urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
23.195.152.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.heraldsun.com.au/
Effective URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Submission: On December 15 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 135 IPs in 14 countries across 113 domains to perform 484 HTTP transactions. The main IP is 23.195.152.111, located in Singapore, Singapore and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 240081.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 7th 2022. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 43 23.195.152.111 16625 (AKAMAI-AS)
1 11 23.195.152.191 16625 (AKAMAI-AS)
14 96.16.116.247 16625 (AKAMAI-AS)
1 151.101.194.217 54113 (FASTLY)
1 18 151.101.65.44 54113 (FASTLY)
1 3.5.169.12 16509 (AMAZON-02)
5 142.251.10.132 15169 (GOOGLE)
1 3 13.33.88.104 16509 (AMAZON-02)
1 172.64.132.15 13335 (CLOUDFLAR...)
2 34.160.169.226 15169 (GOOGLE)
1 199.36.158.100 54113 (FASTLY)
3 10 141.226.229.48 200478 (TABOOLA-AS)
3 23.15.243.62 16625 (AKAMAI-AS)
4 96.16.116.178 16625 (AKAMAI-AS)
7 13.226.210.105 16509 (AMAZON-02)
2 54.192.150.76 16509 (AMAZON-02)
1 74.125.24.149 15169 (GOOGLE)
1 13.33.35.226 16509 (AMAZON-02)
2 157.240.235.1 32934 (FACEBOOK)
1 18.155.68.27 16509 (AMAZON-02)
2 18.213.217.104 14618 (AMAZON-AES)
2 151.101.129.175 54113 (FASTLY)
2 104.22.53.86 13335 (CLOUDFLAR...)
1 23.72.44.233 16625 (AKAMAI-AS)
14 74.125.24.156 15169 (GOOGLE)
3 13.33.39.40 16509 (AMAZON-02)
1 13.35.8.87 16509 (AMAZON-02)
2 172.67.69.247 13335 (CLOUDFLAR...)
2 184.87.193.153 20940 (AKAMAI-ASN1)
3 13.33.88.94 16509 (AMAZON-02)
8 74.125.130.155 15169 (GOOGLE)
1 74.125.68.156 15169 (GOOGLE)
2 52.200.50.245 14618 (AMAZON-AES)
1 13.56.245.55 16509 (AMAZON-02)
1 1 124.146.215.44 2514 (INFOSPHER...)
2 2 52.57.243.182 16509 (AMAZON-02)
2 23.106.127.52 59253 (LEASEWEB-...)
9 15 69.173.158.64 26667 (RUBICONPR...)
12 24 172.217.194.154 15169 (GOOGLE)
17 103.231.98.194 62713 (AS-PUBMATIC)
15 22 15.197.193.217 16509 (AMAZON-02)
1 2 209.191.163.208 32475 (SINGLEHOP...)
1 74.214.196.131 19189 (PULSEPOINT)
1 35.172.34.118 14618 (AMAZON-AES)
2 2 182.161.73.146 55569 (CRITEO-AS...)
11 11 35.213.12.39 15169 (GOOGLE)
4 4 103.229.205.243 30419 (MEDIAMATH...)
2 2 18.158.185.48 16509 (AMAZON-02)
2 4 35.244.159.8 15169 (GOOGLE)
1 2 35.71.178.8 16509 (AMAZON-02)
1 54.200.252.46 16509 (AMAZON-02)
2 2 44.205.120.122 14618 (AMAZON-AES)
1 82.145.213.8 39832 (NO-OPERA)
1 16 34.214.51.179 16509 (AMAZON-02)
1 151.101.129.44 54113 (FASTLY)
1 13.35.8.23 16509 (AMAZON-02)
1 104.16.89.20 13335 (CLOUDFLAR...)
4 54.192.150.7 16509 (AMAZON-02)
1 141.226.230.50 200478 (TABOOLA-AS)
1 9 172.217.194.113 15169 (GOOGLE)
3 157.240.235.35 32934 (FACEBOOK)
4 162.19.138.120 16276 (OVH)
1 13.33.30.231 16509 (AMAZON-02)
1 34.120.155.137 396982 (GOOGLE-CL...)
1 103.231.98.193 62713 (AS-PUBMATIC)
2 34.196.166.22 14618 (AMAZON-AES)
2 34.102.253.54 396982 (GOOGLE-CL...)
