nUSTRrOEoR8uAiR8k3B49I=
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-236.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Tue, 19 Apr 2022 03:11:13 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
20617
expires
Thu, 23 Feb 2023 00:22:30 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
550f31172d6616dd65b986ffed33b0d9400f220195367f15a980caa963349c75

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a274dbe4a9a49f23e9a2822ac546709e:1673918295.329898"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=18331
content-length
2302
tad.js
tags.news.com.au/prod/tad/ 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f222758f1d0f71c12e10a1bdaa04bf9e1f446d7de788103d3005676e513c4582

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"0f2a290097d04e7d48231b23f790d327:1676944410.172158"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=78309
content-length
33499
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
sffe /
Resource Hash
39b91692c06ed29cc94cac7da8112377fcf985c85d16f68f2068d6f89774298a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26490
x-xss-protection
0
server
sffe
etag
"1491 / 604 of 1000 / last-modified: 1677107120"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Feb 2023 23:22:30 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		193 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e8f128b01ba68dcfdc212758efdd805fa0a38585cf781400bddd050dc27dc35

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:44:25 GMT
content-encoding
gzip
via
1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront), 1.1 a3cd9a6705f4dbb064ddd133a5134142.cloudfront.net (CloudFront)
last-modified
Wed, 22 Feb 2023 21:30:53 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2, SIN2-P2
age
2286
x-amz-server-side-encryption
AES256
etag
W/"73a4291e0b24cc8bf12a18bcd544a2b9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
r_GSJnnRUYv9-R-PF_mO8MMJRZHws1g0H6dwEnmM5YXNq0qx2bgIHg==
prebid.js
tags.news.com.au/prod/prebid/ 		366 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a5e55cf5b1d1242200b67a7ae1da6953:1664416072.664196"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=18019
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		155 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.65.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-65-108.ccu50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1ed1677dc75607eb6865e91977014c05346e13285475a93ba4e8fcec5239a3a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
iWnu5yI2whAnqv8_WLKKBEkO8GRGD5MU
content-encoding
gzip
via
1.1 109b2eceef7fb10a2e6c25a9ef89fcca.cloudfront.net (CloudFront)
date
Wed, 22 Feb 2023 22:35:15 GMT
last-modified
Thu, 02 Feb 2023 07:04:38 GMT
server
AmazonS3
x-amz-cf-pop
CCU50-C2
age
2836
x-amz-server-side-encryption
AES256
etag
W/"760efa303068553e2a16d6a46f447be5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
CiJc3EiJ4NlYaYIm8Pg4pFvnh0zCmSkoRKJNU8p2bFhwTtUYf-eWnA==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
618843158ccc24172fe7ac6ab8b755bf371cf5965c469407613041778e43e503

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"bb52a37d45d417951a3c95a98cf1fbfd:1673855044.593883"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=17588
content-length
6076
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.100.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3528195e6af4e53d97fa596f8c6e62b517d884e584bfb3e4d5de348447842c59

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3030
cf-polished
origSize=5799
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-bgj
minify
last-modified
Wed, 22 Feb 2023 22:32:00 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VIhCL4qGZgLKHue1GjsUcdc8a9vFZPv2fJSFE5BJjotrdx04ku4wIhz3nkvrbywPp%2BXPfH%2Fycl%2FmSvzHS4TdabsprJyubGzhC4gySBGU%2BGuDcH9ZXxZMjKzQmfaWCjNIoH%2B4WCeKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
79db76d789f6df99-MEL
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 -, , ASN (),
Reverse DNS
Software
snooserv /
Resource Hash
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Mon, 23 Jan 2023 21:56:14 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"03d5db9dfd00a5719bb4c9261e6fa1bb"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7356
events.js
analytics.tiktok.com/i18n/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5SVI0J6V74OJ29IA6K0&lib=ttq
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1139.js?utv=ut4.46.202301292355
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.180.49 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a96-17-180-49.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e393fcd758d194e3cefada390712166d26e9ecdde99a987e4861e40bb73a686d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-akamai-request-id
5bc22b57.302a5f6
date
Wed, 22 Feb 2023 23:22:31 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a96-17-180-31.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time
225,96.17.180.31
server-timing
cdn-cache; desc=MISS, edge; dur=225, origin; dur=6, inner; dur=2
content-length
1141
pragma
no-cache
server
nginx
x-tt-logid
20230222232231A293A9457C5CA260EBD1
x-cache-remote
TCP_MISS from a23-218-222-21.deploy.akamaitechnologies.com (AkamaiGHost/11.0.1-46623256) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
6,23.218.222.21
x-tt-trace-host
01f3257378d465fc4b4694cfa18dcad7111d6ed383c0c9d2df91b6990a8ec5b914831b81215f1cb29bf7863354d8d5388b8be90e6cc1c1ce8aa1cddd79fac323e97911b512bb6eca4a86de6454b65db8b3c9307e74251f7615a038b6ea5e4da62fe54ffb34f0ca6833c4c0ab7947394551
expires
Wed, 22 Feb 2023 23:22:31 GMT
scevent.min.js
sc-static.net/ 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.14.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-14-254.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
e2adb933987ecc1b413c1ad0d5024757f89f224afccc19d42f8c4c322aef7ea3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
content-encoding
gzip
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN5-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
13327
x-amz-cf-id
0Ff_HncBkzE8j7HdPCBSjphTp1flbIvJwaWgIHoTPL6MWJwrg7HVZQ==
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 22 Feb 2023 23:22:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27843
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
YRaDH9mOp/eagYnBlAA0ZVTJBI8uJV6GBlxEGImv4hgDUWk5XHLvjFqKLBJ80lU4SbnLC34taFC+zYIcGWeS/A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
548340344
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.44.157 , Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 15:55:14 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100040-IAD, cache-qpg1249-QPG
/
o479328.ingest.sentry.io/api/6149200/envelope/ Frame 8665 		2 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o479328.ingest.sentry.io/api/6149200/envelope/?sentry_key=26e057be21a84efb8189b730ef099727&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.35.0
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/chunks/pages/_app-f21101dfdff87f8e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://omny.fm/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://omny.fm
access-control-expose-headers
x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
waveform
www.omnycontent.com/d/clips/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/fb8e765c-5a5f-4f6c-b794-afb000718708/ Frame 8665 		21 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.omnycontent.com/d/clips/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/fb8e765c-5a5f-4f6c-b794-afb000718708/waveform?t=1676962466&token=O9qphO3y9WnRnGvwehzQ54FoDittZhut
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/chunks/pages/_app-f21101dfdff87f8e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-80.mrs52.r.cloudfront.net
Software
cloudflare /
Resource Hash
c0509ee503a40ffc0cf58e1d7b9a6225dd915f67101f426176f662b3b7f55b41

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 07:00:17 GMT
content-encoding
gzip
via
1.1 0b2f0b4cff86a910cb2f7990385ac516.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
MRS52-P1
age
145334
x-cache
Hit from cloudfront
last-modified
Tue, 21 Feb 2023 06:54:26 GMT
server
cloudflare
etag
"0x8DB13D878EA1C05"
access-control-max-age
86400
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
79cd9aaa7db43735-FRA
x-amz-cf-id
jP4P1hkxMasx_KnmCoUXVh3xGvJijPRg0CQenKf90IqqK3UNS4syoQ==
newsicon_afl.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/newsicon_afl.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
d5719bfe9c1f816ff3f05f8b4fe76e7747f4224b1f7bfd72a136f20465764c65
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:41 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64430
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:21 GMT
server
CloudFront
etag
W/"d3c5b5d94c135cf5c965ef297da0e889"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
eDk1FV0bULE5S5talNbwr8lsztH0IR4xgte0G-cOhvxXf3pEWsUHVA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
newsicon_nrl.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/newsicon_nrl.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
1bfd4de1ee974914b69d3692bd5cfcf13ba3a1c6a5fc47a6e0691f79ca19b71f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:09:52 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
4359
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:21 GMT
server
CloudFront
etag
W/"56096738e5f008f5af11e20dfe5e9fff"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
hHr18eS5NsbZPt2WNcQyUF868zip1TVSQSOn4lEomAa-feFnCobs6A==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
newsicon_bbl.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/newsicon_bbl.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
83472595381fbd93444a79e1db9b41468ecd1c5a56f874f3cc43797253900dc3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:41 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64430
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:21 GMT
server
CloudFront
etag
W/"cd1b7c9ea10fa3ac28fd7422bf417f50"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
MyFawt68yp0GL5zDyVTeD9ZKfDnKtxHIJSWpBaV4GlJYH70-yaMBlQ==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
dbde80988e5f6124e7fb873fc34253fc
content.api.news/v3/images/bin/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/dbde80988e5f6124e7fb873fc34253fc?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c6f09adec78e811410b127829b9855178c6fc3ced22876b81a0e249be4253ddd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
x-check-cacheable
YES
edge-cache-tag
dbde80988e5f6124e7fb873fc34253fc
content-length
139178
last-modified
Wed, 22 Feb 2023 19:00:52 GMT
server
Akamai Image Manager
x-serial
931
etag
47094493f1a57c66c5befc1b773621dc-dbde80988e5f6124e7fb873fc34253fc-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5168320
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 23 Apr 2023 19:01:11 GMT
837d8e3f72997bf68d81d42d13a36fe4
content.api.news/v3/images/bin/ 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/837d8e3f72997bf68d81d42d13a36fe4?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
1873c94c42119ef95ad52d8c28bc79e8d80402b2c7953f5031d3ee499f195f26

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
x-check-cacheable
YES
edge-cache-tag
837d8e3f72997bf68d81d42d13a36fe4
content-length
133647
last-modified
Wed, 22 Feb 2023 05:13:34 GMT
server
Akamai Image Manager
x-serial
821
etag
92d2996840612d559531b32f6b1f07b4-837d8e3f72997bf68d81d42d13a36fe4-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5118606
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 23 Apr 2023 05:12:37 GMT
8202070069041c90c70807a73937f090
content.api.news/v3/images/bin/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/8202070069041c90c70807a73937f090?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b0651ca51c66d069097a44e700ce92c4af40b42987d181891e3eb42ef7184495

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
x-check-cacheable
YES
edge-cache-tag
8202070069041c90c70807a73937f090
content-length
74372
last-modified
Wed, 22 Feb 2023 04:42:58 GMT
server
Akamai Image Manager
x-serial
1942
etag
e2aae58b7755e99e4a79bdeec35105dd-8202070069041c90c70807a73937f090-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5116908
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 23 Apr 2023 04:44:19 GMT
c41f0a864e359cdeeda6683bdfee4a51
content.api.news/v3/images/bin/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c41f0a864e359cdeeda6683bdfee4a51?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4234887a4c9024f9814bbd722d45b89a2e547abe0f842bcdce29f277cbed9666

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
x-check-cacheable
YES
edge-cache-tag
c41f0a864e359cdeeda6683bdfee4a51
content-length
42640
last-modified
Wed, 22 Feb 2023 04:27:40 GMT
server
Akamai Image Manager
x-serial
1913
etag
f26b58751d2bf3b2875c4d855927103e-c41f0a864e359cdeeda6683bdfee4a51-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5115804
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 23 Apr 2023 04:25:55 GMT
20c5d243fec4bc6a15e15d74800d00a7
content.api.news/v3/images/bin/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/20c5d243fec4bc6a15e15d74800d00a7?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d1cd1732afda8d086bca8281a43e3b622a0f1ad8b145686a9334a86dbe056254

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
x-check-cacheable
YES
edge-cache-tag
20c5d243fec4bc6a15e15d74800d00a7
content-length
96009
last-modified
Wed, 22 Feb 2023 02:31:31 GMT
server
Akamai Image Manager
x-serial
1087
etag
aae9e29a8dfe1768b5b5fb5b0357652e-20c5d243fec4bc6a15e15d74800d00a7-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5108898
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 23 Apr 2023 02:30:49 GMT
799652a33adfce158f40c8411b1af531
content.api.news/v3/images/bin/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/799652a33adfce158f40c8411b1af531?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ec9135edd58a3a2a6bfe25e9598c31fa8f48c5c84e8c8c3b79508742c0fe446a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
x-check-cacheable
YES
edge-cache-tag
799652a33adfce158f40c8411b1af531
content-length
124341
last-modified
Wed, 22 Feb 2023 00:54:54 GMT
server
Akamai Image Manager
x-serial
1125
etag
49279844daddbcf6cbc49dc4ee4cd0e4-799652a33adfce158f40c8411b1af531-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5103163
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 23 Apr 2023 00:55:14 GMT
b94cbf05ef21ff2f6c16be3c9d579b16
content.api.news/v3/images/bin/ 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b94cbf05ef21ff2f6c16be3c9d579b16?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
52c784d524d2524b2da9d5951e288bf76a88929c42aa9db1d365602da50a28da

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
x-check-cacheable
YES
edge-cache-tag
b94cbf05ef21ff2f6c16be3c9d579b16
content-length
153504
last-modified
Tue, 21 Feb 2023 19:01:37 GMT
server
Akamai Image Manager
x-serial
623
etag
9fda5ea9ecf6789dc500947f019278d8-b94cbf05ef21ff2f6c16be3c9d579b16-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5081953
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 22 Apr 2023 19:01:44 GMT
1068f883a1ebc585c9e31d9060a19140
content.api.news/v3/images/bin/ 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1068f883a1ebc585c9e31d9060a19140?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8224ff2bc3b73463011b9139a89a4a195d749e3ab63d286406d70696458e3bc7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
last-modified
Mon, 13 Feb 2023 23:50:40 GMT
server
Akamai Image Manager
etag
d89d7b1c6587118e4f0887a04421dd08-1068f883a1ebc585c9e31d9060a19140-1280
edge-cache-tag
1068f883a1ebc585c9e31d9060a19140
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4407978
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
153638
expires
Fri, 14 Apr 2023 23:48:49 GMT
57f65806dad1733646085d82b76512a6
content.api.news/v3/images/bin/ 		151 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/57f65806dad1733646085d82b76512a6?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
65623ba024c39f3e0fd17ce630f541d895db058b82ed92c78be467707add0d78

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
last-modified
Tue, 21 Feb 2023 19:12:28 GMT
server
Akamai Image Manager
etag
f5b88d70bbd8830687f933c848912f48-57f65806dad1733646085d82b76512a6-1280
edge-cache-tag
57f65806dad1733646085d82b76512a6
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5082474
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
154388
expires
Sat, 22 Apr 2023 19:10:25 GMT
scplus_article_tab.jpg
supercoach.heraldsun.com.au/assets/sites/news/lobby/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/lobby/images/scplus_article_tab.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
a75147c46eb6d05dacd09e3990e7710cd2be3820344bb328a47967c764bd418d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:41 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
64430
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5296
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:22 GMT
server
CloudFront
etag
"6b9c0e773ee39a7785b9c383c38a281a"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
j9RmyHrLglGGBLj5agiJm7qpI2eQJiGliUaJProq0WS4520ZSvSdYg==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
fd1eea77d2efb0a6c172bb44fc1c671c
content.api.news/v3/images/bin/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/fd1eea77d2efb0a6c172bb44fc1c671c?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e532c7c8985c6dc16308e53737a3ec58f9d55b1c28238382e0a14ff753fd2e14