4 9 104.254.150.228 29990 (ASN-APPNEX)
4 69.173.158.65 26667 (RUBICONPR...)
2 7 172.64.154.237 13335 (CLOUDFLAR...)
1 182.161.73.145 55569 (CRITEO-AS...)
4 3.104.211.97 16509 (AMAZON-02)
1 18.155.68.80 16509 (AMAZON-02)
1 13.33.33.118 16509 (AMAZON-02)
2 18.138.175.196 16509 (AMAZON-02)
1 54.192.150.93 16509 (AMAZON-02)
1 54.148.229.14 16509 (AMAZON-02)
2 63.140.36.179 16509 (AMAZON-02)
1 1 3.0.210.216 16509 (AMAZON-02)
1 141.95.33.111 16276 (OVH)
2 9 52.46.155.104 16509 (AMAZON-02)
1 52.74.213.242 16509 (AMAZON-02)
3 3 50.116.239.135 6336 (TURN-US-ASN)
7 18.136.76.220 16509 (AMAZON-02)
4 23.72.44.196 16625 (AKAMAI-AS)
2 182.161.73.129 55569 (CRITEO-AS...)
1 172.253.118.157 15169 (GOOGLE)
3 74.125.24.157 15169 (GOOGLE)
1 18.155.68.116 16509 (AMAZON-02)
1 63.140.36.117 16509 (AMAZON-02)
1 1 199.127.207.190 26120 (RHYTHMONE)
2 2 18.140.27.177 16509 (AMAZON-02)
1 1 44.198.62.85 14618 (AMAZON-AES)
1 54.68.250.34 16509 (AMAZON-02)
3 3 104.83.197.32 16625 (AKAMAI-AS)
14 14 151.101.66.49 54113 (FASTLY)
4 23.13.140.73 16625 (AKAMAI-AS)
15 74.125.24.132 15169 (GOOGLE)
8 142.250.4.106 15169 (GOOGLE)
4 142.251.12.155 15169 (GOOGLE)
1 17 139.5.84.243 27381 (CASALE-MEDIA)
2 103.231.98.196 62713 (AS-PUBMATIC)
1 13.33.33.112 16509 (AMAZON-02)
5 52.84.228.218 16509 (AMAZON-02)
1 199.232.44.157 54113 (FASTLY)
2 42.99.140.160 4637 (ASN-TELST...)
2 172.253.118.97 15169 (GOOGLE)
2 23.72.44.183 16625 (AKAMAI-AS)
2 4 142.251.12.148 15169 (GOOGLE)
1 172.253.118.154 15169 (GOOGLE)
5 6 52.74.13.196 16509 (AMAZON-02)
2 4 104.254.151.60 29990 (ASN-APPNEX)
2 2 23.106.69.73 59253 (LEASEWEB-...)
2 2 185.183.112.148 60350 (VP)
6 142.250.4.94 15169 (GOOGLE)
1 2 103.71.26.126 132134 (SPOTX-AS-...)
1 18.155.68.96 16509 (AMAZON-02)
1 47.242.65.123 45102 (ALIBABA-C...)
10 23.72.45.156 16625 (AKAMAI-AS)
1 172.253.118.94 15169 (GOOGLE)
1 74.118.186.44 26120 (RHYTHMONE)
3 4 107.178.244.193 15169 (GOOGLE)
1 2 18.140.183.49 16509 (AMAZON-02)
1 119.9.108.180 45187 (RACKSPACE...)
2 2 35.230.38.116 396982 (GOOGLE-CL...)
1 6 18.140.22.85 16509 (AMAZON-02)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
1 1 8.43.72.97 26667 (RUBICONPR...)
2 52.196.251.57 16509 (AMAZON-02)
2 172.64.151.162 13335 (CLOUDFLAR...)
1 67.220.224.144 16509 (AMAZON-02)
4 5 13.107.42.14 8068 (MICROSOFT...)
3 172.217.194.94 15169 (GOOGLE)
2 13.33.33.116 16509 (AMAZON-02)
1 2 104.18.99.194 13335 (CLOUDFLAR...)
2 3.73.8.30 16509 (AMAZON-02)
6 6 64.202.112.255 22075 (AS-OUTBRAIN)
1 1 35.214.223.115 15169 (GOOGLE)
1 13.229.254.84 16509 (AMAZON-02)
1 52.53.57.143 16509 (AMAZON-02)
1 34.102.166.132 396982 (GOOGLE-CL...)