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
x-check-cacheable
YES
edge-cache-tag
fd1eea77d2efb0a6c172bb44fc1c671c
content-length
88625
last-modified
Mon, 23 Jan 2023 00:44:47 GMT
server
Akamai Image Manager
x-serial
492
etag
06a2fe59f8f1cbde37ff246d35c3cbb4-fd1eea77d2efb0a6c172bb44fc1c671c-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5010350
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Fri, 21 Apr 2023 23:08:21 GMT
d7b0e940b1b174a6c0a615ce9ec97905
content.api.news/v3/images/bin/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/d7b0e940b1b174a6c0a615ce9ec97905?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
53486081237ff1c635b6e07b05c6f1ff37e24d49c861ae550cdc562246729a4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:32 GMT
x-check-cacheable
YES
edge-cache-tag
d7b0e940b1b174a6c0a615ce9ec97905
content-length
138524
last-modified
Mon, 23 Jan 2023 01:40:23 GMT
server
Akamai Image Manager
x-serial
479
etag
811a593e6d65fae5a44b11d5a753ee4b-d7b0e940b1b174a6c0a615ce9ec97905-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4700700
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 18 Apr 2023 09:07:32 GMT
739588a0bab8fd90f5c19ecc30c7e151
content.api.news/v3/images/bin/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/739588a0bab8fd90f5c19ecc30c7e151?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b11ba2b47d13da58bc505154d1c99abd2850b726ced6a63d94859e39f6433e6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:32 GMT
last-modified
Mon, 23 Jan 2023 00:44:48 GMT
server
Akamai Image Manager
etag
38b317b2ff8c521c257d5d22340be4d5-739588a0bab8fd90f5c19ecc30c7e151-1280
edge-cache-tag
739588a0bab8fd90f5c19ecc30c7e151
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5183948
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
71572
expires
Sun, 23 Apr 2023 23:21:40 GMT
04e15490a8916f35ca794f08c55a6a64
content.api.news/v3/images/bin/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/04e15490a8916f35ca794f08c55a6a64?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6928d0fe26953781fdfc16657a58aab75b5801e7fe3b88700225e70dd3850dc7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:32 GMT
last-modified
Mon, 23 Jan 2023 00:44:48 GMT
server
Akamai Image Manager
etag
9064301da5165a43b7d132964f79e1e3-04e15490a8916f35ca794f08c55a6a64-1280
edge-cache-tag
04e15490a8916f35ca794f08c55a6a64
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4686810
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
103301
expires
Tue, 18 Apr 2023 05:16:02 GMT
c0e5438b14145fd71e0dd8a921411e9c
content.api.news/v3/images/bin/ 		251 KB
252 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c0e5438b14145fd71e0dd8a921411e9c?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8fb97144f37a70f7294a7fbd2ac3505a00cd8be084fa2935cc25557bc19c9e9d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
x-check-cacheable
YES
edge-cache-tag
c0e5438b14145fd71e0dd8a921411e9c
content-length
256844
last-modified
Mon, 23 Jan 2023 00:44:49 GMT
server
Akamai Image Manager
x-serial
1292
etag
7f1832dd8c6ef0ff2a80eaff4ccea27a-c0e5438b14145fd71e0dd8a921411e9c-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5010362
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Fri, 21 Apr 2023 23:08:33 GMT
P16C8D000-5514-4C76-9A96-5F57C2693396.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/P16C8D000-5514-4C76-9A96-5F57C2693396.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.126 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b50552563c561fbf9ed331d948cafc003ad18b2fed2c2860c5d2cc61b9516df6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
NDU6KfVVEfb66wlW6qjgPqsmehwgw2ff
content-encoding
gzip
via
1.1 f28347a3148f4f8fa1d930375689073c.cloudfront.net (CloudFront)
date
Wed, 22 Feb 2023 22:40:52 GMT
last-modified
Wed, 22 Feb 2023 19:15:31 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
2501
x-amz-server-side-encryption
AES256
etag
W/"49629aa0e91f063e57d458bf6d33a6e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
aHVyI1N3VyFE-osdp1ApRMNHDzMeePHyEk6-jZOGwII4cSiWjQY2Vw==
door.js
au-script.dotmetrics.net/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13522
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.6 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
f34bffa49ea9fb0de7f7d19a43b041ad8d4cce34bdbe82dd8a9110003fc397b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:32 GMT
content-encoding
br
via
1.1 70baa6f69f875c9e172c9118322fd6b4.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN5-C1
etag
"13522...221.2023022223"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
DLHXoD0PoFaRcQUnSvI_6h2kJXeDadS90GyAHw_30t8Pz2gwFLGTew==
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.83 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Sat, 18 Feb 2023 02:41:59 GMT
Content-Encoding
gzip
Via
1.1 f2f73edfafc086543441bca742024226.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
420034
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
dBbJdh5Mp_MQUK4VWogZoD2ArVfLaa6Jg49dSf6jNpw5XTyWa9bxyA==
1757731811273228
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1757731811273228?v=2.9.96&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.15.13 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
3bde7963c6171f24a8b6289eeec6af3276293c0f5a8abf95705d2ebce94687fe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 22 Feb 2023 23:22:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110200
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
2u12NrE4dxNjxiWmEnz/Bqo/w2CuDDKG9cCKbXjtcQUM4W2tc/r4tUTpfmgyJdx1/SOw26+O+/0NgdJfBYMbZg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1677108150522
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1677108150522
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1677108150522
Protocol
HTTP/1.1
Server
52.41.41.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-41-200.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b7741d75a84fd1af7beb740e1efd7d9b2313991bf5445c7cee768b31e532a156
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v042-0e694790c.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
VYKEJzIRSKg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://supercoach.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1566
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v042-066cddaad.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
GdnGk61vTmw=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://supercoach.heraldsun.com.au
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1677108150522
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230222
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68b299dbf020512e4a72f4f18f3346d2f8cb37d039dcc3c41ae69500dc3779a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26418
x-jsd-version
1.0.1626
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4578-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63d-VsJrHodLs7s+N1M8TxYuw4EuFxc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPV8R%2Fpr4HFg66JPeQI%2FT6S1IQV5pn30P%2FyQekiYGCUtHAoH9VyPp92ijBvIAVc9ke839I5SYj%2FSjys%2BZKn9%2FHAetaxZW4Q9v%2FQo%2BYTDmvmQGHTsiaRGtIFZO%2FUSibZGYBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
79db76d67894df24-MEL
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230221/r20110914/elements/html/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230221/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=631542279778.3805?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
7373
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Mar 2023 21:19:39 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssSI5IQQZpDCldGuIFUF7O_xcIIiakVS4eB4CtyDVtGlNv-erb0XqkohAO6QCeHIrD9VYIx64EZsdLRtjqSasJ41F31ijHtZduNFTGMT8iL4kh3Pw0zNr_uUEcRlki7ZSZrVEWlYYm2Grh1NQyX9DFMpj53T1PkjhFgcguBzBwUhlg&sai=AMfl-YSJbtnf0VvjtpbQYotwMj2-CkIcFvD5eVuPOkG3s4m2iJV3nE8VRuUma2QNpvS-W5EdVR1HCUEnaUSdZ7GEC4DTQrpovFgObYZelg&sig=Cg0ArKJSzCHXD7zxOR57EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20230221.65607&arae=0&ftch=1&adurl=
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 22 Feb 2023 23:22:31 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=McTAWC5LLhYBvR4bR&d=supercoach.heraldsun.com.au&g=36976&g0=sport%2Clobby%2Csupercoach%2Clobby%2Cindex%2Cindex%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&b=6337&t=CeGjQzDJ4ox2Cjbk_mr0z06BmeCsi&V=139&i=The%20Herald%20Sun%20KFC%20SuperCoach&tz=0&_acct=anon&sn=1&sv=DI9oDOCHUkOTMlle7s0pTfC8T5qe&sd=1&im=06030402&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.185.247 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 22 Feb 2023 23:22:32 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
pubads_impl_2023021601.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
sffe /
Resource Hash
48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 02:39:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333801
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132097
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 09:35:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 19 Feb 2024 02:39:09 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		877 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=supercoach.heraldsun.com.au
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
9356c90bff9a3cfcc6d370026ec50d06645b3d32fcd0e432754f37d228fd8c2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
374
x-xss-protection
0
expires
Wed, 22 Feb 2023 23:22:31 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92560-41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.102 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 21:28:00 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6872
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 22 Feb 2023 23:28:00 GMT
js
www.googletagmanager.com/gtag/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820460034&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92560-41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e684d2857d4db1478ffad8bfae1d6a5f3d2e07100e77407807f94b56eff23dcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68007
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 22:24:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Feb 2023 23:22:30 GMT
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:31 GMT
server
AkamaiGHost
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://supercoach.heraldsun.com.au
cache-control
max-age=0, no-cache
content-length
65
mime-version
1.0
expires
Wed, 22 Feb 2023 23:22:31 GMT
generic1674383553611.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		487 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1674383553611.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09ef3185c70b92a89a42173554dcba0971bf6ff6807d8f2beb587eb211e38f8a
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
0wZilUcGsyckGx01p39NxpbwhrSxV942
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Feb 2023 23:22:31 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
GBESHFV6FGFEHJ8W
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
88281
x-amz-id-2
p4R7eKE2e0eShp3EkcHAdhekbVsnO9MdxNo2oXw3ge6KK84ZckJdCYfK6f9+qIvixclcJfb1LZg=
x-served-by
cache-fty21339-FTY
last-modified
Sun, 22 Jan 2023 10:32:34 GMT
server
AmazonS3
x-timer
S1677108151.092569,VS0,VE0
etag
"e21656fa738b009380658ddab017d746"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
64
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=e1da4b85bea80c69a08cbbfb4eb24b4d&timewithTz=2023-02-22T23:22:30.120Z&country=au&newsconnectId=&fpid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.205.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-205-227.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1757731811273228&ev=PageView&dl=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&rl=&if=false&ts=1677108151041&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.2.1677108151039.963119141&it=1677108150513&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.35 -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 22 Feb 2023 23:22:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=supercoach.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.100.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a0eff8d578577ca7cf7d54651522fee8cea920311819b9ded36c4a2bd042e6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2524
cf-polished
origSize=47061
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-bgj
minify
last-modified
Wed, 22 Feb 2023 22:40:27 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8FFYqOyAelb4pl0f2UQRV9wHoi92m9WI5%2B49XHPRQGzP5XMGhAbiHiH1fglNshGEkTqgkuaQRnY3%2FkNSr%2FiBHzWLDmXsymx%2BilqC5POgxPmkF0%2Fot3YmC8Jnv5rupy%2FyjveERYcVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
79db76d85aabdf99-MEL
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame AE05 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-80.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
1168
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 22 Feb 2023 23:03:04 GMT
ETag
W/"748ca6666533691c2a9fad2f102bc379"
Last-Modified
Mon, 21 Mar 2022 03:18:39 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
X-Amz-Cf-Id
8a6bEaixVm-A4-hhab4wI-9XiemiBRqhTyWC5Y3laR_kp6tLRcqlvA==
X-Amz-Cf-Pop
SIN52-P1
X-Cache
Hit from cloudfront
config
c.amazon-adsystem.com/cdn/prod/ 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fsupercoach.heraldsun.com.au
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:19:55 GMT
via
1.1 a3cd9a6705f4dbb064ddd133a5134142.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
age
7356
x-cache
Hit from cloudfront
access-control-allow-origin
https://supercoach.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
jWWJ6l4uNUkQz_ernaopq_W_Xw06icF70qEOxoS26LSWBcuR7v5Dyw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
pfXD8LfbTWwWYbVa8nASYbe6_QUldhGN
content-encoding
gzip
via
1.1 4187f012ebd71eb85a8870ea46453784.cloudfront.net (CloudFront)
date
Wed, 22 Feb 2023 01:26:38 GMT
x-amz-cf-pop
SIN2-P2
age
78954
x-cache
Hit from cloudfront
last-modified
Wed, 15 Feb 2023 23:43:01 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
bRdD9VmS7hnLcQ7TfoxRcVwLzVgaypl6v--yT_gchu0eV_1sgIsDww==
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.162 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-162.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
64bef2d8024ff0095b597adc6b85c3ea22a68bc266e7bd22d49d90e7abdefa82

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
o4WHKo6MX2y.6aPGAnmLcU3LE.8_U3Hj
content-encoding
gzip
date
Wed, 22 Feb 2023 23:22:31 GMT
last-modified
Wed, 07 Dec 2022 22:44:24 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
etag
"4a5e4a11bf4a74aeb574379e169fa679"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=548
accept-ranges
bytes
x-amz-cf-id
9DMyOvo2xfZsgrTFUXhwuFHR9D85RJ-z_U8I4Se0MfP4sO5GCj5eTw==
content-length
1284
c.js
collector.brandmetrics.com/ 		0
143 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=supercoach.heraldsun.com.au&rnd=4090292
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=supercoach.heraldsun.com.au
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.2.28 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
date
Wed, 22 Feb 2023 23:22:33 GMT
content-length
0
content-type
text/javascript;charset=utf-8
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820460034/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820460034/?random=1677108151221&cv=11&fst=1677108151221&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tiba=The%20Herald%20Sun%20KFC%20SuperCoach&did=dYmQxMT&gdid=dYmQxMT&auid=1959340865.1677108151&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820460034&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
4af80fe1048b4d306169e5376911724488f1575da7e1e620e22762e97e53891f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
893
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
701.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a2c5b0062c8c8e6e051deda1a8be773b4433371035d8d8de4975bc4f7bbc530
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Feb 2023 23:22:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://supercoach.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Feb 2023 23:22:31 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://supercoach.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		113 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&pid=elM89adfDkkpN&cb=0&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fsport.supercoach%2Flobby%2Fheraldsun%2Fhome%2Fnull%2Fnull-ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22728x1%22%5D%2C%22sn%22%3A%22%2F5129%2Fsport.supercoach%2Flobby%2Fheraldsun%2Fhome%2Fnull%2Fnull-ad-block-728x90-1%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.163 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:32 GMT
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://supercoach.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
113
x-amz-cf-id
lreWSd8mIOsh71QsmXDysfLa7WygLC9jqN_HE4fdw0_Nloq9eEGHcQ==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		503 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&p_pos=atf&rf=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&kw=Fantasy%2CFantasy%20Team%2CFantasy%202022%2CSuperCoach&tg_i.adl=false&tg_i.pagetype=index&tg_i.sec1=sport&tg_i.sec2=lobby&tg_i.pos=1&tg_i.kw=Fantasy%2CFantasy%20Team%2CFantasy%202022%2CSuperCoach&tg_i.ad_unit=%2F5129%2Fsport.supercoach&tg_i.pbadslot=%2F5129%2Fsport.supercoach%2Flobby%2Fheraldsun%2Fhome%2Fnull%2Fnull%23ad-block-300x250-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=e635993b-0471-4c90-9055-018b5e8f9d02&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fsport.supercoach%2Flobby%2Fheraldsun%2Fhome%2Fnull%2Fnull%23ad-block-300x250-1&slots=1&rand=0.012984400752896308
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
24877a126b10a864b298c449c4f94706d4851fe20965e1a4bdc3b668ac2eac17

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:32 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://supercoach.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
503
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		501 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&kw=Fantasy%2CFantasy%20Team%2CFantasy%202022%2CSuperCoach&tg_i.adl=false&tg_i.pagetype=index&tg_i.sec1=sport&tg_i.sec2=lobby&tg_i.pos=2&tg_i.kw=Fantasy%2CFantasy%20Team%2CFantasy%202022%2CSuperCoach&tg_i.ad_unit=%2F5129%2Fsport.supercoach&tg_i.pbadslot=%2F5129%2Fsport.supercoach%2Flobby%2Fheraldsun%2Fhome%2Fnull%2Fnull%23ad-block-728x90-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=89424d7e-6c9f-44ff-829e-d60ca85151c4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fsport.supercoach%2Flobby%2Fheraldsun%2Fhome%2Fnull%2Fnull%23ad-block-728x90-1&slots=1&rand=0.011165529260558138
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3c83bf932306be5c15878e24a69b25ceaaa15049d0f9a112eb177f9991316e2f

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:32 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://supercoach.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
501
expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		36 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=279193&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224d1c4966d2d897%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsupercoach.heraldsun.com.au%2F%3Fpagetype%3Dindex%26sec1%3Dsport%26sec2%3Dlobby%26sec3%3Dsupercoach%26env%3D%26adl%3Dfalse%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%226.13.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22555a821679c5d3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22279193%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fsport.supercoach%2Flobby%2Fheraldsun%2Fhome%2Fnull%2Fnull%23ad-block-300x250-1%22%7D%7D%2C%7B%22id%22%3A%226216dd14a0248c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22320697%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fsport.supercoach%2Flobby%2Fheraldsun%2Fhome%2Fnull%2Fnull%23ad-block-728x90-1%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
60c17959019b9172f7c16a927e7fe6484e67e3e34951f5371e0cb063c41bf886

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdnjPYltcdiZTDH5%2BEAhANyNEf6D4dF%2BV86eTlPob%2B5HtxdSep9icvi0boABUFob8I0IJtC2DsfQFUs0T5r6jwx4sm2ytrq3o0qmajYmSJVaaNLLp62lhCJysaU5DZ7GwX%2Bf7%2Fq7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://supercoach.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
79db76dbfc295a55-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
2b8f1043b3d7ef835d3a829a1817e956d10b08e37e13ee821d3dcacb64b1a3c7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:32 GMT
AN-X-Request-Uuid
4739cc6e-618f-405e-9126-eac791b9487b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://supercoach.heraldsun.com.au
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
260
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://supercoach.heraldsun.com.au
date
Wed, 22 Feb 2023 23:22:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		18 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=37588803548
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Feb 2023 23:22:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://supercoach.heraldsun.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
i
tr.snapchat.com/cm/ Frame 8CBC 		672 B
838 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=4dd63809-64d7-47eb-8c17-1b1e3ac5bd62&u_scsid=0ddd91fc-f927-4306-bff3-f5f4b7f3d660&u_sclid=854b47b7-486a-4abb-b855-e2f9d49eeb4c
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 -, , ASN (),
Reverse DNS
Software
API Gateway /
Resource Hash
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
gzip
content-type
text/html
date
Wed, 22 Feb 2023 23:22:31 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google
x-envoy-upstream-service-time
12
4dd63809-64d7-47eb-8c17-1b1e3ac5bd62.js
tr.snapchat.com/config/au/ 		146 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/au/4dd63809-64d7-47eb-8c17-1b1e3ac5bd62.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 -, , ASN (),
Reverse DNS
Software
API Gateway /
Resource Hash
c1795a7307b29b1e9e38b821359f5d43e1eae27fbcc3d9f67b9867c17dc6327f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://supercoach.heraldsun.com.au/
Origin
https://supercoach.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://supercoach.heraldsun.com.au
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ 		68 B
208 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 -, , ASN (),
Reverse DNS
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Feb 2023 23:22:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
text/html
access-control-allow-origin
https://supercoach.heraldsun.com.au
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
019756e91511a9b21fb52a032cdee194824d572957a81063aa17276c4dcabfed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://supercoach.heraldsun.com.au
date
Wed, 22 Feb 2023 23:22:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b82a6ce2-dc48-4cd6-921f-f846d0e3ff47&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a6f28a71-4992-4dd3-ac40-fc53dc31c7ad&tw_document_href=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tw_iframe_status=0&txn_id=od3rn&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 -, , ASN (),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time
151
date
Wed, 22 Feb 2023 23:22:32 GMT
strict-transport-security
max-age=0
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
679f473c2ea743ce
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
162b6ec84bae0dd9f9270717ad6abac0f14d12aa0fa445177758527cfa064262
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b82a6ce2-dc48-4cd6-921f-f846d0e3ff47&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a6f28a71-4992-4dd3-ac40-fc53dc31c7ad&tw_document_href=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tw_iframe_status=0&txn_id=od3rn&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 -, , ASN (),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time
157
date
Wed, 22 Feb 2023 23:22:32 GMT
strict-transport-security
max-age=631138519
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
74ddb3530ad98524
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
a0b57877c0f5f40c9c3d84db062b051f6015e9a922d9fbd346a7e8fad7971fd2
content-length
43
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMC4wLjU0ODEuMTAwIFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJUaGUgSGVyYWxkIFN1biBLRkMgU3VwZXJDb2FjaCIsInBhZ2VfdXJsIjogImh0dHBzOi8vc3VwZXJjb2FjaC5oZXJhbGRzdW4uY29tLmF1LyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjc3MTA4MTUxNjY5IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODY3YjZmODU2YjdiMS0wODRjNjhjYjgzYmE3NS02ODNmNTQ1Ny0xZDRjMDAtMTg2N2I2Zjg1NmNmMzEiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtc3lkMSIsImFjY291bnRJZCI6IDEzMjIyMiwidXJsIjogImh0dHBzOi8vc3VwZXJjb2FjaC5oZXJhbGRzdW4uY29tLmF1LyIsIndlYnNpdGVJZCI6IDEzMjIyNCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiNjhjYS0zYmVmLWJkYmYtMWRhYS0wNzNhLWUxNjktNzcyZi1hZmY0Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NzcxMDgxNTE2NjYiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMTU1Niwia2FtcHlsZV92ZXJzaW9uIjogIjIuNDkuMCIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDkuMCIsImhpc3RvcnlfbGVuZ3RoIjogMiwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY3NzEwODE1MTY2OCwicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2V9Cl19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 -, , ASN (),
Reverse DNS
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-p69v
date
Wed, 22 Feb 2023 23:22:32 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
/
geo.privacymanager.io/ 		31 B
604 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.144.43 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a421d7cf16a54029a14eeee9dfe3cba2293bfb393d90a06cb44a71fa80aa626

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:40:25 GMT
via
1.1 df28c5139a58e7fd82c9f1801939f7c0.cloudfront.net (CloudFront), 1.1 9f270674bcf2f4d630a6d431ac385712.cloudfront.net (CloudFront)
x-amz-cf-pop
DUB2-C1, MRS52-C2
age
24127
x-amzn-requestid
c4b95588-24a1-419f-a7ba-e03cf0ba59b0
x-amzn-trace-id
Root=1-63f64579-2f2467f970ff2b4812bf5253;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
Av_LDE9YjoEF2aw=
content-length
31
x-amz-cf-id
nUGgqAKBUNitaOaslLDy-R_JHiLm-6hGaslMfWlAMNhVov2MfvE9Gg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
main.MTE3ZGZjMmFkMA.js
analytics.tiktok.com/i18n/pixel/static/ 		238 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5SVI0J6V74OJ29IA6K0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.180.49 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a96-17-180-49.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a6563f1b77608e27cb823aeea1c95a4db298557918d9ed6e8e9db5160d8aabdd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-akamai-request-id
302ac34
date
Wed, 22 Feb 2023 23:22:31 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230221161152CA4C82D3524614FA794A
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a96-17-180-31.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
019fabc83861237aa15b6f85929d1fa8c7af1d05c80f952f6c90fd2297a08e8ae257af551c58bb5daa782d460f38746ace5dfc94ddd9c5a2469eac1a90d05d4060b0d71bd963409e0494a4853af62dcd344d400d0b526498abc90b023366571726
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
66101
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.200.253 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://supercoach.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://supercoach.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Wed, 22 Feb 2023 23:22:32 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.200.253 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Wed, 22 Feb 2023 23:22:33 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://supercoach.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1677108151749&id=t2_tgr1fjm3&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=0b52232b-c8a4-43d5-ba41-fe86ad89561c&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:33 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
Serving
bs.serving-sys.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=2987376511016821253&pageurl=$$https%3A%2F%2Fsupercoach.heraldsun.com.au%2F$$&activityValues=$$Session%3D8095653014758411812$$&ns=0&rnd=49801477544704253&uinadv=%7B%7D&ccpastatus=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.15.221 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
280ad61af97229c7866a95a04288e8dc4530bc8146cfc756e41b66394304bd41

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:33 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
2220
expires
Sun, 05-Jun-2005 22:00:00 GMT
dest5.html
newscorpau.demdex.net/ Frame FB1F 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.21.164 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-2-v042-0f6779868.edge-usw2.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
zRNWEJ9NSW4=
content-encoding
gzip
date
Wed, 22 Feb 2023 23:22:33 GMT
last-modified
Wed, 8 Feb 2023 11:53:54 GMT
vary
accept-encoding
id
metrics.heraldsun.com.au/ 		48 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=24009398024917551701231485595857938799&ts=1677108151894
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.134 -, , ASN (),
Reverse DNS
Software
jag /
Resource Hash
66016d3e82fa369412d7fbb1949d86dd4d4413437390c1ffb22262cddabe27be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Feb 2023 23:22:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://supercoach.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y-ajuQAAAKjAyQM4
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=24030478256935597361233864095430359157
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-ajuQAAAKjAyQM4
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-ajuQAAAKjAyQM4
Protocol
HTTP/1.1
Server
52.41.41.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-41-200.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v042-01fdd0ba3.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
QGkbe1q4Ssc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-ajuQAAAKjAyQM4
Date
Wed, 22 Feb 2023 23:22:33 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
/
geo.privacymanager.io/ 		31 B
605 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.144.43 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a421d7cf16a54029a14eeee9dfe3cba2293bfb393d90a06cb44a71fa80aa626