5 13.33.88.56 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 18.140.217.106 16509 (AMAZON-02)
1 3.0.212.186 16509 (AMAZON-02)
9 142.250.4.139 15169 (GOOGLE)
16 54.68.77.207 16509 (AMAZON-02)
2 2 135.125.160.160 16276 (OVH)
1 1 18.176.234.133 16509 (AMAZON-02)
2 3 139.99.49.250 16276 (OVH)
1 35.213.109.249 15169 (GOOGLE)
1 1 52.45.175.185 14618 (AMAZON-AES)
4 103.231.98.195 62713 (AS-PUBMATIC)
2 182.161.73.136 55569 (CRITEO-AS...)
1 35.241.45.82 15169 (GOOGLE)
1 2 185.84.60.23 198622 (ADFORM)
1 1 18.138.18.111 16509 (AMAZON-02)
1 1 103.229.10.171 16509 (AMAZON-02)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 ()
3 3 35.227.202.26 15169 (GOOGLE)
1 1 18.155.68.41 16509 (AMAZON-02)
484 135
43    23.195.152.111 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-111.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
content.api.news
mhr.talk.news.com.au
11    23.195.152.191 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-191.deploy.static.akamaitechnologies.com
tags.news.com.au
14    96.16.116.247 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-116-247.deploy.static.akamaitechnologies.com
resourcesssl.newscdn.com.au
1    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
18    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
widget.perfectmarket.com
trc.taboola.com
images.taboola.com
match.taboola.com
1    3.5.169.12 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
5    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
cdn.ampproject.org
eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
3    13.33.88.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-104.sin2.r.cloudfront.net
sb.scorecardresearch.com
1    172.64.132.15 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    34.160.169.226 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 226.169.160.34.bc.googleusercontent.com
bedsberry.com
1    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
ts2020-indies-client.web.app
10    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)
sg-trc-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
3    23.15.243.62 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-243-62.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.heraldsun.com.au
4    96.16.116.178 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-116-178.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
7    13.226.210.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-210-105.lax50.r.cloudfront.net
static.adsafeprotected.com
2    54.192.150.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-76.sin2.r.cloudfront.net
assets.vidora.com
1    74.125.24.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f149.1e100.net
ad.doubleclick.net
1    13.33.35.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-35-226.sin2.r.cloudfront.net
static.chartbeat.com
2    157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net
1    18.155.68.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-27.sin52.r.cloudfront.net
au.tags.newscgp.com
2    18.213.217.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-217-104.compute-1.amazonaws.com
pixel.zprk.io
2    151.101.129.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
2    104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.72.44.233 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-233.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
14    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
3    13.33.39.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-39-40.sin2.r.cloudfront.net
c.amazon-adsystem.com
1    13.35.8.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-87.sin5.r.cloudfront.net
ats-wrapper.privacymanager.io
2    172.67.69.247 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
2    184.87.193.153 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-87-193-153.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
3    13.33.88.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-94.sin2.r.cloudfront.net
cdn-gl.imrworldwide.com
8    74.125.130.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f155.1e100.net
pagead2.googlesyndication.com
1    74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net
googleads4.g.doubleclick.net
2    52.200.50.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-50-245.compute-1.amazonaws.com
ping.chartbeat.net
1    13.56.245.55 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-56-245-55.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
1    124.146.215.44 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    52.57.243.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-243-182.eu-central-1.compute.amazonaws.com
ih.adscale.de
2    23.106.127.52 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
15    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
24    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
cm.g.doubleclick.net
17    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
22    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    209.191.163.208 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    35.172.34.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-34-118.compute-1.amazonaws.com
e1.emxdgt.com
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
11    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
4    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    18.158.185.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-185-48.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
2    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    54.200.252.46 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-252-46.us-west-2.compute.amazonaws.com
visitor.omnitagjs.com
2    44.205.120.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-120-122.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
16    34.214.51.179 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-51-179.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    13.35.8.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-23.sin5.r.cloudfront.net
cdn.adsafeprotected.com
1    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    54.192.150.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-7.sin2.r.cloudfront.net
au-script.dotmetrics.net
1    141.226.230.50 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