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:40:25 GMT
via
1.1 df28c5139a58e7fd82c9f1801939f7c0.cloudfront.net (CloudFront), 1.1 9f270674bcf2f4d630a6d431ac385712.cloudfront.net (CloudFront)
x-amz-cf-pop
DUB2-C1, MRS52-C2
age
24127
x-amzn-requestid
c4b95588-24a1-419f-a7ba-e03cf0ba59b0
x-amzn-trace-id
Root=1-63f64579-2f2467f970ff2b4812bf5253;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
Av_LDE9YjoEF2aw=
content-length
31
x-amz-cf-id
ci-GDh-kgDrtkF9-WG_36TKfyvB3G0J0LvTxJRUeG8CMf84SYmWURw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
identify_cab4d.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.180.49 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a96-17-180-49.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-akamai-request-id
302b26b
date
Wed, 22 Feb 2023 23:22:32 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023022116115212CB2A849FFA802E5AE3
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a96-17-180-31.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
015d0b37a6e0900b9ea5a7a5c4fdfc7d12043b205bf9e62b30e57f5effa0c4f4c5b76417f4200a650c16713206750fd150c1c2c78a94df1adf58d403d4b5a50e06bafa35233873c93bef7d876dac0e2e15269e239e9b1cdfd73cc1e8ad8782c30b
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length
30707
pixel
analytics.tiktok.com/api/v2/ 		0
690 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.180.49 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a96-17-180-49.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
c222917d.302b335
date
Wed, 22 Feb 2023 23:22:32 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a96-17-180-31.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time
263,96.17.180.31
server-timing
cdn-cache; desc=MISS, edge; dur=258, origin; dur=21, inner; dur=18
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202302222322320E91725DAE70EA16A3DD
x-cache-remote
TCP_MISS from a23-218-222-20.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
21,23.218.222.20
x-tt-trace-host
01f3257378d465fc4b4694cfa18dcad7111d6ed383c0c9d2df91b6990a8ec5b914b581932a496cb9b301715069429c3c82d246687a40c70d03cb0080e9184a91dc8836726c1e6e14a6148a4f379807f563f4019ce0514c451dc48b7cdb42fbc193912f55282772138a179993b30dbe8d11
expires
Wed, 22 Feb 2023 23:22:32 GMT
scevent.min.js
sc-static.net/ Frame 8CBC 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=4dd63809-64d7-47eb-8c17-1b1e3ac5bd62&u_scsid=0ddd91fc-f927-4306-bff3-f5f4b7f3d660&u_sclid=854b47b7-486a-4abb-b855-e2f9d49eeb4c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.14.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-14-254.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
e2adb933987ecc1b413c1ad0d5024757f89f224afccc19d42f8c4c322aef7ea3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tr.snapchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 20:53:04 GMT
content-encoding
gzip
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN5-C1
age
8968
etag
0d6e407936704bd380072f5891d28b0e
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=86400, max-age=600
access-control-allow-headers
Content-Type
content-length
13327
x-amz-cf-id
u90rdQNMIXqRNNMlo-FvEn2S35KXWQjHWaNwKmuGD_vAaU_2K8tXTQ==
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=24009398024917551701231485595857938799&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&ts=1677108152518
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.41.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-41-200.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
914dde40164eff12f4230d7c0c7e7ea821ae57f5dc080f14aa239d375f216290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v042-0de22e08f.edge-usw2.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
pcN0KjF/Ths=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://supercoach.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1564
Expires
Thu, 01 Jan 1970 00:00:00 UTC
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P16C8D000-5514-4C76-9A96-5F57C2693396.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.126 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
Tw1ZrV6S6M8HrQmSnEoR4BpykB7j_69v
content-encoding
gzip
via
1.1 f28347a3148f4f8fa1d930375689073c.cloudfront.net (CloudFront)
date
Wed, 22 Feb 2023 22:25:02 GMT
x-amz-cf-pop
SIN5-C1
age
3451
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 28 Sep 2022 14:09:01 GMT
server
AmazonS3
etag
W/"81a9e2a298d0019660cb2966f0c24748"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
XEynA2d6cR9wrkyqdO9xpgnnAlu0emUz33XYalp_5pa8OpBwYPzq2Q==
pub
pixel.adsafeprotected.com/services/ 		594 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,728.1%5D,p:/5129/sport.supercoach/lobby/heraldsun/home/null/null,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250%5D,p:/5129/sport.supercoach/lobby/heraldsun/home/null/null,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/sport.supercoach/lobby/heraldsun/home/null/null,t:display%7D&slot=%7Bid:ad-block-320x60-1,ss:%5B320.60%5D,p:/5129/sport.supercoach/lobby/heraldsun/home/null/null,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=544cebd0-cb38-e600-a230-0a5d12a439e3&url=https%253A%252F%252Fsupercoach.heraldsun.com.au%252F
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.151.157.82 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5ec99a6d64ea704dd5c8a65c1420223b5ab1728852637ba0b1e9debb6d811f89

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:33 GMT
server
nginx
x-server-name
app01.sg.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://supercoach.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
p
tr.snapchat.com/cm/ Frame A56D
Redirect Chain
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1677108152535&u_scsid=d9de51ca-881c-4276-8acf-157805c870dd&u_sclid=cfe378fc-9deb-4eb4-9d92-16739e14230b
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1677052993406%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1677052993406%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://tr.snapchat.com/cm/p?rand=1677052993406&pnid=140&pcid=7f302f88-3a89-459f-a1d8-42733c31cae5
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/p?rand=1677052993406&pnid=140&pcid=7f302f88-3a89-459f-a1d8-42733c31cae5
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 -, , ASN (),
Reverse DNS
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://tr.snapchat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-transform
content-length
0
content-type
text/html
date
Wed, 22 Feb 2023 23:22:33 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
11

Redirect headers

accept-ch
Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 22 Feb 2023 23:22:33 GMT
location
https://tr.snapchat.com/cm/p?rand=1677052993406&pnid=140&pcid=7f302f88-3a89-459f-a1d8-42733c31cae5
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security
max-age=31536000
via
1.1 google
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1757731811273228&ev=Microdata&dl=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&rl=&if=false&ts=1677108152546&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Herald%20Sun%20KFC%20SuperCoach%22%2C%22meta%3Adescription%22%3A%22KFC%20SuperCoach%20is%20the%20free%20fantasy%20competition%20you%20and%20your%20friends%20and%20workmates%20can%20enter%20and%20play%20to%20win%20some%20fantastic%20prizes%22%2C%22meta%3Akeywords%22%3A%22Fantasy%2C%20Fantasy%20Team%2C%20Fantasy%202022%2C%20SuperCoach%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.96&r=stable&ec=1&o=30&fbp=fb.2.1677108151039.963119141&it=1677108150513&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.35 -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 22 Feb 2023 23:22:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		1 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1971603855&t=pageview&_s=1&dl=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ul=en-us&de=UTF-8&dt=The%20Herald%20Sun%20KFC%20SuperCoach&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4EBAAUABAAAAACAAI~&jid=784334640&gjid=731176339&cid=1989845893.1677108153&tid=UA-92560-41&_gid=1262019899.1677108153&_r=1&gtm=457e32f0&npa=1&z=24841872
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.102 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://supercoach.heraldsun.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
hit.gif
au-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13522&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&dom=supercoach.heraldsun.com.au&r=1677108152603&pvs=1&pvid=69eccdfb-3981-4110-a0c2-8bd96293064e&c=true&tzOffset=0&doorUrl=http%3a%2f%2fau-script.dotmetrics.net%2fdoor.js%3fid%3d13522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.6 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:32 GMT
dotmetrics-hit-status
01 OK
via
1.1 70baa6f69f875c9e172c9118322fd6b4.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
1q5F7SC2HnChsoOTHxkGY6S6zTOewOS8j3MtpSiF_KeLdiiZKTYsiQ==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13522&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&dom=supercoach.heraldsun.com.au&r=1677108152603&pvs=1&pvid=69eccdfb-3981-4110-a0c2-8bd96293064e&c=true&tzOffset=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.36 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 02:56:38 GMT
via
1.1 bf928fe3a859cf8cab4cd81be24e61de.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 10:59:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
73556
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
NKFhb8P1YBFRDPaY-ccN-qYn90U7R6VVzfvLHUjLVR5wO9rRVbgaSQ==
iu3
s.amazon-adsystem.com/ Frame 63BF
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
283
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 22 Feb 2023 23:22:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
NZC54TMYK6RGNW82PBYZ

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 22 Feb 2023 23:22:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
9RRSMS893PWBDPTF0MS7
701.json
id5-sync.com/g/v2/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7515bfc76cb2548c417ec957d0d0f84cc60de284fb3ea0bfb78b4a709d1f66d8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Feb 2023 23:22:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://supercoach.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
script.js
au-script.dotmetrics.net/Scripts/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=221
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.6 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
eb080e82d0cee3796eb1c80e76e1ccc63cb4cd82a86de8919f5a2be54c63a90f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:32 GMT
content-encoding
br
via
1.1 70baa6f69f875c9e172c9118322fd6b4.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2023 12:25:17 GMT
server
Kestrel
x-amz-cf-pop
SIN5-C1
etag
"1d93fa63aee7467"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
oAg5TH5ENroKn75omDskKnwzLgIUybn9nnh3x0aNjyV2oJElT128JQ==
s76871174163292
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/s76871174163292?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=22%2F1%2F2023%2023%3A22%3A32%203%200&d.&nsid=0&jsonv=1&.d&mid=24009398024917551701231485595857938799&aamlh=9&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Csport%7Cindex%7Clobby-supercoach-lobby-index&g=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPreviousValue=3.0&getPercentPageViewed=5.0.1&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D5%2Cevent18%2Cevent63%3D90&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Csport%7Clobby%7Csupercoach%7Clobby%7Cindex&l1=custom%3A1%7Cmrec%3A1%7Cleaderboard%3A1%7Cleader%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&l2=fantasy%2Cfantasy%20team%2Cfantasy%202022%2Csupercoach&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=sport&c5=D%3Dv5&v5=lobby&c6=D%3Dv6&v6=supercoach&c7=D%3Dv7&v7=lobby&c8=D%3Dv8&v8=index&c9=D%3Dv9&v9=index&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=10%3A22%20AM%7CThursday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c60=D%3Dv60&v60=90&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cvic%7Cmelbourne%7C-37.82%7C144.97%7Cgmt%2B10%7Cunknown&v79=au&v80=00000000000000000000000000000000-00000000000000000000000000000000-1677108149845-131517&v111=0&v161=9.5&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.134 -, , ASN (),
Reverse DNS
Software
jag /
Resource Hash
697dba043287505e16509237e669010cc9b702b69717045f0387389f2c5f7237
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-aam-tid
x/R6biYzSPE=
date
Wed, 22 Feb 2023 23:22:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
4958
x-xss-protection
1; mode=block
dcs
dcs-prod-usw2-2-v042-09cf708d5.edge-usw2.demdex.com 5 ms
pragma
no-cache
last-modified
Thu, 23 Feb 2023 23:22:32 GMT
server
jag
etag
3601562332512813056-4619758974828163759
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 21 Feb 2023 23:22:32 GMT
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 71B0 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.126 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1300
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Wed, 22 Feb 2023 23:00:53 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 28 Sep 2022 14:09:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f28347a3148f4f8fa1d930375689073c.cloudfront.net (CloudFront)
x-amz-cf-id
jGPLgYKLbZH6uLerLcVjbgJNVCsyQvokJ1hneJd9n-cscXyPvYcRgA==
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
kefD87rpNa3sUBHNjAEOkjjRzic54A4V
x-cache
Hit from cloudfront
interact
edge.adobedc.net/ee/v1/ 		727 B
840 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=a108382b-e397-4634-b8ff-4eaad16bb66d
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.151 -, , ASN (),
Reverse DNS
Software
jag /
Resource Hash
7be470de9d71b599f5a2555d30cbd115c2383edb3fa031ce7631ff110ef270b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 22 Feb 2023 23:22:32 GMT
content-encoding
deflate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-rate-limit-remaining
599
x-adobe-edge
SGP3;3
x-xss-protection
1; mode=block
x-request-id
a108382b-e397-4634-b8ff-4eaad16bb66d
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://supercoach.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-konductor
23.2.29:cafa17b8
/
www.google.com/pagead/1p-user-list/820460034/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820460034/?random=1677108151221&cv=11&fst=1677106800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tiba=The%20Herald%20Sun%20KFC%20SuperCoach&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1758247473&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.104 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/820460034/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/820460034/?random=1677108151221&cv=11&fst=1677106800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tiba=The%20Herald%20Sun%20KFC%20SuperCoach&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1758247473&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTM1MjIsImZsIjp0cnVlLCJkb20iOiJzdXBlcmNvYWNoLmhlcmFsZHN1bi5jb20uYXUiLCJsc28iOm51bGwsInVybCI6Imh0dHBzOi8vc3VwZXJjb2FjaC5oZXJhbGRzdW4uY29tLmF1LyIsInJ1cmwiOiIiLCJwdmlkIjoiNjllY2NkZmItMzk4MS00MTEwLWEwYzItOGJkOTYyOTMwNjRlIiwidHpPZmZzZXQiOjAsIm9zcyI6dHJ1ZSwib3NlcyI6dHJ1ZX0%3D&r=1677108153100
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.6 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
63d7c55af7a6f71f9829e2b37f8f664c7a6e28e282dd9d858ff0a61de03b9f55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:33 GMT
content-encoding
br
via
1.1 70baa6f69f875c9e172c9118322fd6b4.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN5-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
TUbumZXrCpUR-R16hsv56ShlgDOxU_lfFdkD48Bblm5BzOnirPcexQ==
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 71B0 		44 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P16C8D000-5514-4C76-9A96-5F57C2693396&sessionId=yajljxnv28nwvymnn8ijtasjyyjwq1677108152&c16=sdkv,bj.6.0.0&uoo=&fp_id=9huf4alq4tuqfdrs4aercckpyxrdn1677108152&fp_cr_tm=1677108152912&fp_acc_tm=1677108152912&fp_emm_tm=1677108152912&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.0.243.158 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:33 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
yajljxnv28nwvymnn8ijtasjyyjwq1677108152.nuid.imrworldwide.com/ Frame 71B0 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yajljxnv28nwvymnn8ijtasjyyjwq1677108152.nuid.imrworldwide.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.79 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:03:58 GMT
via
1.1 1a95269c34e986ace2bf21962deb2db4.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
47915
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
nK5jXOMrDkjmo6k4OtfKYEqmZFcuMZ9K_90DAo8jhZ_sAeAnqvcktA==
up_loader.1.1.0.js
js.adsrvr.org/ Frame 70C1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.15.213 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 00:26:10 GMT
Content-Encoding
gzip
Via
1.1 ed9908577fd6427c647d93076edebd26.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
82584
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
1COzusf0h4Y_yXFKxdjljjzKUJytpM7Ylc40ONOZeXjC8p2IPL4Tog==
uwt.js
static.ads-twitter.com/ Frame 3E67 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.44.157 , Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:33 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 15:55:14 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100040-IAD, cache-qpg1249-QPG
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame B0C7 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.116.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=37635
accept-ranges
bytes
content-length
4777
js
www.googletagmanager.com/gtag/ Frame E6AE 		129 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
804b640c780a0aa648085b6703f5210e8e53dadd8f5e9be19e97103bec97282b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50901
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 22:24:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Feb 2023 23:22:33 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 29CA 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.15.213 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 00:26:10 GMT
Content-Encoding
gzip
Via
1.1 203715eee1aff29c3cd146fbb151966c.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
82584
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
FL-BVcfPpEdPPN6821uIHsDDkk5FSzDy89NEylDV5hOt1y3eixxsUg==
pixie.js
acdn.adnxs.com/dmp/up/ Frame 8E69 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Expires
Fri, 27 Jan 2023 02:11:02 GMT
Date
Wed, 22 Feb 2023 23:22:34 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
76239
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21930-LGA, cache-fty21322-FTY
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1677108154.355521,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
24, 8315
activityi;dc_pre=CJSn_92iqv0CFSGd2AUdN_ALdA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9682841358503.352
8228261.fls.doubleclick.net/ Frame E4B5
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9682841358503.352?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CJSn_92iqv0CFSGd2AUdN_ALdA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=968284135850...
402 B
332 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJSn_92iqv0CFSGd2AUdN_ALdA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9682841358503.352?
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
61267b54826ae5a02623658caa74fca683f84ccfe46eac3054e18e547c386441
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
223
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:22:33 GMT
expires
Wed, 22 Feb 2023 23:22:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:22:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJSn_92iqv0CFSGd2AUdN_ALdA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9682841358503.352?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame E9D8 		181 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
a4f0c38865523396d3d06be304c57692a9606440358772766eeb4c4a2fa6e9e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67076
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 22:24:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Feb 2023 23:22:33 GMT
conversion.js
www.googleadservices.com/pagead/ Frame 90A2 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
f3928327fb9a23ef29178326793ba7b88b176a55c108144e6dab537feff6f55d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17000
x-xss-protection
0
server
cafe
etag
14618656116840985263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 23:22:33 GMT
px
secure.adnxs.com/ 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:33 GMT
AN-X-Request-Uuid
c084c7ad-f48d-4688-b53b-9fde60146dde
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adsct
t.co/i/ Frame 3E67 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=7a5f7d63-929e-4b01-b873-4ed5ed5e2d04&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6a927fc7-cc5a-4eb2-915d-ca894d1f63a1&tw_document_href=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 -, , ASN (),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time
145
date
Wed, 22 Feb 2023 23:22:33 GMT
strict-transport-security
max-age=0
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
ef286ab2188a010b
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
162b6ec84bae0dd9f9270717ad6abac0f14d12aa0fa445177758527cfa064262
content-length
43
adsct
analytics.twitter.com/i/ Frame 3E67 		43 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=7a5f7d63-929e-4b01-b873-4ed5ed5e2d04&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6a927fc7-cc5a-4eb2-915d-ca894d1f63a1&tw_document_href=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 -, , ASN (),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time
147
date
Wed, 22 Feb 2023 23:22:33 GMT
strict-transport-security
max-age=631138519
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
b3c3f57d1485b8a3
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
a0b57877c0f5f40c9c3d84db062b051f6015e9a922d9fbd346a7e8fad7971fd2
content-length
43
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 23 Feb 2023 23:22:33 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=supercoach.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=supercoach.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		78 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2904903277434839&correlator=2137093680869530&hxva=1&scor=331984364892794&eid=44761478&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fifs&iu_parts=5129%2Csport.supercoach%2Clobby%2Cheraldsun%2Chome%2Cnull&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F5%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F5%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F5%2F5&prev_iu_szs=728x90%7C728x1%2C300x250%2C1000x50%7C728x1%2C320x60&ifi=1&adks=3609102832%2C260713786%2C2482821370%2C620080836&sfv=1-0-40&prev_scp=pos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3Dc9dfbe90-b307-11ed-9329-0679fa08ad36%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3Dc9dfbe91-b307-11ed-9329-0679fa08ad36%26vw%3D40%2C50%2C60%26vw05%3D40%26grm%3D40%2C50%26vw10%3D40%26pub%3D40%2C50%7Cpos%3D1%26refreshed%3Dfalse%26id%3Dc9dfbe92-b307-11ed-9329-0679fa08ad36%7Cpos%3D1%26refreshed%3Dfalse%26id%3Dc9dfbe93-b307-11ed-9329-0679fa08ad36&eri=1&cust_params=us%3Db%26s%3D0%26kw%3DFantasy%252CFantasy%2520Team%252CFantasy%25202022%252CSuperCoach%26sec1%3Dlobby%26sec2%3Dheraldsun%26sec3%3Dhome%26sec4%3Dnull%26sec5%3Dnull%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dindex%26pid%3Dnot%2520set%26adl%3Dfalse%26abtest%3Da%26pvid%3D00000000000000000000000000000000-00000000000000000000000000000000-1677108149845-131517%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_3005109_PG%252CIAS_3006644_PG%252CIAS_3007987_PG%252CIAS_3005061_PG&sc=1&cookie_enabled=1&abxe=1&dt=1677108153502&lmt=1677043110&dlt=1677108142836&idt=8523&adxs=440%2C995%2C300%2C1280&adys=5364%2C700%2C5541%2C30&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C2%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&frm=20&vis=1&psz=900x-1%7C300x-1%7C1600x-1%7C321x-1&msz=720x-1%7C300x-1%7C1600x-1%7C320x-1&fws=516%2C516%2C516%2C516&ohw=1600%2C1600%2C1600%2C1600&ga_vid=1989845893.1677108153&ga_sid=1677108154&ga_hid=1971603855&ga_fc=true
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
2d9f855bc05b4c50160d984cff8e5a90f0520303418e3b2ae5077896643015b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24556
x-xss-protection
0
google-lineitem-id
5084295962,-1,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138347629745,-1,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://supercoach.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021601&st=env
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
7427b59cb7f8a5a919d1ea1730e6981e6880c82d1711a55e84c6d39550d32ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11036
x-xss-protection
0
container.html
f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E765 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:22:33 GMT
expires
Thu, 22 Feb 2024 23:22:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ibs:dpid=358&dpuuid=3305234269175720309
dpm.demdex.net/ Frame FB1F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=3305234269175720309
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3305234269175720309
Protocol
HTTP/1.1
Server
52.41.41.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-41-200.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v042-0c2d92bb7.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ASiagkk7Tls=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Wed, 22 Feb 2023 23:22:33 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
aeaa32e2-1ef6-4027-9714-c068fed028f0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3305234269175720309
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame E6AE 		2 KB
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1677108153611&cv=11&fst=1677108153611&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&auid=1959340865.1677108151&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
dd4395b17aec9551bcf21ff2be94e0f11ceef663382ffe67f03479ccf4ecd87f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
866
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/ Frame FB1F 		0
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame E9D8 		2 KB
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1677108153738&cv=11&fst=1677108153738&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&auid=1959340865.1677108151&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
024cd0e27516ec73f722b24f7b6fa8db52070a925bd909a18d3ef3f666c7ccfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/1765380/domain/supercoach.heraldsun.com.au/ Frame B0C7 		36 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1765380/domain/supercoach.heraldsun.com.au/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.76 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:34 GMT
content-encoding
gzip
via
1.1 ce37b125bad795f4918cd50b3f95260a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
mwA6yZhwgxoeTrjBjsqol3_6YBbuovyGJd37jy0N7enpTIqGegKctg==
collect
px.ads.linkedin.com/ Frame B0C7
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1677108153756&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1677108153756&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1677108153756%26url%3Dhttps%253A%252F%252Fsupercoach.heraldsun.c...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1677108153756&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&cookiesTest=true&liSync=true
0
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1677108153756&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&cookiesTest=true&liSync=true
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Server
13.107.42.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:34 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: AD630E79172B451E9B36FAB40DC584DE Ref B: MEL01EDGE1312 Ref C: 2023-02-22T23:22:34Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-ltx1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAX1UivUCpl+Zyv6FKq+sw==