9    172.217.194.113 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f113.1e100.net
news.google.com
3    157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com
4    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
lb.eu-1-id5-sync.com
1    13.33.30.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-30-231.sin2.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
1    103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    34.196.166.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-166-22.compute-1.amazonaws.com
mfad.inskinad.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
9    104.254.150.228 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
4    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
7    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
4    3.104.211.97 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-104-211-97.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
1    18.155.68.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-80.sin52.r.cloudfront.net
ncg.tags.news.com.au
1    13.33.33.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-118.sin2.r.cloudfront.net
au.audience.newscgp.com
2    18.138.175.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-175-196.ap-southeast-1.compute.amazonaws.com
secure-sdk.imrworldwide.com
1    54.192.150.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-93.sin2.r.cloudfront.net
2v1nmaazabtftnwqbg0lhaxze3ugv1671073782.nuid.imrworldwide.com
1    54.148.229.14 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-229-14.us-west-2.compute.amazonaws.com
newscorpau.demdex.net
2    63.140.36.179 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-179.data.adobedc.net
metrics.heraldsun.com.au
1    3.0.210.216 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-210-216.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
lbs.eu-1-id5-sync.com
9    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    52.74.213.242 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-213-242.ap-southeast-1.compute.amazonaws.com
bs.serving-sys.com
3    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
ad.turn.com
7    18.136.76.220 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
pixel.adsafeprotected.com
4    23.72.44.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com
image5.pubmatic.com
ads.pubmatic.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    172.253.118.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f157.1e100.net
adservice.google.com.au
3    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
adservice.google.com
1    18.155.68.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-116.sin52.r.cloudfront.net
rm-script.dotmetrics.net
1    63.140.36.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-117.data.adobedc.net
edge.adobedc.net
1    199.127.207.190 (United States)

ASN26120 (RHYTHMONE, US)
dt.scanscout.com
2    18.140.27.177 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-27-177.ap-southeast-1.compute.amazonaws.com
ps.eyeota.net
1    44.198.62.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-62-85.compute-1.amazonaws.com
usermatch.krxd.net
1    54.68.250.34 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-250-34.us-west-2.compute.amazonaws.com
beacon.krxd.net
3    104.83.197.32 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-197-32.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
14    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    23.13.140.73 (Cyberjaya, Malaysia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-13-140-73.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
15    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
tpc.googlesyndication.com
8    142.250.4.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f106.1e100.net
www.google.com
4    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
www.googletagservices.com
17    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    13.33.33.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-112.sin2.r.cloudfront.net
check.analytics.rlcdn.com
5    52.84.228.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-228-218.sin2.r.cloudfront.net
js.adsrvr.org
ad.adsrvr.org
1    199.232.44.157 (Singapore, Singapore)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    42.99.140.160 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-160.pacnet.net
snap.licdn.com
2    172.253.118.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f97.1e100.net
www.googletagmanager.com
2    23.72.44.183 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-183.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    142.251.12.148 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f148.1e100.net
8228261.fls.doubleclick.net
1    172.253.118.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f154.1e100.net
www.googleadservices.com
6    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    104.254.151.60 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
2    23.106.69.73 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
2    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
6    142.250.4.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f94.1e100.net
www.gstatic.com
2    103.71.26.126 (Singapore, Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
1    18.155.68.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-96.sin52.r.cloudfront.net
choices.truste.com
1    47.242.65.123 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
hk3-bid.adsrvr.org
10    23.72.45.156 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-45-156.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    172.253.118.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f94.1e100.net
fonts.gstatic.com
1    74.118.186.44 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
4    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
2    18.140.183.49 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-183-49.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
1    119.9.108.180 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
2    35.230.38.116 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.38.230.35.bc.googleusercontent.com
um.simpli.fi
6    18.140.22.85 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-22-85.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    52.196.251.57 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-251-57.ap-northeast-1.compute.amazonaws.com