Redirect headers

content-security-policy
default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 23:22:34 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAX1UivO9qfd0yzo+FoMqQ==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A68285793BDD490DB3F1DE72775CF302 Ref B: MEL01EDGE1312 Ref C: 2023-02-22T23:22:34Z
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1677108153756&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&cookiesTest=true&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
ibs:dpid=481&dpuuid=LEGAW4F6-P-HOVR
dpm.demdex.net/ Frame FB1F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=6404&puid=24030478256935597361233864095430359157&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LEGAW4F6-P-HOVR?gdpr=0
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=481&dpuuid=LEGAW4F6-P-HOVR?gdpr=0
Protocol
HTTP/1.1
Server
52.41.41.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-41-200.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v042-0a3605537.edge-usw2.demdex.com 8 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
xH+kxuEhSPc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=481&dpuuid=LEGAW4F6-P-HOVR?gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
www.google.com/pagead/1p-user-list/707564276/ Frame E6AE 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1677108153611&cv=11&fst=1677106800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2763539278&rmt_tld=0&ipr=y
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.104 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/707564276/ Frame E6AE 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/707564276/?random=1677108153611&cv=11&fst=1677106800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2763539278&rmt_tld=1&ipr=y
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 90A2 		2 KB
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1677108153812&cv=9&fst=1677108153812&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
f0fff47c49235df55a42838b2486a337c56d743b1e34cc9fa692b0e992fca0f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
927
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=771&dpuuid=CAESEGqtU7yeUjM4XSkdah5ncsI&google_cver=1
dpm.demdex.net/ Frame FB1F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjQwMzA0NzgyNTY5MzU1OTczNjEyMzM4NjQwOTU0MzAzNTkxNTc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGqtU7yeUjM4XSkdah5ncsI&google_cver=1?gdpr=0&gdpr_consent=
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGqtU7yeUjM4XSkdah5ncsI&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.41.41.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-41-200.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v042-082cf8dac.edge-usw2.demdex.com 13 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
RZ05DvPMQzc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGqtU7yeUjM4XSkdah5ncsI&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/820018408/ Frame E9D8 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820018408/?random=1677108153738&cv=11&fst=1677106800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=686537912&rmt_tld=0&ipr=y
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.104 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/820018408/ Frame E9D8 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/820018408/?random=1677108153738&cv=11&fst=1677106800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=686537912&rmt_tld=1&ipr=y
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CJSn_92iqv0CFSGd2AUdN_ALdA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9682841358503.352
adservice.google.com/ddm/fls/z/ Frame E4B5 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJSn_92iqv0CFSGd2AUdN_ALdA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9682841358503.352
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJSn_92iqv0CFSGd2AUdN_ALdA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9682841358503.352?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=903&dpuuid=1c753e8b-93b5-4981-a8e7-e051ef8a1e71
dpm.demdex.net/ Frame FB1F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=supercoach.heraldsun.com.au&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=supercoach.heraldsun.com.au&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=1c753e8b-93b5-4981-a8e7-e051ef8a1e71
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=1c753e8b-93b5-4981-a8e7-e051ef8a1e71
Protocol
HTTP/1.1
Server
52.41.41.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-41-200.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v042-0596fdac3.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qmJgNKCGQDE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:34 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=1c753e8b-93b5-4981-a8e7-e051ef8a1e71
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
189
tme
lm.serving-sys.com/lm/ 		0
193 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.226.167 -, , ASN (),
Reverse DNS
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://supercoach.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
/
www.google.com/pagead/1p-user-list/859754747/ Frame 90A2 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1677108153812&cv=9&fst=1677106800000&num=1&guid=ON&eid=375603261%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=1712547399&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.104 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/859754747/ Frame 90A2 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/859754747/?random=1677108153812&cv=9&fst=1677106800000&num=1&guid=ON&eid=375603261%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=1712547399&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame FB1F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.199 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 23:22:34 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 11:21:55 GMT
server
cloudflare
x-amz-request-id
05JB8W2M8TEFTAEY
age
511
etag
W/"b988c8d91b8a22dcd50f129d3a9d67f1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
79db76eb89d0fe99-MEL
x-amz-id-2
Ns6nOlgXRikn/KyUpks7IU1Kgqcq/E350tr1D4xxC0xvspV0qPKaDNsTUdycdyrndAdUxdxIJdI=
view
securepubads.g.doubleclick.net/pcs/ Frame 00DF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxJ5BbGGU62Utz7PiI3gQe0OD8YF0_DVN1As2ozxG2siUOczmKg2-M9RT59xMdxPXGjfbwgXJrb-HulW4OB98cGWvPI0oEahwtoJH_ZM_Bgyko69rJI2UjS8si5hSpMAYP2HbMBBpYkG3SVB-PYtEEVMz5vBSCC87AESx0na2ayeAqLZhIh_WUFEfp5hDJB3qGplSJPSFrpEgLCiqoGGHe24EpQW0nrCQ1-hQoOVTbsBqW_yhA2Z6tjdQ5HrmtP2iKZv7WkSnW6JNA23D9-v_I9ShaXQgbRFPExaz_73tCTG-i3H-u0jmHJCrjd_GifCLNVTdColx-gB3GGgTSvyGcBZUdA6kNEyaBH1dzhmnJUXlxLF3kXhhu1Q&sai=AMfl-YRbw5GUH88IiM5acEUyre2BCweiyaJHvbwgee_UvNQFBOwb4tkLgrnkOesezx9U3O8FHGIvDhw44gPfFwAOUEUSVrm6o0hEusW8hdjx-5vSzm5HsYBqNmOqSeusAg&sig=Cg0ArKJSzA_f7Ak8DEnjEAE&uach_m=[UACH]&adurl=
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/ Frame 00DF 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 20:59:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
8576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8814
x-xss-protection
0
server
cafe
etag
11378319237421819138
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Mar 2023 20:59:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 00DF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 20:59:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
8576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Mar 2023 20:59:38 GMT
l
www.google.com/ads/measurement/ Frame 00DF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJyy2XX2TctnrdP9ulSC8YgjOEr1EGFw_5SEAa4ZWOQNYkzUX-aUr9ep7uiQtM_4oCByhemftQ_yGU07xMcsRuL9Kb7w
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.104 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 00DF 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676996822105882"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 23:22:34 GMT
11960385870550645432
tpc.googlesyndication.com/simgad/ Frame 00DF 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11960385870550645432
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
fbdf12aa1eb94ab45dd826b6349c4fd915ab7a585cbe8d4c68d46a68caa37043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 12:25:46 GMT
x-content-type-options
nosniff
age
212208
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15618
x-xss-protection
0
last-modified
Tue, 27 Apr 2021 10:18:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 20 Feb 2024 12:25:46 GMT
container.html
f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6741 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:22:33 GMT
expires
Thu, 22 Feb 2024 23:22:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ibs:dpid=23728&dpuuid=Y-ajujc1ydk-A.QzTynpngAA%264717
dpm.demdex.net/ Frame FB1F
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y-ajujc1ydk-A.QzTynpngAA%264717
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y-ajujc1ydk-A.QzTynpngAA%264717
Protocol
HTTP/1.1
Server
52.41.41.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-41-200.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v042-073f5435d.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
rBbOi1WXQKc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LT6dNfYNfdFViI0XLYHEyIAhHB2UXZiq5NFPXLN46%2Bj9s%2BhST6MZELIdfIUMZ7cyTEiXhVasFybg%2BsrKcrRmwvQh3g3thRa%2FjoaRWgIkfvDZ3JSHiuC8u6t5D%2B0MO4BK%2FJRkjxT1"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y-ajujc1ydk-A.QzTynpngAA%264717
cache-control
no-cache
cf-ray
79db76ee5b1e29ac-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
/
match.adsrvr.org/track/upb/ Frame 0337
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
  • https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
927 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
eeabe349aa9d1fb41a4e169d58fcedafb8ba48774788818a4518ddd9c291c51a

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 23:22:34 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 23:22:34 GMT
location
https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
syncframe
gum.criteo.com/ Frame A0A5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=supercoach.heraldsun.com.au
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:22:34 GMT
server
Kestrel
server-processing-duration-in-ticks
911907
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
08521ed33214df099c037cff71468eb0c565633081ace195c9da6eb85a16c0fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 13 Feb 2023 18:43:00 GMT
server
nginx
etag
W/"63ea84b4-162c6"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 23 Feb 2023 23:22:34 GMT
/
match.adsrvr.org/track/upb/ Frame F905
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
  • https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
927 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bcbef40673f8648138302279bbb0eac86d3e9cfbffb1af5a0f047f42c93f2a6

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 23:22:34 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 23:22:34 GMT
location
https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
increment
id5-sync.com/api/esp/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://supercoach.heraldsun.com.au
date
Wed, 22 Feb 2023 23:22:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
ibs:dpid=30432&dpuuid=CI-bad02f19b69f3872f9c5931fdf6b3d36
dpm.demdex.net/ Frame FB1F
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=24030478256935597361233864095430359157&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-bad02f19b69f3872f9c5931fdf6b3d36
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-bad02f19b69f3872f9c5931fdf6b3d36
Protocol
HTTP/1.1
Server
52.41.41.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-41-200.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v042-0f8ee3101.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
cQptFC0LSe4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-bad02f19b69f3872f9c5931fdf6b3d36
Date
Wed, 22 Feb 2023 23:22:35 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
adview
securepubads.g.doubleclick.net/pagead/ Frame 6741 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CfIzQuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSXAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQILEvsScEbettLmnW8izUlC0Ez0__wv63a4g8Q7WRiTU7xYwKPOZ4-AEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTkxNzI3MDA1ODcxNzUzMzIY188S&sigh=zFjDcRBflkE&uach_m=[UACH]&cid=CAQSOwDUE5ymgTR_T0iHN6tFQuYj9FiZhVaFIPpEdZ2AvHLJdQs3aTKA9i-T0EO5CVKE0sx15nGVtOoPznv4GAE
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 6741 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k6KHFM_KB6wC-gFi-C0SAgAAADyYgz_ZtEvYvq-Y5OmrEccQuaP2Y_30Zy8wyeKHLYAAABIAAAoOQVFVRERRWUJEUUVCRFE&wp=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
152999
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame BC6B 		126 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Requested by
Host: f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
URL: https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
5fa1979bb9116409ac7588abc493945fb06a9d0a17ae8baf22830c1a2ef9dc22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:22:34 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=VETJH26bOfTqye8K7D5PC853OLOiYyzM0fhp-UzOWdtrnE2Pr9vd7KVQuM0C1HNAm67pXCKReF1wSPGe0m444wZDuxEtKeqHNgJLbuMTrbMplqTMGeR57-gjOkpmSCs-zDz3HxJnv2VoCNQQk9IZXFxzmSsTm_bKmqfKbifNgSKngED7AViz7vqeJjls2OUW27VnGX8B65vW5GVfJ0J6x1MeghT3-usqKTeXI8wdkBAbPkLAuknqhd7MvQy_DtDFn19Owg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
47788252
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 6741 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js
Requested by
Host: f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
URL: https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 20:59:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
8576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Mar 2023 20:59:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 823A 		1 KB
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
URL: https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
75756
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 02:19:58 GMT
etag
48472445140208031
expires
Thu, 23 Feb 2023 02:19:58 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 6741 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
URL: https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 20:59:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
8576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8274
x-xss-protection
0
server
cafe
etag
9471482037410804447
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Mar 2023 20:59:38 GMT
l
www.google.com/ads/measurement/ Frame 6741 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRd2HRXnvMDWhscWxhdvtJ49gryi-MZ15_pRr5RLi5Sc23Q4f8OIbhYLiaP_cgWk78L8Ny52YnpQNsK0Z-R8ENsK5sv3g
Requested by
Host: f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
URL: https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.104 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6741 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
URL: https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:06:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
26177
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Feb 2024 16:06:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6741 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
URL: https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676996822105882"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 23:22:34 GMT
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame FB1F
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=24030478256935597361233864095430359157&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=24030478256935597361233864095430359157&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Protocol
HTTP/1.1
Server
52.41.41.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-41-200.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v042-01438281d.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
sDiWATJASrY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Wed, 22 Feb 2023 23:22:35 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 0337 		487 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.15.213 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 01:02:35 GMT
Via
1.1 203715eee1aff29c3cd146fbb151966c.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
80431
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
8UMzy5Xt0U30utC3jNM3qVjdzFmbyggjQdVFvk0-7BL3cVWgW11rvw==
pr
s.amazon-adsystem.com/v3/ Frame 03B4 		951 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
fc1cb46d394087c2abdd05b11246dc66bc84e954ba76546792b970766763f2f5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
951
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 22 Feb 2023 23:22:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
6YZ031NGA788RTXN57N4
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame F905 		487 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.15.213 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 01:02:35 GMT
Via
1.1 ed9908577fd6427c647d93076edebd26.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
80431
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
uPcCZVKzWT5GXC8OYngGU5C2DM4j4hl2ZEAq6jKDFIK_N6mo7oqFMQ==
usermatch.gif
beacon.krxd.net/ Frame FB1F
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=24030478256935597361233864095430359157
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=24030478256935597361233864095430359157
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=24030478256935597361233864095430359157
Protocol
H2
Server
52.36.69.76 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by
beacon-n016-pdx-prod.krxd.net
date
Wed, 22 Feb 2023 23:22:36 GMT
cache-control
private, no-cache, no-store
x-request-time
D=74 t=1677108156
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=24030478256935597361233864095430359157
date
Wed, 22 Feb 2023 23:22:35 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a002-ash-prod.krxd.net
pixie
ib.adnxs.com/ Frame 8E69 		42 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1677108154495&v=0.0.20&u=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&r=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&st=1677108154495&et=1677108154495&if=1
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 23:22:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame 823A
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEGVCRzb2SLVVwtbzFh6iqCo&google_cver=1&google_push=Aa02lx9LcxD1XVpqjEHxbj26HK11dUtLohoq-TgNIHQbamHCBO4bpjquJ-eKrhp95ifB6SWvzvetT2E...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx9LcxD1XVpqjEHxbj26HK11dUtLohoq-TgNIHQbamHCBO4bpjquJ-eKrhp95ifB6SWvzvetT2EdQZiHYpCMgMUGH9mUYkxwUg&google_hm=xiH827uPTJ2_AD8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx9LcxD1XVpqjEHxbj26HK11dUtLohoq-TgNIHQbamHCBO4bpjquJ-eKrhp95ifB6SWvzvetT2EdQZiHYpCMgMUGH9mUYkxwUg&google_hm=xiH827uPTJ2_AD8GF9qx34I
Requested by
Host: f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
URL: https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:31 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx9LcxD1XVpqjEHxbj26HK11dUtLohoq-TgNIHQbamHCBO4bpjquJ-eKrhp95ifB6SWvzvetT2EdQZiHYpCMgMUGH9mUYkxwUg&google_hm=xiH827uPTJ2_AD8GF9qx34I
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 823A
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEG3GnWwSxkoRAI-huWaPVM4&google_cver=1&google_push=Aa02lx8u0OgQ-Cr6DBmIjLnaDK7rgVr5qqjAZvLhgSRqrjO4n_K3HgAKtB7SpWvKDfH_fHXv9PXu5rf7JHfCF3371B...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTUzNTY5NTEyODQyMjczMzQ1NzQ&google_push=Aa02lx8u0OgQ-Cr6DBmIjLnaDK7rgVr5qqjAZvLhgSRqrjO4n_K3HgAKtB7SpWvKDfH_fHXv9PXu5rf7JHfCF3371B3Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTUzNTY5NTEyODQyMjczMzQ1NzQ&google_push=Aa02lx8u0OgQ-Cr6DBmIjLnaDK7rgVr5qqjAZvLhgSRqrjO4n_K3HgAKtB7SpWvKDfH_fHXv9PXu5rf7JHfCF3371B3ZdKbksoxbow
Requested by
Host: f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
URL: https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTUzNTY5NTEyODQyMjczMzQ1NzQ&google_push=Aa02lx8u0OgQ-Cr6DBmIjLnaDK7rgVr5qqjAZvLhgSRqrjO4n_K3HgAKtB7SpWvKDfH_fHXv9PXu5rf7JHfCF3371B3ZdKbksoxbow
Date
Wed, 22 Feb 2023 23:22:35 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 823A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAPmK7_1Xt7q8BdI5LKDn2s&google_cver=1&google_push=Aa02lx-AZCpz0S-u1hUXS0jHNzDX17yPrOxT2r-s5q3ZhaO63oiRo7ReAx8-AC6628xcMucBfa...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAPmK7_1Xt7q8BdI5LKDn2s&google_cver=1&google_push=Aa02lx-AZCpz0S-u1hUXS0jHNzDX17yPrOxT2r-s5q3ZhaO63oiRo7ReAx8-AC6628xcMucBfa...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1XQ3B3MUhoRTJ1R3hWTDE5ME5nSWFjTXdlSlNjcTlsaX5B&google_push=Aa02lx-AZCpz0S-u1hUXS0jHNzDX17yPrOxT2r-s5q3ZhaO63oiRo7ReA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1XQ3B3MUhoRTJ1R3hWTDE5ME5nSWFjTXdlSlNjcTlsaX5B&google_push=Aa02lx-AZCpz0S-u1hUXS0jHNzDX17yPrOxT2r-s5q3ZhaO63oiRo7ReAx8-AC6628xcMucBfaI-WbbXFNAkB4t7n3LzyNS0A_BbArg
Requested by
Host: f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
URL: https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1XQ3B3MUhoRTJ1R3hWTDE5ME5nSWFjTXdlSlNjcTlsaX5B&google_push=Aa02lx-AZCpz0S-u1hUXS0jHNzDX17yPrOxT2r-s5q3ZhaO63oiRo7ReAx8-AC6628xcMucBfaI-WbbXFNAkB4t7n3LzyNS0A_BbArg
date
Wed, 22 Feb 2023 23:22:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 823A
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJaC_XWUhA_eqJ1c6rKbvMI&google_cver=1&google_push=Aa02lx_zt0CVJS3flLEJ8NE_3dqHoXfquIaM304HQvRGK_DDVEWzdd0SsabL9itK...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJaC_XWUhA_eqJ1c6rKbvMI&google_cver=1&google_push=Aa02lx_zt0CVJS3flLEJ8NE_3dqHoXfquIaM304HQvRGK_DDVEWzdd0SsabL9itK...
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=Aa02lx_zt0CVJS3flLEJ8NE_3dqHoXfquIaM304HQvRGK_DDVEWzdd0SsabL9itKkdls9hk47TNsrudwq_k-f_yfuwpsYO1jyvQ3Fb4&google_hm=LUE2U05NbzBF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=Aa02lx_zt0CVJS3flLEJ8NE_3dqHoXfquIaM304HQvRGK_DDVEWzdd0SsabL9itKkdls9hk47TNsrudwq_k-f_yfuwpsYO1jyvQ3Fb4&google_hm=LUE2U05NbzBFbWdx&suid-set=1
Protocol
H3
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:35 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=Aa02lx_zt0CVJS3flLEJ8NE_3dqHoXfquIaM304HQvRGK_DDVEWzdd0SsabL9itKkdls9hk47TNsrudwq_k-f_yfuwpsYO1jyvQ3Fb4&google_hm=LUE2U05NbzBFbWdx&suid-set=1
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
spacer.gif
an.yandex.ru/resource/ Frame 823A
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEFgg6pwud08baLxEoclCUR8?ext-param=Aa02lx_sAJjn7kLSrntXM5-EG-7ynAAoexBPCVYXs1cfWoAV06eBsj3itsXOHFC4b1jcafUPV-jTyKW9d5VAtHUy4wZqNWUUEXLoEis&partner-tag=yandex_a...
  • https://an.yandex.ru/mapuid/google/CAESEFgg6pwud08baLxEoclCUR8?redir-setuniq=1&ext-param=Aa02lx_sAJjn7kLSrntXM5-EG-7ynAAoexBPCVYXs1cfWoAV06eBsj3itsXOHFC4b1jcafUPV-jTyKW9d5VAtHUy4wZqNWUUEXLoEis&part...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEFgg6pwud08baLxEoclCUR8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Protocol
H2
Server
213.180.193.90 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 07 Feb 2024 23:22:36 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 823A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEMfkm8ls1aYFegmVKH4vxsM&google_cver=1&google_push=Aa02lx_K0-lL7qJKJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzMwNTIzNDI2OTE3NTcyMDMwOQ%3D%3D&google_gid=CAESEMfkm8ls1aYFegmVKH4vxsM&google_cver=1&google_push=Aa02lx_K0-lL7qJKJD88WflhpmqMRHEt4q...
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzMwNTIzNDI2OTE3NTcyMDMwOQ%3D%3D&google_gid=CAESEMfkm8ls1aYFegmVKH4vxsM&google_cver=1&google_push=Aa02lx_K0-lL7qJKJD88WflhpmqMRHEt4qUvTxbAe_vRKgQB__Dm-ZDWGbVCiLnTFfxTs-PDgLftrYxCbLrnxOKC3vddxEfmDGXm8Lk
Requested by
Host: f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
URL: https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 22 Feb 2023 23:22:34 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c4e68ca9-0b0d-43b2-8bff-a1d15cd87466
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzMwNTIzNDI2OTE3NTcyMDMwOQ%3D%3D&google_gid=CAESEMfkm8ls1aYFegmVKH4vxsM&google_cver=1&google_push=Aa02lx_K0-lL7qJKJD88WflhpmqMRHEt4qUvTxbAe_vRKgQB__Dm-ZDWGbVCiLnTFfxTs-PDgLftrYxCbLrnxOKC3vddxEfmDGXm8Lk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 823A
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENxue9UF2...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENx...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5568ccc7-59c5-4ea5-bffd-02f2288e27f1&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5568ccc7-59c5-4ea5-bffd-02f2288e27f1&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
URL: https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5568ccc7-59c5-4ea5-bffd-02f2288e27f1&%%GOOGLE_PUSH_PAIR%%
Date
Wed, 22 Feb 2023 23:22:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 823A 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LhAKB_oJtdbtYgYz1PShlrsZG2QOztlxRoIS0gWTdMWDfhSJnbktdeqzHjlVv6YrhH2tHYAn3HxAI
Requested by
Host: f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
URL: https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
jsdiagnostic
pixel.adsafeprotected.com/ 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_profile&anid:10507&sessionId:544cebd0-cb38-e600-a230-0a5d12a439e3&err:responsetime%3A620%26probability%3A10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.151.157.82 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:34 GMT
server
nginx
x-server-name
app03.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
generic
match.adsrvr.org/track/cmf/ Frame 5B90
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=9a2a2bb4-361d-4d99-b275-7a9d0d8a8d67&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=9a2a2bb4-361d-4d99-b275-7a9d0d8a8d67&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-WrXFWfxE2uIrCoyRL7c3mnWCpsotcCk-~A&gdpr=0
70 B
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-WrXFWfxE2uIrCoyRL7c3mnWCpsotcCk-~A&gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 22 Feb 2023 23:22:35 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

age
0
content-length
0
date
Wed, 22 Feb 2023 23:22:35 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-WrXFWfxE2uIrCoyRL7c3mnWCpsotcCk-~A&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
rubicon
match.adsrvr.org/track/cmf/ Frame 4490
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9a2a2bb4-361d-4d99-b275-7a9d0d8a8d67&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 22 Feb 2023 23:22:35 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
d264e84c9dc1a645a3048554992c5d82
content-length
0
google
match.adsrvr.org/track/cmf/ Frame 4EB0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OWEyYTJiYjQtMzYxZC00ZDk5LWIyNzUtN2E5ZDBkOGE4ZDY3&gdpr=0&gdpr_consent=&ttd_tdid=9a2a2bb4-361d-4d99-b275-7a9d0...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=9a2a2bb4-361d-4d99-b275-7a9d0d8a8d67&google_gid=CAESEPKL80_1HPezhgp6TX3Dpco&google_cver=1
70 B
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=9a2a2bb4-361d-4d99-b275-7a9d0d8a8d67&google_gid=CAESEPKL80_1HPezhgp6TX3Dpco&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 22 Feb 2023 23:22:34 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:22:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=9a2a2bb4-361d-4d99-b275-7a9d0d8a8d67&google_gid=CAESEPKL80_1HPezhgp6TX3Dpco&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame FB1F
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=24030478256935597361233864095430359157&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Protocol
HTTP/1.1
Server
52.41.41.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-41-200.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v042-0dd314ac3.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
0l7EXb9eSR8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
303,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Wed, 22 Feb 2023 23:22:35 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
generic
match.adsrvr.org/track/cmf/ Frame 5DA7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-WrXFWfxE2uIrCoyRL7c3mnWCpsotcCk-~A&gdpr=0
70 B
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-WrXFWfxE2uIrCoyRL7c3mnWCpsotcCk-~A&gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 22 Feb 2023 23:22:35 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

age
0
content-length
0
date
Wed, 22 Feb 2023 23:22:35 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-WrXFWfxE2uIrCoyRL7c3mnWCpsotcCk-~A&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
google
match.adsrvr.org/track/cmf/ Frame A94F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZjRhMmYyNDQtYWFiZS00YzZhLTlhYjItMzhmZGU5NmU3NTgx&gdpr=0&gdpr_consent=&ttd_tdid=f4a2f244-aabe-4c6a-9ab2-38fde...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&google_gid=CAESEPKL80_1HPezhgp6TX3Dpco&google_cver=1
70 B
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&google_gid=CAESEPKL80_1HPezhgp6TX3Dpco&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 22 Feb 2023 23:22:34 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:22:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&google_gid=CAESEPKL80_1HPezhgp6TX3Dpco&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
rubicon
match.adsrvr.org/track/cmf/ Frame 0D44
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 22 Feb 2023 23:22:35 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
content-length
0
truncated
/ Frame 6741 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e68432efde9a67be10028d39e18c7dc4850926a400f51fa188d50d5031b36c2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame FB1F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1hanVRQUFBS2pBeVFNNA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1hanVRQUFBS2pBeVFNNA==
Protocol
H3
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fty21370-FTY
pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677108155.358515,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1hanVRQUFBS2pBeVFNNA==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
13726
check.analytics.rlcdn.com/check/ 		25 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.103 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
via
1.1 1728256c36c9016e0b9379e91a1c2e68.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
x-amzn-trace-id
Root=1-63f6a3bb-6e9935fd5c2b79672cd01592
x-amzn-requestid
c25e670e-aaf4-4e64-8980-4ac48e72a983
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
Aw6FUHo_joEF3Vw=
content-length
25
x-amz-cf-id
qrvl4Y8i2P19WT-kTNMQ0vzAgS5pw82TzaLzlkM97PS2wMVeYftkmQ==
usermatch
ssum-sec.casalemedia.com/ Frame 6B4F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3c20ecd7f8bdb7a15c4d074d5de74d7e0e5c55c0622af0b5d5068d484118ec3e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
79db76f07c502b30-MEL
content-encoding
br
content-type
text/html
date
Wed, 22 Feb 2023 23:22:35 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7KhjuPXjwg2YjXa1vu7uCzS%2BeyI9ETNHzEs71olPJ02%2FWwFCbh87mw4bausa6KpLBQyOSRoDH0%2FTrGFaXQ1BV2JBUWOLeik3jphZznrZULSeMiOSvJXFquzeRXuRdm0LF7yuK0DIgwNkw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C45F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Feb 2023 23:22:35 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6D40 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.199 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=172157
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 22 Feb 2023 23:22:34 GMT
expires
Fri, 24 Feb 2023 23:11:51 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame A0A5 		471 B
582 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=heraldsun.com.au&sn=ChromeSyncframe&so=0&topUrl=supercoach.heraldsun.com.au&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=supercoach.heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
696af1286f5c693c5b319c17505f27ee774fa1311e5a5ed1c0674283520d5291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=supercoach.heraldsun.com.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2201554
expires
0
tap.php
pixel.rubiconproject.com/ Frame FB1F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y-ajuQAAAKjAyQM4&expires=90
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y-ajuQAAAKjAyQM4&expires=90
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-fty21370-FTY
pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677108155.358774,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y-ajuQAAAKjAyQM4&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
truncated
/ Frame 00DF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da4b3618d374f7528a9a2d0d6b6401a2eb910aaced08f1f2041fe8a7d3aae107

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F8D3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
187574
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Feb 2023 19:16:20 GMT
expires
Tue, 20 Feb 2024 19:16:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AAEC 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.104 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
577b94cbe90ec2858d3ee76c40cf2a9919198c09c350491244913dc52228fda2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dQFWjwzf3OzToYeoayA_pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-dQFWjwzf3OzToYeoayA_pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:22:34 GMT
expires
Wed, 22 Feb 2023 23:22:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame FB1F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-ajuQAAAKjAyQM4
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-ajuQAAAKjAyQM4
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fty21370-FTY
pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677108155.358736,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-ajuQAAAKjAyQM4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame BC6B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Feb 2024 23:22:34 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame BC6B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Feb 2024 23:22:34 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame BC6B 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 17 Feb 2024 23:22:35 GMT
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_c16_sport_S&asn=sport&fp_id=9huf4alq4tuqfdrs4aercckpyxrdn1677108152&fp_cr_tm=1677108152912&fp_acc_tm=1677108152912&fp_emm_tm=1677108152912&ve_id=&sessionId=yajljxnv28nwvymnn8ijtasjyyjwq1677108152&prv=1&c6=vc,c16&ca=NA&c13=asid,P16C8D000-5514-4C76-9A96-5F57C2693396&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,ck3rwetj1mbgvdpeobtaahepgn8na1677108153&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,1677108152905887&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1677108150495&c3=st,c&c64=starttm,1677108154&adid=1677108150495&c58=isLive,false&c59=sesid,&c61=createtm,1677108154&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&c66=mediaurl,&sdd=&c62=sendTime,1677108154&rnd=34787
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.0.243.158 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6D40 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3085912&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3559425f14d958dacef0c5077cf734553413a55948858114245f94dd822482dd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 22 Feb 2023 23:22:35 GMT
content-length
1763
content-type
text/html; charset=UTF-8
setuid
ib.adnxs.com/ Frame FB1F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=Y-ajuQAAAKjAyQM4
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=Y-ajuQAAAKjAyQM4
Protocol
HTTP/1.1
Server
104.254.151.120 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:35 GMT
AN-X-Request-Uuid
347c27bf-5d44-47b2-82b0-8d07a082ea13
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-fty21370-FTY
pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677108155.358768,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=Y-ajuQAAAKjAyQM4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
back_button2.svg
static.criteo.net/flash/icon/ Frame BC6B 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 17 Feb 2024 23:22:35 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame BC6B 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=SNCuie8F41NaV5ZlHllJpcbCBKV5EzyjhRSs2YB1HNADIIatmRsH9bwP4QBlKTm5xzAqccFiiWsJM84IsvZH6phTwzY3K8RQtN3U-L_b4LK_-367DmtX47YrbpOD-LX8BXI34GnZXHmfHV3EYtwbUxOn3YP9McHxTUARinYc0Aki9DjTQB8EpDJRZY2liVIGmk0tKWppT_eg53mewuDQjVRH0kf0QAZ8n5OTcHvfu61vFdmde7LUJrvRgCgHcCQ1atSEmgAw2_titS36JLjIi69oCVc-1soQYyjmK4Sh3HiPifwLjPOzcfL7YCW_0sw25BTxiaKbsfjIR0EGYoSojvoAumm95WqRwGKt0qd4hwL_l3d5xJHmYSM5PDfDsx5PV1rzs_1pC9S3RQULNRfi2lSEFv_WhneL4ETV8-HW1FzpBKb_G5OmygCjAcPVtLvbEcu7yw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4175597
expires
Mon, 26 Jul 1997 05:00:00 GMT
montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame BC6B 		2 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7e-675"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Feb 2024 23:22:35 GMT
montserrat-700.css
static.criteo.net/design/googlefont/montserrat/ Frame BC6B 		2 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7f-675"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Feb 2024 23:22:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 00DF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNFxkZ3wCJvcQG3YKUPcJ98bOXSr-MCkG1HUqRiq7Od3Ps-iB_5JOqUPoi2Q1XSo2i5-9ggZVI94iWWKb9X4ZRKwubdVT0LRLEbLSxH06V-hc7mJ9Ky-rjrjYVI-zrZQZn6SF-5ljeQo7BkSvodl9V4GMyJbsU9weP2SYHlGpc3mfhQ0S5uod1FApxBKGn2K_peIfrVtquv4Uy7iwD6eyfTmAEqy2u29Ak8d5GZtjG8_CgDWh7dof4LsEnUct5Y_cf_IgMg3glYnGMVWs012mNUCKrHVAj1_58ABUnBUrFXgQqgww0338-y0Z1TA_o_LtjLKjb08F3ptXBVSQarl32q9VfCHtz6zjRoxBhTIjUI_poOoe6B9Yfdc-d&sai=AMfl-YTCS89hHLPFk7XGsvfjZRZmakRScYNy-KGuK1cgBHfWR7GwnMMmjMOZKX9wTsB6rPWYDAMPDDV7ZoKw1NrB-wLTVU7c5xIiVQsFOrcOyZtCz4GnmWjmNBAYHLdQRQ&sig=Cg0ArKJSzOrF6_k3H_c_EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 22 Feb 2023 23:22:35 GMT
jload
pixel.adsafeprotected.com/ Frame 3884 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=21942072462&placementId=5084295962&pubCreative=138347629745&pubOrder=2553375348&cb=247157887&custom=index&custom3=21851376062&adsafe_par&impId=c9dfbe90-b307-11ed-9329-0679fa08ad36
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.151.157.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
72c1432adc762cb1200bd414b2e349786d2a9767399f685d2c172d873f6a562a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AAEC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021601&jk=2904903277434839&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame FB1F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y-ajuQAAAKjAyQM4
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y-ajuQAAAKjAyQM4
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y-ajuQAAAKjAyQM4
Protocol
H2
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y-ajuQAAAKjAyQM4
date
Wed, 22 Feb 2023 23:22:35 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
pagead2.googlesyndication.com/bg/ Frame F8D3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 03:40:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
243748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14406
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 20 Feb 2024 03:40:07 GMT
animejs.js
static.criteo.net/animejs/ Frame BC6B 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Feb 2024 23:22:35 GMT
img
pix.as.criteo.net/img/ Frame BC6B 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=76&m=0&partner=14038&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F14038%2F220906%2F0fde60ae7db84661a6f07dbde488483c_bupaoptical-h.png&v=3&w=596&s=SIq1qPEK7sK-zvYF6Jh1OECX
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
cff45bed3031029ef91d3d7146a00c740138f6c509854537d79f7be3f4dc4f53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30115636
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12930
expires
Tue, 06 Feb 2024 12:49:51 GMT
img
pix.as.criteo.net/img/ Frame BC6B 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=14038&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0168%2F9000%2F3556%2Fproducts%2FOAKLEY-8105-OX8105-0450-1.jpg%3Fv%3D1554746866&v=3&w=400&s=vg8Fs8IhAgtAKG-1Tk0fA-l9&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
888f16e96be842809612cce25f9f14404eea5f4fc3585e8df902a0a399a3c356
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30908826
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2482
expires
Thu, 15 Feb 2024 17:09:42 GMT
img
pix.as.criteo.net/img/ Frame BC6B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=14038&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0168%2F9000%2F3556%2Fproducts%2Fray-ban-3958-8056597535533-1.jpg%3Fv%3D1654974969&v=3&w=400&s=zjA9o2srYcc2oznw0FmdnTS3&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
5c3dbba7c890a831e950a7b2d65b422ee66701c267f375024660b3df0f9c9b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30705359
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2844
expires
Tue, 13 Feb 2024 08:38:35 GMT
all
csm.as.criteo.net/ Frame BC6B 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=VETJH26bOfTqye8K7D5PC853OLOiYyzM0fhp-UzOWdtrnE2Pr9vd7KVQuM0C1HNAm67pXCKReF1wSPGe0m444wZDuxEtKeqHNgJLbuMTrbMplqTMGeR57-gjOkpmSCs-zDz3HxJnv2VoCNQQk9IZXFxzmSsTm_bKmqfKbifNgSKngED7AViz7vqeJjls2OUW27VnGX8B65vW5GVfJ0J6x1MeghT3-usqKTeXI8wdkBAbPkLAuknqhd7MvQy_DtDFn19Owg&sds=2&rev=84699&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 22 Feb 2023 23:22:34 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BC6B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Feb 2024 23:22:35 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame BC6B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Feb 2024 23:22:35 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FB1F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-ajuQAAAKjAyQM4
1 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-ajuQAAAKjAyQM4
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 23:22:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-fty21370-FTY
pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677108155.358486,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-ajuQAAAKjAyQM4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame BC6B 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7e-31a4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Feb 2024 23:22:35 GMT
montserrat-700-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame BC6B 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7f-3230"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Feb 2024 23:22:35 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6B4F 		70 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 6B4F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_ajujc1ydk_A-QzTynpngAAEm0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
35WCHRADV4HBR467B3GT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 6B4F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_ajujc1ydk_A-QzTynpngAAEm0AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFhe4v0VODHt4hZ4donqqF4&google_cver=1
43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFhe4v0VODHt4hZ4donqqF4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
104.18.25.185 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnJXOPpcMwgv0uodeCl6ftcSN%2Bt6zaffHwdC%2FJNmYtmf01X9dCcUHCOUWF%2BGXaiuWt%2FlU%2BlfwmPniOc5NZDfcZ3PmtlElKBRh4PnRDz629hvWmtglTAfk4gL5018G2reUMVzV0NH50mo3A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
79db76f3a98f2b30-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFhe4v0VODHt4hZ4donqqF4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6B4F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-ajujc1ydk-A.QzTynpngAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH3cubcdzGT8736veeLNznA&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH3cubcdzGT8736veeLNznA&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH3cubcdzGT8736veeLNznA&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6B4F
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=AA004B20EEAA4105BD6F5363719A6464
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=AA004B20EEAA4105BD6F5363719A6464
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Wed, 22 Feb 2023 23:22:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=AA004B20EEAA4105BD6F5363719A6464
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 21 Feb 2023 23:22:35 GMT
rum
dsum-sec.casalemedia.com/ Frame 6B4F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=VwwIMXjRSQlRsqZHTn1VLGfR_oI
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=VwwIMXjRSQlRsqZHTn1VLGfR_oI
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=VwwIMXjRSQlRsqZHTn1VLGfR_oI
Date
Wed, 22 Feb 2023 23:22:36 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 6B4F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b5ea63f6-a3bb-4500-ba36-f095ab8e756b
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b5ea63f6-a3bb-4500-ba36-f095ab8e756b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 22 Feb 2023 23:22:35 GMT
Server
MT3 475 4bd2ccd master nrt-pixel-x19 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b5ea63f6-a3bb-4500-ba36-f095ab8e756b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 22 Feb 2023 23:22:34 GMT
ibs:dpid=23728&dpuuid=Y-ajujc1ydk-A.QzTynpngAA%264717
dpm.demdex.net/ Frame 6B4F 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y-ajujc1ydk-A.QzTynpngAA%264717?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.41.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-41-200.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v042-0e9ed4ddf.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
uKTSxMU8Sf0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ecm3
s.amazon-adsystem.com/ Frame 6B4F 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y_ajujc1ydk_A-QzTynpngAAEm0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
50EP9K4EQ6J56C03F8Y7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame C45F 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
87103957dd6c71be7e62d890126ef363a3a7e0d5a23a3230178ccbdcc97b05fc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 23:22:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 22:31:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83280
Connection
keep-alive
Content-Length
10007
Expires
Thu, 23 Feb 2023 22:30:35 GMT
main.19.8.396.js
static.adsafeprotected.com/ Frame 3884 		200 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.396.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=21942072462&placementId=5084295962&pubCreative=138347629745&pubOrder=2553375348&cb=247157887&custom=index&custom3=21851376062&adsafe_par&impId=c9dfbe90-b307-11ed-9329-0679fa08ad36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-37.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
854b12042041b451eabf547b7c578cb08350b87d7de8a0957d03622c3debcb1d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 17:49:31 GMT
x-amz-version-id
u6PwIt5oyrD9JOBS59ZigtC0VtPK2hUT
content-encoding
gzip
via
1.1 0e57ab7e4e13f8d49df5255d2b26c06e.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P1
age
106385
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 21 Feb 2023 17:12:17 GMT
server
AmazonS3
etag
W/"983a4d0ba9b63de6b68107a3951b2e52"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Hb529f7OxGiGH6lqP54M6W33I0ls0V4ai2qu80Z0yZTXjZFX1olSWQ==
partner
sync.search.spotxchange.com/ Frame FB1F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-ajuQAAAKjAyQM4&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-ajuQAAAKjAyQM4&img=1&__user_check__=1&sync_id=ca7f89ac-b307-11ed-b456-1eadad6c0107
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-ajuQAAAKjAyQM4&img=1&__user_check__=1&sync_id=ca7f89ac-b307-11ed-b456-1eadad6c0107
Protocol
HTTP/1.1
Server
103.71.26.126 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 23:22:36 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
52
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 22 Feb 2023 23:22:36 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=6409&uid=Y-ajuQAAAKjAyQM4&img=1&__user_check__=1&sync_id=ca7f89ac-b307-11ed-b456-1eadad6c0107
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
49
Connection
keep-alive
Content-Length
0
generate_204
tpc.googlesyndication.com/ Frame F8D3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?y74WzA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
b.php
www.facebook.com/fr/ Frame FB1F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y-ajuQAAAKjAyQM4&t=2592000&o=0
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y-ajuQAAAKjAyQM4&t=2592000&o=0
Protocol
H3
Server
157.240.15.35 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 15:22:35 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
zE5Ix8IO82p8ZdIGpkKLbr7gAza91fUe4U+z1aKegLVZLqvK49lBAAG+D/s8vhRA0OZPBygIv5uHKc+lXex/SQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
origin-agent-cluster
?0
cache-control
public, max-age=0
priority
u=3,i
expires
Wed, 22 Feb 2023 15:22:35 PST

Redirect headers

x-served-by
cache-fty21370-FTY
pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677108156.555513,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y-ajuQAAAKjAyQM4&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ecm3
s.amazon-adsystem.com/ Frame C45F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LEGAW4F6-P-HOVR
  • https://s.amazon-adsystem.com/ecm3?id=LEGAW4F6-P-HOVR&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LEGAW4F6-P-HOVR&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SV2W9EQB2BH2SWSK2GGB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LEGAW4F6-P-HOVR&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Expires
0
match
c1.adform.net/serving/cookie/ Frame 9C38 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 211A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c5a963f6-a3bb-4500-8c4f-4616cc457ee6&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c5a963f6-a3bb-4500-8c4f-4616cc457ee6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:22:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 22 Feb 2023 23:22:35 GMT
Expires
Wed, 22 Feb 2023 23:22:34 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 475 4bd2ccd master nrt-pixel-x24 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c5a963f6-a3bb-4500-8c4f-4616cc457ee6&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 2502 		85 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 22 Feb 2023 23:22:35 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fty21370-FTY
x-timer
S1677108156.648064,VS0,VE14
ecm3
s.amazon-adsystem.com/ Frame E6D8 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDACD4DC89-595E-44FC-82AC-72170E50D132
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 22 Feb 2023 23:22:35 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ZM46EFC933T8VD0VPDMA
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6D40
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rNTciVleRPyCrHIXDlDRMg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.207.180.199 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=172156
accept-ranges
bytes
content-length
5554
expires
Fri, 24 Feb 2023 23:11:51 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 6D40
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=ACD4DC89-595E-44FC-82AC-72170E50D132
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEFDRDREQzg5LTU5NUUtNDRGQy04MkFDLTcyMTcwRTUwRDEzMhAAGg0Iu8fanwYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=43e7c67a8aea897eed261609f8634bc8ae5577c2844e2846838c14819a72eef3791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA0M2U3YzY3YThhZWE4OTdlZWQyNjE2MDlmODYzNGJjOGFlNTU3N2MyODQ0ZTI4NDY4MzhjMTQ4MTlhNzJlZWYzNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA0M2U3YzY3YThhZWE4OTdlZWQyNjE2MDlmODYzNGJjOGFlNTU3N2MyODQ0ZTI4NDY4MzhjMTQ4MTlhNzJlZWYzNzkxNDI2YjU0MTdkY2UyMRAAGgwIvMfanwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=80847ca0-c185-448e-8871-f7f2c4f73926
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=80847ca0-c185-448e-8871-f7f2c4f73926
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
35.190.60.146 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=80847ca0-c185-448e-8871-f7f2c4f73926
date
Wed, 22 Feb 2023 23:22:37 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
info
uipglob.semasio.net/pubmatic/1/ Frame 6D40 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 6D40
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUNENERDODktNTk1RS00NEZDLTgyQUMtNzIxNzBFNTBEMTMy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:22:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6D40
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHeZEPW_vNw4aQgCqo0lqsE&google_cver=1
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHeZEPW_vNw4aQgCqo0lqsE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:22:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHeZEPW_vNw4aQgCqo0lqsE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6D40
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B6F1F1BB10AE4E7192DC4D015AF4FF9C
42 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B6F1F1BB10AE4E7192DC4D015AF4FF9C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:22:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 22 Feb 2023 23:22:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B6F1F1BB10AE4E7192DC4D015AF4FF9C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 21 Feb 2023 23:22:35 GMT
ACD4DC89-595E-44FC-82AC-72170E50D132
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6D40 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/ACD4DC89-595E-44FC-82AC-72170E50D132?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.132.54 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
cm
trc.taboola.com/sg/adobe/1/ Frame FB1F 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms
413
pragma
no-cache
date
Wed, 22 Feb 2023 23:22:36 GMT
via
1.1 varnish
x-served-by
cache-fty21346-FTY
server
nginx
x-timer
S1677108156.210444,VS0,VE413
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame C45F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/FyfaHNP-oQiGRg93p0LN8w?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-OEixWr5E2oLOSET2ag1l4ZrYkuTKUT1DozR8ww--~A
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-OEixWr5E2oLOSET2ag1l4ZrYkuTKUT1DozR8ww--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 22 Feb 2023 23:22:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-OEixWr5E2oLOSET2ag1l4ZrYkuTKUT1DozR8ww--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame C45F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELCOOyEa7epjzkZhdiwP4go&google_cver=1
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELCOOyEa7epjzkZhdiwP4go&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELCOOyEa7epjzkZhdiwP4go&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame C45F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_43pOYKEQ46r5rmdYDg0JQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_43pOYKEQ46r5rmdYDg0JQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_43pOYKEQ46r5rmdYDg0JQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9636YVY76E6TK0EW7JCP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_43pOYKEQ46r5rmdYDg0JQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame C45F 		70 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 22 Feb 2023 23:22:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C45F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVHQVc0RjYtUC1IT1ZS
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVHQVc0RjYtUC1IT1ZS
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVHQVc0RjYtUC1IT1ZS
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame C45F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEGAW4F6-P-HOVR
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEGAW4F6-P-HOVR
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
13.107.42.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:35 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 56A3265850FA4365A3FAF5643205CFDE Ref B: MEL01EDGE1312 Ref C: 2023-02-22T23:22:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX1UivnVsntLOUypGDR7g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEGAW4F6-P-HOVR
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame C45F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWI5Zjk0ODY4ZDA0MmVjZDk2YzYxYzA2OThjNDkwYjgxNzhhZDE2MA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWI5Zjk0ODY4ZDA0MmVjZDk2YzYxYzA2OThjNDkwYjgxNzhhZDE2MA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWI5Zjk0ODY4ZDA0MmVjZDk2YzYxYzA2OThjNDkwYjgxNzhhZDE2MA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame C45F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CPB9D6V909QVXHFR04SF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
0
sync.1rx.io/usersync/adobe/ Frame FB1F 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.40.73.5 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:36 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.19.163 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 22 Feb 2023 23:22:36 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.19.163 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://supercoach.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 22 Feb 2023 23:22:36 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
async_usersync.html
acdn.adnxs.com/dmp/ Frame C17C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
60500
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 22 Feb 2023 23:22:35 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 19 Feb 2023 22:55:08 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3, 5162
X-Served-By
cache-lga13626-LGA, cache-fty21322-FTY
X-Timer
S1677108156.852118,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 8002 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
332
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
79db76f698d929a4-MEL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 23:22:35 GMT
expires
Thu, 23 Feb 2023 03:22:35 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 958E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.199 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=172156
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 22 Feb 2023 23:22:35 GMT
expires
Fri, 24 Feb 2023 23:11:51 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D834 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Feb 2023 23:22:35 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame D834 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
87103957dd6c71be7e62d890126ef363a3a7e0d5a23a3230178ccbdcc97b05fc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 23:22:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 22:31:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83280
Connection
keep-alive
Content-Length
10007
Expires
Thu, 23 Feb 2023 22:30:35 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6741 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFDjpNjXXgj0hOysdQLw_9z1VzmCyVd6icMYE7Ye37ed4lCVzPVD9nhEXHJBXcGCCvnqcvxLgjRX0tT_lRHElr7LUq&sig=Cg0ArKJSzHIygS9IiVXREAE&cid=CAASFeRof9aN4g7hpYaYQNELFBhzB4gJIg&id=lidar2&mcvt=1000&p=700,995,950,1295&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230221&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=260713786&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677108154140&rpt=803&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame EB89 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-37.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 0e57ab7e4e13f8d49df5255d2b26c06e.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P1
age
13333580
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
UiqkxZj4MSYKEq73kT1tNXdG_-Hgt-K0Ug7BeKSxbhscRg0FLQQ6HQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=728x90|2&pubId=36557831&chanId=21942072462&placementId=5084295962&pubCreative=138347629745&pubOrder=2553375348&cb=247157887&custom=index&custom3=21851376062&adsafe_par&impId=c9dfbe90-b307-11ed-9329-0679fa08ad36&adsafe_url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:e3663a92-5bfe-7c5e-5ca6-dd3a3ebf8f6d,c:4ZKrlx,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-experiment-primary-6455d6dbbb-nlwb2,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:440.5364.728.90,am:i,cc:440.5364.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:746,mot:0,app:0,maw:0,fm:twDAU8u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1a133%7C1a134%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n*.10507%7C1n1%7C1o1%7C1o2%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1n*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:774,oid:c9e3dd23-b307-11ed-ab52-6eedd8463231,v:19.8.396,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.151.157.82 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:36 GMT
server
nginx
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usermatch
ssum-sec.casalemedia.com/ Frame ADE6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
72785b69f547df3dcdbc5ad7d56c2661477e25c4380251a1ffadbe36da36d4ba

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
79db76f798645a91-MEL
content-encoding
br
content-type
text/html
date
Wed, 22 Feb 2023 23:22:36 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1A5JAN7Tnj0wjruEJ7O4Yw67BlmlMrcOQ87vGedcode378j%2BToPBdbYLL0VC91zun9V5dXdgncwsHomk0BOvE0Y7fjRMIFgJ8K7yyyxIIuMMn3sgp3IvFEW66z969UkqjcN8FUZslW1RrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame C17C 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:36 GMT
AN-X-Request-Uuid
d833b156-42ab-4ea5-bdfd-9c19e82a89db
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e3663a92-5bfe-7c5e-5ca6-dd3a3ebf8f6d&tv=%7Bc:4ZKrmm,pingTime:-2,time:824,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:195,beZ:197,mfA:941,cmA:943,inA:943,inZ:950,prA:950,prZ:961,si:969,poA:970,poZ:985,cmZ:985,mfZ:985,loA:1000,loZ:1003,ltA:1018,ltZ:1018,mdA:197,mdZ:913%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:773%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:824,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:773,wc:0.0.1600.1200,ac:440.5364.728.90,am:i,cc:440.5364.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B75~0%5D,as:%5B75~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:twDAU8u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1a133%7C1a134%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n*.10507%7C1n1%7C1o1%7C1o2%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1n*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:774,slid:%5Bgoogle_ads_iframe_/5129/sport.supercoach/lobby/heraldsun/home/null/null_0,google_ads_iframe_/5129/sport.supercoach/lobby/heraldsun/home/null/null_0__container__,ad-block-728x90-1,vm-ScrollableComponent-main%5D,sinceFw:48,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.78.36 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:37 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021601&jk=2904903277434839&bg=!kZKlksbNAAZYlHKzeJQ7ADkAdvg8Wr7uPqFBzXmch5BLj5fJY4yRebT9GCBku1f187aTyx1RCo7Y65Wg2-_TOXeoPQGoWF_jzXwCAAAAqVIAAAADaAEHmQKnXNZy5vI9N9wpGu6c3D-qdJInp7IUYVtHTcasKVVK3J110pcGA8rgL_brukN23jU9Y8gcch2BePyjOLz8OKQ-TT8025SKnFX_JePSmhNukT9pf-fXl4JBbFtzwtQ_67SqhK80soENKmetee_G6C7zKHRjEbqzQzikJTsrZa9vPwTDMiUW3VmMWDqKhzjsjPPCRIhz3m1yX1k9dHolJWl86Km65TNvzJZgnNZqa4u9-hInivSbBeM_nyQbZOOmUAY74YOwlFVP7eLmDRCdT5yLZlYphcJZ1TRiRAGCyban1uLvLcBEee4AIOhyT602Z1ObgbmKuYMh2LL9zWgSghJRZ0eJrIMhEUCHB8g8JHjAlFChquy-6zWRKJrECdnucguHLUSIn9MJr8f2BXQgEwwtzgfm10hIpZz7Ac8LFMjgT3PEn0iNQvTgWmiN2pJQ22OFOOnzFIRTdYkz3fmUDVLhJMNypSbRnV2gqVbZvhlkMqGoqbV2vTV4ebwTln5T_K2nLkIeYreUKJ9vCR789GzFqqlcojIzu8j7lVHXE1rFxOHzi5oGKy9mfHM4yI02BOQHLjkqZJ7sGp7YBdTi-MRpKCXgp30n_p48kf3uwt6o0Uu2725qP0y6lP1wel_oZDi7BvTMQioSSaJAIGi9-h9UHRzA7M8M19bSat4HUrX85eGqSOBj9tWK_2A6hLKrHfmp_68WAxmPlC8c-IovP2DqSKdyuX9I5uomAsLFcpH5k1wWGszrAOOnkCF-m_V5rsZQfWxvjTQ6n8iKEipfAD-s7fRCnleZhDrC2wev0Mck3S652F05gfmqPweT47NfWxoYBscIPvJyDC-VVRDEJc5NQr1mQJgq_Tlu-GxUfa14pFVbK7bY6a1ZF2mk1LWy-Oi-B_WH18zmWw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e3663a92-5bfe-7c5e-5ca6-dd3a3ebf8f6d&tv=%7Bc:4ZKrmW,time:860,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:860,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:773,wc:0.0.1600.1200,ac:440.5364.728.90,am:i,cc:440.5364.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B111~0%5D,as:%5B111~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:twDAU8u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1a133%7C1a134%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n*.10507%7C1n1%7C1o1%7C1o2%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1n*,rmeas:1,rend:1,renddet:IMG.qs,siq:774%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.78.36 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:37 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
all
csm.as.criteo.net/ Frame BC6B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=VETJH26bOfTqye8K7D5PC853OLOiYyzM0fhp-UzOWdtrnE2Pr9vd7KVQuM0C1HNAm67pXCKReF1wSPGe0m444wZDuxEtKeqHNgJLbuMTrbMplqTMGeR57-gjOkpmSCs-zDz3HxJnv2VoCNQQk9IZXFxzmSsTm_bKmqfKbifNgSKngED7AViz7vqeJjls2OUW27VnGX8B65vW5GVfJ0J6x1MeghT3-usqKTeXI8wdkBAbPkLAuknqhd7MvQy_DtDFn19Owg&sds=2&rev=84699&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_ajuQAJ1scKaGdNAAc2bTHTIJgrFQusokQR6A&u=%7CBRetpZLsNiI%2B3Vjq5Iob9Ue6CdL6lzc6vpLx1TY1X%2Bo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIIJgC7uouJnAbiVEMpUA2hsS_wa_OAMRSywKKuBfADljbHMhIfvTc-6YdaISoUHnz5KRCDfrghaxK_1NrbAKaJHIQ4v37FEdE-luwefLJisUHsWw5M1TVLJKQHiDMJRzX9oWLyUZYTeItKPihtjpuxgnXbicXc4-t9PZadKD8Hx-OoJ1Otqz-WNJ8kDIb9TF4q-1-iQxCPLIKk4oL_5SOlfVFIq_LPnOAHP2nrTxQiCggZMFdA5Opqe9cXt5Zej79OMFDTPH06TQu3MC_9LzHTIobwD6GAa53JNBLmKtpkCld4HOg333q5XaDSR6dyEPvlRrWpqeQrdLlN_eKzNd5w91EgOP5MshM10kpJz3OEc1BoGuggk6BdgRINmbfhW9N72gwvAfVmUgmZvfzbO1_va7fBQnF2BYu8SueNLz3C4LiuSQGR4OSLMe-lpdoA_dY3AEbC4JgpsWWC4CB-XTo6ufoXq08ZIC3HSxHg_wV1hOO0J1hUGntz95YZFLdC5VNOMR1_EZBH_C8t9uAeIfuQTJ2h3P2q1s3SOtxFFXBCPrO2t36_J1H_OJtBI1Egu5x9WMaD3k9AK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WmhuaP2Y8etJ83OoQPt7JzQApj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQmpAhAqDTYS9KY-4AIAqAMBqgSaAk_QrV0N2MShrFqvuP5_7j63ML2LPRnnVHofWtZCWw7XS_3jJm-Tgu72yjRwT7HItgxICXYwVuXjmaV11GBz0tgPL8gOpTRbXA265ZeHBwtgYZDQX4ryA8kcCKFduVCyFwY687qiqwxVD_s4xgHz3Q78ZVB4UtsMQpHzuFMtGveTnhzIl9BXtpWhyOq0xSK-cxbrqJ_LkWhUcgBnZu6ptNTsn-iRzNJbg_IyNcW_XybGLMQdZ8VcZ3zP0vwOgusVwGDwDsUiMq1IMZe9-9IY9Owr74gNLbHg6nzS7b59R_35KEvxeRDDRdTvSZUvsAXEQIKGvOUO9HkkykYuKlZYBMp3Oik1aAHUxUaoAlhMj5rKww7Xw2LnHPaS9OAEAYAGoL_E6_6Wqfq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25t8X69TGOnUrGoC0zQy7d7qzbkA%26client%3Dca-pub-9172700587175332%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 22 Feb 2023 23:22:35 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
crum
dsum-sec.casalemedia.com/ Frame ADE6
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3305234269175720309
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3305234269175720309
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 22 Feb 2023 23:22:36 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e683f0ee-4e9a-4968-9f89-112498285ad7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3305234269175720309
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y_ajujc1ydk_A-QzTynpngAAEm0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame ADE6 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y_ajujc1ydk_A-QzTynpngAAEm0AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.132.54 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Y_ajujc1ydk_A-QzTynpngAAEm0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame ADE6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y_ajujc1ydk_A-QzTynpngAAEm0AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y_ajujc1ydk_A-QzTynpngAAEm0AAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y_ajujc1ydk_A-QzTynpngAAEm0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
54.169.132.54 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y_ajujc1ydk_A-QzTynpngAAEm0AAAIB
date
Wed, 22 Feb 2023 23:22:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cs
ad.turn.com/r/ Frame ADE6 		0
0
rum
dsum-sec.casalemedia.com/ Frame ADE6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-ajuQAAAKjAyQM4
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-ajuQAAAKjAyQM4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fty21370-FTY
pragma
no-cache
date
Wed, 22 Feb 2023 23:22:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677108156.497781,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-ajuQAAAKjAyQM4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame ADE6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-ajujc1ydk-A.QzTynpngAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH3cubcdzGT8736veeLNznA&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH3cubcdzGT8736veeLNznA&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH3cubcdzGT8736veeLNznA&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=23728&dpuuid=Y-ajujc1ydk-A.QzTynpngAA%264717
dpm.demdex.net/ Frame ADE6 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y-ajujc1ydk-A.QzTynpngAA%264717?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.41.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-41-200.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v042-0f28e39eb.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7vU4ScDvSRU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame ADE6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=ImCkaJZrN_I_SL1wcV8Y&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SLNINVWC...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=ImCkaJZrN_I_SL1wcV8Y
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=ImCkaJZrN_I_SL1wcV8Y
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:38 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=ImCkaJZrN_I_SL1wcV8Y
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame ADE6 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y-ajujc1ydk-A.QzTynpngAA%264717
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
1241
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
79db76faa8fe2b2e-MEL
content-length
43
expires
Thu, 23 Feb 2023 23:22:36 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e3663a92-5bfe-7c5e-5ca6-dd3a3ebf8f6d&tv=%7Bc:4ZKrwH,pingTime:-10,time:1465,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS4xMDAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1677108156727%7C%7Cd782cbd8f6a4e0c7d62dca6c7448c660%7C%7C41c5992836ce3b548d2ab9f4e4ccb0b4%7C%7Ce79ee4ff708b63b4707d70f7d33fa27f%7C%7C5e8f18525fe643b0b782f0ad217fc8c6%7C%7C3a024df33103ddb0c863c5ba371ef7db%7C%7C45b79bdeb030101c51ffcb8ad683389e%7C%7Cc2b981b1f234628f46ace287a75d22ca%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.78.36 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:37 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync
ib.adnxs.com/ Frame C17C 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:22:37 GMT
AN-X-Request-Uuid
56b353cf-16b9-475d-8a41-31d9f292485d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 6D40 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 958E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=41175978&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4584b27cf853d2e88679ed5cc010f65d67bb80152f7ee2a27dac4793f4bceb73

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 22 Feb 2023 23:22:39 GMT
content-length
1880
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 204D
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z227b3ier56
1 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z227b3ier56
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 23:22:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Wed, 22 Feb 2023 23:22:39 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z227b3ier56
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0B46
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3305234269175720309&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3305234269175720309&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:22:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
8c2555b6-787b-494d-8151-b29e44a58d0f
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 22 Feb 2023 23:22:39 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3305234269175720309&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame BC24
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HUyDOEpMh2gGR9U6TUzIORsZhD4GTdY2Exyszoos
42 B
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HUyDOEpMh2gGR9U6TUzIORsZhD4GTdY2Exyszoos
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:22:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 22 Feb 2023 23:22:39 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HUyDOEpMh2gGR9U6TUzIORsZhD4GTdY2Exyszoos
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame CB46
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:22:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:22:38 GMT
expires
Wed, 22 Feb 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1112601
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 7323
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=vEeeLBy3CsWj8oi0v6P2Yw
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=vEeeLBy3CsWj8oi0v6P2Yw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:22:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 23:22:39 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=vEeeLBy3CsWj8oi0v6P2Yw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 9A33 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 22 Feb 2023 23:22:39 GMT
Pragma
no-cache
Server
nginx
expires
-1
qmap
sync.crwdcntrl.net/ Frame 958E
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=ACD4DC89-595E-44FC-82AC-72170E50D132&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=ACD4DC89-595E-44FC-82AC-72170E50D132&gdpr=0&gdpr_consent=&ct=y
49 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=ACD4DC89-595E-44FC-82AC-72170E50D132&gdpr=0&gdpr_consent=&ct=y
Protocol
H2
Server
52.76.99.209 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:39 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.24.193
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:39 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=ACD4DC89-595E-44FC-82AC-72170E50D132&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.23.78
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 958E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=ACD4DC89-595E-44FC-82AC-72170E50D132
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=7f302f88-3a89-459f-a1d8-42733c31cae5%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&ttd_puid=7f302f88-3a89-459f-a1d8-42733c31cae5%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&ttd_puid=7f302f88-3a89-459f-a1d8-42733c31cae5%2C%2C
Protocol
H3
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:39 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&ttd_puid=7f302f88-3a89-459f-a1d8-42733c31cae5%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
Pug
simage2.pubmatic.com/AdServer/ Frame 958E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&gdpr=0&gdpr_consent=
42 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&gdpr=0&gdpr_consent=
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:22:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:22:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f4a2f244-aabe-4c6a-9ab2-38fde96e7581&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame 958E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ACD4DC89-595E-44FC-82AC-72170E50D132&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HLfUL4lE2uXcH97gQ8O8_TAczetbWCg-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HLfUL4lE2uXcH97gQ8O8_TAczetbWCg-~A&gdpr=0
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HLfUL4lE2uXcH97gQ8O8_TAczetbWCg-~A&gdpr=0
date
Wed, 22 Feb 2023 23:22:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
c1.adform.net/serving/cookie/ Frame 958E 		0
0
sync
x.bidswitch.net/ Frame 958E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5568ccc7-59c5-4ea5-bffd-02f2288e27f1
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5568ccc7-59c5-4ea5-bffd-02f2288e27f1
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=659f28e0-481d-47fe-8ff6-df957959bc73&user_group=1&ssp=pubmatic&bsw_param=5568ccc7-59c5-4ea5-bffd-02f2288e27f1
0
0
SPug
simage4.pubmatic.com/AdServer/ Frame 958E 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d.turn.com
URL
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&cid=ACD4DC89-595E-44FC-82AC-72170E50D132&gdpr=0&gdpr_consent=
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=ACD4DC89-595E-44FC-82AC-72170E50D132&sInitiator=external&gdpr=0&gdpr_consent=
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=21
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=659f28e0-481d-47fe-8ff6-df957959bc73&user_group=1&ssp=pubmatic&bsw_param=5568ccc7-59c5-4ea5-bffd-02f2288e27f1

Verdicts & Comments Add Verdict or Comment

361 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless object| oncontentvisibilityautostatechange function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| utag_data object| auth object| loginStatusPromise object| FB object| __twttrll object| twttr object| __twttr object| __buffer object| _vms object| webpackChunklobby_news_hwt object| ADB object| vidora_ns object| vidora function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched object| global object| process function| introJs object| __zone_symbol__testPassivefalse object| __zone_symbol__ON_PROPERTYtestPassive object| __zone_symbol__messagefalse object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__orientationchangefalse object| googleImaVansAdapter boolean| VIDEOJS_NO_DYNAMIC_STYLE object| __zone_symbol__loadfalse function| videojs object| httpStreaming function| videojsPerSourceBehaviors function| videojsBcAnalytics function| videojsErrors object| videojsBcCatalog object| videojsDock function| videojsPlaylist function| videojsSsai function| bc function| __zone_symbol__ON_PROPERTYload function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| utag_cfg_ovrd object| VM object| __zone_symbol__onlinefalse object| __zone_symbol__offlinefalse object| __zone_symbol__focusfalse object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| fetchGDPR function| _tealium_old_error function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse boolean| __tealium_twc_switch object| newskey object| m object| nb string| gtagRename object| dataLayer function| gtag object| sectionData number| _sf_endpt object| __alloyMonitors object| __alloyNS function| alloy object| ads_api number| gptPluginLoaded object| apstag number| gcTicker function| rdt string| TiktokAnalyticsObject object| ttq function| snaptr function| fbq function| _fbq function| twq object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent number| interval object| nca_ipsos function| __zone_symbol__ON_PROPERTYscroll object| __zone_symbol__scrollfalse object| dm object| ipsos_ready object| ads_core object| ads_extra object| googletag function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig boolean| excludeKargo object| adUnits object| pbjs object| __iasPET object| kw_ignore object| mready object| __zone_symbol__pagehidefalse object| metrics object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts object| __zone_symbol__ON_PROPERTYmessage function| setImmediate function| clearImmediate object| ID5 function| pbjsChunk object| _pbjsGlobals object| apsUnits function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc object| _cb_shared object| __zone_symbol__blurfalse object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| ggeac object| google_tag_manager string| GoogleAnalyticsObject function| ga object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow object| __zone_symbol__beforeunloadfalse string| matchId object| KAMPYLE_EMBED object| npt object| __zone_symbol__pageshowfalse object| brandmetrics function| __assign boolean| isAlloyConfigured boolean| apstagLOADED object| apscustom object| ajax object| instance object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| __zone_symbol__unloadfalse object| $this object| providersData function| __spreadArray object| __zone_symbol__touchstartfalse object| __zone_symbol__keypressfalse object| _brandmetrics object| GooglebQhCsO undefined| google_measure_js_timing boolean| hasApsUnits object| ads_ready object| Criteo object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

29 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
supercoach.heraldsun.com.au/ Name: _com.auth0.auth.mJTcfMaqfiXB-uh8Ys0_SMJXQ58MfAiM_compat
Value: {%22nonce%22:%22SORsCMdxY69g0o7FIYS1r3yVq1Ia0arN%22%2C%22state%22:%22mJTcfMaqfiXB-uh8Ys0_SMJXQ58MfAiM%22}
supercoach.heraldsun.com.au/ Name: com.auth0.auth.mJTcfMaqfiXB-uh8Ys0_SMJXQ58MfAiM
Value: {%22nonce%22:%22SORsCMdxY69g0o7FIYS1r3yVq1Ia0arN%22%2C%22state%22:%22mJTcfMaqfiXB-uh8Ys0_SMJXQ58MfAiM%22}
.heraldsun.com.au/ Name: utag_main
Value: v_id:01867b6f7e0b001637dc21c344ee03074002406c00b08$_sn:1$_se:1$_ss:1$_st:1677109949772$ses_id:1677108149772%3Bexp-session$_pn:1%3Bexp-session
.supercoach.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.8297348521208221
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19411%7CvVersion%7C5.1.1
.heraldsun.com.au/ Name: metrics_pcsid
Value: not%20set
.doubleclick.net/ Name: IDE
Value: AHWqTUkjj57d5KgQr7zw__Qr3JMGm7EsUR8_ge6_7n9asZX9MUsxlT4iT8dfI349jJI
.heraldsun.com.au/ Name: _cb
Value: McTAWC5LLhYBvR4bR
.heraldsun.com.au/ Name: _chartbeat2
Value: .1677108150753.1677108150753.1.DI9oDOCHUkOTMlle7s0pTfC8T5qe.1
.heraldsun.com.au/ Name: _cb_svref
Value: null
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: 56981b08-786e-4148-8ccf-d650e3a746da.1677108151.1.1677108151.1677108151.30db1001-7ef2-42a5-8bc6-8ac39598426e
.heraldsun.com.au/ Name: _ncid
Value: e1da4b85bea80c69a08cbbfb4eb24b4d
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1677108151039.963119141
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.1959340865.1677108151
supercoach.heraldsun.com.au/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
supercoach.heraldsun.com.au/ Name: _lr_retry_request
Value: true
supercoach.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
.heraldsun.com.au/ Name: _schn
Value: _jp41q8g
.heraldsun.com.au/ Name: _scid
Value: d40f3860-6c16-4d8f-9845-aab2c20fa2cb
.demdex.net/ Name: demdex
Value: 24030478256935597361233864095430359157
.tiktok.com/ Name: _ttp
Value: 2M7AGV6cVoZmDwmComrtHKqDhA0
supercoach.heraldsun.com.au/ Name: mdLogger
Value: false
supercoach.heraldsun.com.au/ Name: kampyle_userid
Value: 68ca-3bef-bdbf-1daa-073a-e169-772f-aff4
supercoach.heraldsun.com.au/ Name: kampyleUserSession
Value: 1677108151666
supercoach.heraldsun.com.au/ Name: kampyleUserSessionsCount
Value: 1
supercoach.heraldsun.com.au/ Name: kampyleSessionPageCounter
Value: 1
supercoach.heraldsun.com.au/ Name: kampyleUserPercentile
Value: 18.16335941213756

9 Console Messages

Source Level URL
Text
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=631542279778.3805?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=631542279778.3805?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=631542279778.3805?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
other warning URL: https://f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=ACD4DC89-595E-44FC-82AC-72170E50D132&sInitiator=external&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://ad.turn.com/r/cs?pid=21
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.as.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.com.au
alb.reddit.com
an.yandex.ru
analytics.tiktok.com
analytics.twitter.com
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-script.dotmetrics.net
au.pixel.newscgp.com
au.tags.newscgp.com
b1sync.zemanta.com
beacon.krxd.net
bidder.criteo.com
bs.serving-sys.com
c.amazon-adsystem.com
c1.adform.net
cat.sg1.as.criteo.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn1.adoberesources.net
check.analytics.rlcdn.com
cm.ambientdsp.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
collector.brandmetrics.com
connect.facebook.net
content.api.news
csm.as.criteo.net
d.turn.com
d32guktqcrn2b4.cloudfront.net
dis.criteo.com
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
edge.adobedc.net
eus.rubiconproject.com
f320ab3e7a70c50f426a6d52412a1166.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image5.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
ipac.ctnsnet.com
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
lm.serving-sys.com
match.adsrvr.org
metrics.heraldsun.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
newscorpau.demdex.net
o479328.ingest.sentry.io
omny.fm
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pix.as.criteo.net
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.zprk.io
platform.twitter.com
players.brightcove.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
ps.eyeota.net
pubads.g.doubleclick.net
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rm-script.dotmetrics.net
rtb.jp2.as.criteo.com
s.amazon-adsystem.com
sc-static.net
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
supercoach.heraldsun.com.au
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
syndication.twitter.com
t.co
tags.bluekai.com
tags.news.com.au
tags.rd.linksynergy.com
tags.tiqcdn.com
tips.com.au
token.rubiconproject.com
tpc.googlesyndication.com
tr.snapchat.com
trc.taboola.com
udc-neb.kampyle.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.news.com.au
www.omnycontent.com
www.redditstatic.com
x.bidswitch.net
yajljxnv28nwvymnn8ijtasjyyjwq1677108152.nuid.imrworldwide.com
ad.turn.com
c1.adform.net
d.turn.com
uipglob.semasio.net
x.bidswitch.net
103.229.10.171
103.229.205.242
103.231.98.193
103.231.98.194
103.231.98.195
103.231.98.196
103.71.26.126
104.16.86.20
104.18.10.47
104.18.11.47
104.18.24.185
104.18.25.185
104.20.106.62
104.22.53.86
104.244.42.136
104.244.42.3
104.244.42.5
104.254.151.120
104.254.151.36
104.69.166.9
107.178.254.65
13.107.42.14
13.227.228.177
13.227.254.76
13.228.15.221
13.33.79.163
13.33.79.24
13.33.88.10
13.33.88.41
13.35.14.254
13.35.15.213
13.35.18.167
139.5.84.243
142.250.4.156
142.250.4.157
142.250.4.95
142.251.10.132
142.251.12.148
142.251.12.156
145.40.73.5
15.197.193.217
151.101.1.108
151.101.129.140
151.101.129.175
151.101.129.44
151.101.2.49
157.240.15.13
157.240.15.35
162.19.138.119
162.19.138.120
172.104.45.159
172.217.194.102
172.217.194.104
172.217.194.157
172.217.194.94
172.217.194.97
172.253.118.157
172.64.100.9
174.137.133.49
18.138.18.111
18.155.145.37
18.155.68.36
18.155.68.41
18.155.68.80
18.198.226.167
18.213.152.51
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
192.229.237.25
199.127.207.180
199.232.44.157
20.50.2.28
213.180.193.90
220.150.223.50
23.207.180.112
23.207.180.192
23.207.180.199
23.207.180.236
23.207.180.247
23.207.181.29
23.39.5.30
23.45.116.82
3.0.243.158
3.104.200.253
3.214.205.227
34.111.113.62
34.120.155.137
34.120.195.249
34.196.78.36
34.225.185.247
34.98.64.218
34.98.67.3
35.186.193.173
35.190.43.134
35.190.60.146
35.213.12.39
35.241.45.82
35.247.47.28
52.194.19.163
52.222.144.43
52.35.21.164
52.36.69.76
52.41.41.200
52.46.128.147
52.74.162.2
52.76.99.209
52.84.251.103
52.84.251.126
52.84.251.6
52.84.251.79
52.84.251.83
52.84.251.85
52.84.45.80
52.94.223.167
54.151.157.82
54.159.239.167
54.169.132.54
54.179.137.60
54.230.65.108
54.251.140.206
63.140.48.134
63.140.48.151
69.173.158.64
69.173.158.65
70.42.32.159
72.247.81.162
74.125.130.157
74.125.200.148
74.125.24.132
74.125.24.156
74.125.24.157
74.125.24.94
8.43.72.98
96.17.180.49
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
019756e91511a9b21fb52a032cdee194824d572957a81063aa17276c4dcabfed
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
024cd0e27516ec73f722b24f7b6fa8db52070a925bd909a18d3ef3f666c7ccfd
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
063c160558a5e2371f6c9c997695773937c868bcfe24c863851e8384b25f5813
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08424461d604369f06ece55690acc9f07d675f5433525cf544aef3e0ac48ac66
08521ed33214df099c037cff71468eb0c565633081ace195c9da6eb85a16c0fc
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09ef3185c70b92a89a42173554dcba0971bf6ff6807d8f2beb587eb211e38f8a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e6809406e07c770b85da35a4faf706f8750b5db94cdc475aa4dfa79033f80eb
0e978d238d5c41225bcd905cf8add12e444e2cf30f04691a949cebe0789f174c
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0ff9ef6b85bd1143ab294e2837bf1363e938de5869971280e1858140cc9966cc
1484780c45d02ababcf072d136c2129f9406905d2e6e616746271b8ee0f257f2
149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654
181fa83a06680650c0e2b20baefdb54f98d542cee596bbdd4cb1da88c71a6527
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1873c94c42119ef95ad52d8c28bc79e8d80402b2c7953f5031d3ee499f195f26
1abf66584a146abcfa0a1635ede00e0dfce3844c436628a7edbb924bbb2d67a5
1bfd4de1ee974914b69d3692bd5cfcf13ba3a1c6a5fc47a6e0691f79ca19b71f
1dabb10f9fbc8b4da438d3dd37af3f3202ac3184d83497536cdbaa1c12036a45
1e329edbe678b8a3615eeff892d7c5094ee04bb6a7256a9ab5a8e1d4a6d51d4f
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
21253b645972db8c8f07eab412d7bc2ec0de10a81144d544e340879822b4d35d
213cb40fff694b43f72ec5ab10fc1f76340c8399a6c4a4b91dccc84c300cea1f
24877a126b10a864b298c449c4f94706d4851fe20965e1a4bdc3b668ac2eac17
25bb1113068c1c7b9996ee51c22119c5379c6284be87e4b4000596a777a522ab
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
280ad61af97229c7866a95a04288e8dc4530bc8146cfc756e41b66394304bd41
28d3c4990c5bb406c545ecdb67410f4216f47fd67c8bc62532fdad5adc307efc
28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b8f1043b3d7ef835d3a829a1817e956d10b08e37e13ee821d3dcacb64b1a3c7
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2d9f855bc05b4c50160d984cff8e5a90f0520303418e3b2ae5077896643015b8
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3528195e6af4e53d97fa596f8c6e62b517d884e584bfb3e4d5de348447842c59
3559425f14d958dacef0c5077cf734553413a55948858114245f94dd822482dd
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
39b91692c06ed29cc94cac7da8112377fcf985c85d16f68f2068d6f89774298a
3bde7963c6171f24a8b6289eeec6af3276293c0f5a8abf95705d2ebce94687fe
3c20ecd7f8bdb7a15c4d074d5de74d7e0e5c55c0622af0b5d5068d484118ec3e
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d
3c83bf932306be5c15878e24a69b25ceaaa15049d0f9a112eb177f9991316e2f
3d251f5ee1c4ed268ca1753204e8209ac779d7cd1ed7103967d6d03e91de609e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e4ebcd05765b7a44a22a4e5bba0c6029d2f1ff6c2866619bcc0c328af0f911e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4234887a4c9024f9814bbd722d45b89a2e547abe0f842bcdce29f277cbed9666
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4468d08891fca625d4051ab4e7a33725527fe4174864c8c6866c93a88defe88a
4584b27cf853d2e88679ed5cc010f65d67bb80152f7ee2a27dac4793f4bceb73
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf
497d3d4831577f4709bd54ec99dfd082331edd599013d7911d5c812db2a9d47c
4af80fe1048b4d306169e5376911724488f1575da7e1e620e22762e97e53891f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4daa16a8baa1863d649ad0e3569a2ea5c3ef5584601ca8544eff030fb9c2cb29
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134
513567f0a1c3de9417ae31e22229e54b75812a12a6460343f4e965a49413ff9b
523dd657c4dfc24fb3581266d122a1addd4afcf2a391002b2fb2747a7ee4c085
52c784d524d2524b2da9d5951e288bf76a88929c42aa9db1d365602da50a28da
53486081237ff1c635b6e07b05c6f1ff37e24d49c861ae550cdc562246729a4a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550f31172d6616dd65b986ffed33b0d9400f220195367f15a980caa963349c75
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56409900ffa5c01279fcfe9f156fe2aae0c9de26e10a39bb3b6c666826eea12e
56963003b01734c810ca2aa6ac651871f418a1d54461f06a60bd7010b2bd8aa3
577b94cbe90ec2858d3ee76c40cf2a9919198c09c350491244913dc52228fda2
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59e252a74692a8029c6f1f033f68815f2781fbcb047327a49595bd88df50174d
5a2c5b0062c8c8e6e051deda1a8be773b4433371035d8d8de4975bc4f7bbc530
5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b
5bcbef40673f8648138302279bbb0eac86d3e9cfbffb1af5a0f047f42c93f2a6
5c3dbba7c890a831e950a7b2d65b422ee66701c267f375024660b3df0f9c9b21
5db93ff8f6e0112424b4ace4a4b7688ac223517a4cf12e36bc8cac5edae07c38
5e5f8726820e9fceadb021dcfb8f22324c0c6cefa269ed8d04c8420357a6b8d0
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
5ec99a6d64ea704dd5c8a65c1420223b5ab1728852637ba0b1e9debb6d811f89
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
5fa179bb6a43d208de3a3fcfb289e117067e152f9c6fcbd5b68a1187ea2210d9
5fa1979bb9116409ac7588abc493945fb06a9d0a17ae8baf22830c1a2ef9dc22
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60c17959019b9172f7c16a927e7fe6484e67e3e34951f5371e0cb063c41bf886
61267b54826ae5a02623658caa74fca683f84ccfe46eac3054e18e547c386441
618843158ccc24172fe7ac6ab8b755bf371cf5965c469407613041778e43e503
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633481ce37a872535a865e6095f9612b179508e20e917ae63fcf9adc5f63ce16
63d7c55af7a6f71f9829e2b37f8f664c7a6e28e282dd9d858ff0a61de03b9f55
64bef2d8024ff0095b597adc6b85c3ea22a68bc266e7bd22d49d90e7abdefa82
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
65623ba024c39f3e0fd17ce630f541d895db058b82ed92c78be467707add0d78
66016d3e82fa369412d7fbb1949d86dd4d4413437390c1ffb22262cddabe27be
67af5d26be860bfcb6d7db018155f558ff1dedaeafa98aca97e7042ca15924c5
68b299dbf020512e4a72f4f18f3346d2f8cb37d039dcc3c41ae69500dc3779a0
6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0
6928d0fe26953781fdfc16657a58aab75b5801e7fe3b88700225e70dd3850dc7
696af1286f5c693c5b319c17505f27ee774fa1311e5a5ed1c0674283520d5291
697dba043287505e16509237e669010cc9b702b69717045f0387389f2c5f7237
69a20fd1d9704b066c532b34dabb78d00d163b8b701a16c5c83bce2f972a65a7
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e3c6e47d66f83b38e35d392575e43a35356de10f0246e001c2f7f411d0791f2
6e7f4e5b7b6fba8fe6be832513c9a2bdc4aeb6f4e37ee20bbff9c6abbb0a674f
6e8f128b01ba68dcfdc212758efdd805fa0a38585cf781400bddd050dc27dc35
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
714f6738376a61459e39558628b73496acaabd5b90516c8bff2b44b7b36609a2
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72785b69f547df3dcdbc5ad7d56c2661477e25c4380251a1ffadbe36da36d4ba
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72c1432adc762cb1200bd414b2e349786d2a9767399f685d2c172d873f6a562a
7302d68eaa15a67a7cce67a4b5c226cdcfe546d37c56cdc21aec4e5ef5799bb2
736c7404f183cc3f13ccd9d0ff3a1b2045a2f3dd0130014354d3327e74237a7a
73a2e968573cdebeb06619be73e0eed1863d513e6ff521fe671d9379f4315eeb
7427b59cb7f8a5a919d1ea1730e6981e6880c82d1711a55e84c6d39550d32ea2
7515bfc76cb2548c417ec957d0d0f84cc60de284fb3ea0bfb78b4a709d1f66d8
7772e1b342f357e35fb462355432ffdb9dfae2263b99b4addd2c1ff95f4ab7cd
77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a
78e5eef5a4c0897721038a13810d3a39cc3779c2f308de609cd34823a90bf0a6
78f435971e581d9b2f5c439af8bd45d67dd619d4bfe46bd9cad21e733d748a76
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b404b9a484eabf02274d1b2903119f3b3355ccda686cb1ca264b9e034496823
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d
7ba518735f5e5de6fe2af75b8550e0987dd5a9fbb83730a9f1cb652a69a97e93
7be470de9d71b599f5a2555d30cbd115c2383edb3fa031ce7631ff110ef270b5
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d63edf7f87aa61c04007b82979869e188abbe204bcaca04c6cad59e988a1bc5
7d7b30f197a9b1808a59410e51c0bf4e0924790b73606c5b54dc537d536a7361
7dd9adee5089f16796091e7f9b4df758cafb95bf7b3742709e4e237316f95f59
7f6008ca479fb9e50da5b7cee97fa7c1251f20373ab588273803f69545005080
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
804b640c780a0aa648085b6703f5210e8e53dadd8f5e9be19e97103bec97282b
8224ff2bc3b73463011b9139a89a4a195d749e3ab63d286406d70696458e3bc7
827769c908fa8126c58d2dd7716a2150ec4395ed373035b5ec3164760218044f
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
830bf311604c3303fa7726756aa6ea1a96ceedc07f5e77ab0d54d16fdcab8c97
83472595381fbd93444a79e1db9b41468ecd1c5a56f874f3cc43797253900dc3
854b12042041b451eabf547b7c578cb08350b87d7de8a0957d03622c3debcb1d
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
87103957dd6c71be7e62d890126ef363a3a7e0d5a23a3230178ccbdcc97b05fc
888f16e96be842809612cce25f9f14404eea5f4fc3585e8df902a0a399a3c356
89a0eff8d578577ca7cf7d54651522fee8cea920311819b9ded36c4a2bd042e6
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ec974f98a68710a1f33994e4b94ce7b131097a5adf24baf9d669577b133a384
8fb97144f37a70f7294a7fbd2ac3505a00cd8be084fa2935cc25557bc19c9e9d
8fc6970335c9c9c3ee415b6ceb954a1ee2fbfea9a70807433b9db4594882af9f
904533dd74f54a6def75360f7e7793fbb83762aad9097f2601895c6960e784bc
908e597c2ed91743a74246e2ec3f4ab39966afaa49f601b3d3d5b902dd6fd661
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
914dde40164eff12f4230d7c0c7e7ea821ae57f5dc080f14aa239d375f216290
92f64f8f0ea9ef0c2d74b7cd8c9843fc0b3303c9552793f0d7da34f40bcda244
9356c90bff9a3cfcc6d370026ec50d06645b3d32fcd0e432754f37d228fd8c2b
938d6eea0a7c5a36e1d43a577fb0184836ebd74ed6751b2665b029e9aa572301
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
968c616f3fadaad9f59bf5572a74e9c94a2563d094e0f9c9f669a0ef1c6bd87e
96d784299df20c5c1570d5d04a0a6c43f29d7c950355305ffa83a220bdfd2242
9711945e90a656dc7c6e00b4b323adf711fb00d2b9f1fb3e231e3373eb0df5ce
98addbe891312888a794d312286b44b4551eb9d349c8ec621ba40c7c233cd45e
9a143ca1ac0ac1866eb1e1532bbb7835b0b8597fa370fcf0283a6f3a21f67428
9a421d7cf16a54029a14eeee9dfe3cba2293bfb393d90a06cb44a71fa80aa626
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f4e0d95d076668b9a5b15c8dcad8de90867decce2e5acf9a1020d8b6e86a1cb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0fd23377bea298c10c9a673c34261eed03f6b33a326113335b5025a88a7a25c
a18181c6470ff5f55ef69ab926e01d6b4dac897db3e6aeb953b91fafd086dcec
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3921275e306d0d74e1b313495d991946065661bf614742a9505f7ca274845cf
a425781e5011a59c6ff17f843db625b6043be7f1839dbbdf0037aa7d01a44c3a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4
a4f0c38865523396d3d06be304c57692a9606440358772766eeb4c4a2fa6e9e1
a6563f1b77608e27cb823aeea1c95a4db298557918d9ed6e8e9db5160d8aabdd
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a75147c46eb6d05dacd09e3990e7710cd2be3820344bb328a47967c764bd418d
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
a91c30598cdddf4e87ed879037c9fe0b11cb58fff18e9b2b19cd598e22a4b7f2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b0651ca51c66d069097a44e700ce92c4af40b42987d181891e3eb42ef7184495
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b11ba2b47d13da58bc505154d1c99abd2850b726ced6a63d94859e39f6433e6f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27c0bd61116f98e23e6d181ff31043cbba1f5e2c8c0cbfa4b8fb350f9e11650
b50552563c561fbf9ed331d948cafc003ad18b2fed2c2860c5d2cc61b9516df6
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
b7741d75a84fd1af7beb740e1efd7d9b2313991bf5445c7cee768b31e532a156
b849b031ac7cfac8604135e7dea2d28d522b2689a9276e4d0b0c00dfb8157255
b95044263f3f5e3922fc23918a43efa57b42d73c6ce374219e9b323770b3d438
ba2e5178a90693f8371e7b9989bb699c649d1f33bef2ceb6dd67c8118813e7a7
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0
bdba86a2301573400c8eaaaf90d7660e27234413118c39b3618e8572c25c562f
bf16303d01177252671bfd19187a9da327f415095570b5467131e4b4b0e607a0
c00abf7da8a246c460de8fe5192f8850f247de82230d9d8b9f040ee6ddd853ce
c0509ee503a40ffc0cf58e1d7b9a6225dd915f67101f426176f662b3b7f55b41
c12518607dd5c7393565336721a3c04e1b735d2f53b01b367ee705fa17db006a
c1795a7307b29b1e9e38b821359f5d43e1eae27fbcc3d9f67b9867c17dc6327f
c1b6dc9b42b86d5683ee9463cae1d8865287d99da99a526511b1f09d04e31c6e
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c38a71b9483a8bb743b6dcb7835c7fb1d9c1902368efc2f3704232eee9433bf2
c6deeefb6cafea5221f3f64d75ce76e36959d58a55fea1515e216f7a42de4267
c6f09adec78e811410b127829b9855178c6fc3ced22876b81a0e249be4253ddd
c75ea671538d44847b052d7799de9a7b1333294174733b8139495faed6e67108
c7f529f4d3725a569a24d24f4203ce0ff79d2b7ffca48a30ce7444728808fb2f
ca62753320e665f9ba3578bed450c7133a325ad74057b5d9a411c005bf444ff1
cba86c0f026f9b8b1bccee7425c5995248755566cc59a8cc9878f520523d6961
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cff45bed3031029ef91d3d7146a00c740138f6c509854537d79f7be3f4dc4f53
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1cd1732afda8d086bca8281a43e3b622a0f1ad8b145686a9334a86dbe056254
d1d9996adf227409e389ca01edbee915547f33a9765e24cf542a259e25210cd2
d1ed1677dc75607eb6865e91977014c05346e13285475a93ba4e8fcec5239a3a
d568103e057eac05bc2f99b84bd3a783ea711059bd9e0056ec6af9f5c2461cec
d5719bfe9c1f816ff3f05f8b4fe76e7747f4224b1f7bfd72a136f20465764c65
d6bdf9a5758c26137e3fb8bab7b67fb05cd507d374f3524fe056730d6e7c2660
d6d86d147ad21764c3b7567678f063a1fe48b5fbed5feb4d2c87932ec2c5cad6
d7d66a94efc44da1e7c2b34fa5463b6326d706548e90f9dde0f77fe0582169f1
da4b3618d374f7528a9a2d0d6b6401a2eb910aaced08f1f2041fe8a7d3aae107
db0831a34e819cfa5f97493b09468ef8c18d79c5da07498cee2a6a93ab491f48
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd4395b17aec9551bcf21ff2be94e0f11ceef663382ffe67f03479ccf4ecd87f
df6da203d9b63b236ea56b22153bd7c21ff3a7b311a9a75ccfda97a37c3df6d5
df86ee1ff38b797cd52103e90a8f3ae36e86e48379461bd13e3da267c0f23312
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2adb933987ecc1b413c1ad0d5024757f89f224afccc19d42f8c4c322aef7ea3
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e393fcd758d194e3cefada390712166d26e9ecdde99a987e4861e40bb73a686d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3
e532c7c8985c6dc16308e53737a3ec58f9d55b1c28238382e0a14ff753fd2e14
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e68432efde9a67be10028d39e18c7dc4850926a400f51fa188d50d5031b36c2a
e684d2857d4db1478ffad8bfae1d6a5f3d2e07100e77407807f94b56eff23dcf
e7473c9f2a9669a45104b31ad19fc9c8570a8c0b710112402275fd686fda81c3
ea1b9f18cee0738c081464e9e858b9233873af009dbd436d3abae9371440c103
eb080e82d0cee3796eb1c80e76e1ccc63cb4cd82a86de8919f5a2be54c63a90f
ec9135edd58a3a2a6bfe25e9598c31fa8f48c5c84e8c8c3b79508742c0fe446a
eca790872a71c33c5c1c9f8f512e90d6098d460d15c1bb3c5c65e90c2d1e137b
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eeabe349aa9d1fb41a4e169d58fcedafb8ba48774788818a4518ddd9c291c51a
eedd49621b38f275303c3f88a999ee576072d8e100aac6b0ce08e488682f0e42
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdf5d065d224a0bc5a15c4db8dad2cc0e1f84ae129bb1d4c284845e249ae327
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f0fff47c49235df55a42838b2486a337c56d743b1e34cc9fa692b0e992fca0f8
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f222758f1d0f71c12e10a1bdaa04bf9e1f446d7de788103d3005676e513c4582
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55
f34bffa49ea9fb0de7f7d19a43b041ad8d4cce34bdbe82dd8a9110003fc397b1
f3928327fb9a23ef29178326793ba7b88b176a55c108144e6dab537feff6f55d
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f65a324b2e4003515de55535f4a6b4f2e1e0160fd479510c6fbd51d63961c738
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f6e8bde2a648a9e234472ec5f1316bdd57ab22d9d89a83a36192e980075b0c32
f98f32da5345bbd9be694eab9f2632c8da0a3ba8e9d2722bac2547e7da3f0020
fb8f7653f8e9eb5bb33992cce33fa43c3379d5aa1873ad36e6885a719f91ae66
fbdf12aa1eb94ab45dd826b6349c4fd915ab7a585cbe8d4c68d46a68caa37043
fc1cb46d394087c2abdd05b11246dc66bc84e954ba76546792b970766763f2f5
fc298c7755e31bf1ba06104b3af5ad3cd3515fb7a23688c3e5a576ed9f8afc86
fe5b9fce5a9f999cf3d5e4778e38011c5a003ec08a1facdca8fa5690aabe654b