prebid-a.rubiconproject.com
2    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    67.220.224.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
3    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
www.google.com.au
2    13.33.33.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-116.sin2.r.cloudfront.net
cdn.linkedin.oribi.io
2    104.18.99.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    3.73.8.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-8-30.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
6    64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
1    13.229.254.84 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-254-84.ap-southeast-1.compute.amazonaws.com
d.adroll.com
1    52.53.57.143 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-53-57-143.us-west-1.compute.amazonaws.com
s.pubmine.com
1    34.102.166.132 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.166.102.34.bc.googleusercontent.com
ad.tpmn.co.kr
5    13.33.88.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-56.sin2.r.cloudfront.net
choices.trustarc.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    18.140.217.106 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-217-106.ap-southeast-1.compute.amazonaws.com
geo.moatads.com
1    3.0.212.186 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-212-186.ap-southeast-1.compute.amazonaws.com
mb.moatads.com
9    142.250.4.139 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f139.1e100.net
play.google.com
16    54.68.77.207 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-77-207.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
2    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
c.eu1.dyntrk.com
1    18.176.234.133 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com
cs.r-ad.ne.jp
3    139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
1    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
4    103.231.98.195 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
2    185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
3    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
odr.mookie1.com
1    18.155.68.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-41.sin52.r.cloudfront.net
aa.agkn.com
Apex Domain
Subdomains		 Transfer
44 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 164
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 256843
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
209 KB
31 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 544
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3344
pixel.adsafeprotected.com — Cisco Umbrella Rank: 616
dt.adsafeprotected.com — Cisco Umbrella Rank: 535
508 KB
29 google.com
news.google.com — Cisco Umbrella Rank: 5941
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 16
75 KB
28 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 323
js.adsrvr.org — Cisco Umbrella Rank: 1391
insight.adsrvr.org — Cisco Umbrella Rank: 576
hk3-bid.adsrvr.org — Cisco Umbrella Rank: 46059
ad.adsrvr.org — Cisco Umbrella Rank: 1809
108 KB
28 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 657
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 440
image5.pubmatic.com — Cisco Umbrella Rank: 94128
ads.pubmatic.com — Cisco Umbrella Rank: 470
image6.pubmatic.com — Cisco Umbrella Rank: 680
image2.pubmatic.com — Cisco Umbrella Rank: 882
simage4.pubmatic.com — Cisco Umbrella Rank: 1198
image4.pubmatic.com — Cisco Umbrella Rank: 805
37 KB
28 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1066
trc.taboola.com — Cisco Umbrella Rank: 693
sg-trc-events.taboola.com — Cisco Umbrella Rank: 35347
images.taboola.com — Cisco Umbrella Rank: 1685
sync.taboola.com — Cisco Umbrella Rank: 972
match.taboola.com — Cisco Umbrella Rank: 3484
sync-t1.taboola.com — Cisco Umbrella Rank: 1270
pips.taboola.com — Cisco Umbrella Rank: 1593
cds.taboola.com — Cisco Umbrella Rank: 1674
212 KB
26 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 321
fastlane.rubiconproject.com — Cisco Umbrella Rank: 451
token.rubiconproject.com — Cisco Umbrella Rank: 551
eus.rubiconproject.com — Cisco Umbrella Rank: 547
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 973
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3120
35 KB
25 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
144 KB
25 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 240081
subscriptions.heraldsun.com.au
metrics.heraldsun.com.au
525 KB
24 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum.casalemedia.com — Cisco Umbrella Rank: 1328
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 413
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507
20 KB
19 api.news
content.api.news — Cisco Umbrella Rank: 63380
247 KB
17 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 206
newscorpau.demdex.net — Cisco Umbrella Rank: 127173
21 KB
15 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1046
sync-tm.everesttech.net — Cisco Umbrella Rank: 572
3 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 218
acdn.adnxs.com — Cisco Umbrella Rank: 579
secure.adnxs.com — Cisco Umbrella Rank: 430
31 KB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 308
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 492
s.amazon-adsystem.com — Cisco Umbrella Rank: 276
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1090
56 KB
14 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 117863
93 KB
14 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 56079
mhr.talk.news.com.au
ncg.tags.news.com.au — Cisco Umbrella Rank: 144640
236 KB
12 moatads.com
z.moatads.com — Cisco Umbrella Rank: 392
geo.moatads.com — Cisco Umbrella Rank: 671
mb.moatads.com — Cisco Umbrella Rank: 653
px.moatads.com — Cisco Umbrella Rank: 441
118 KB
12 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418
5 KB
11 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
5 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
179 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
4 KB
6 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2592
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 7938
2v1nmaazabtftnwqbg0lhaxze3ugv1671073782.nuid.imrworldwide.com
67 KB
6 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 132610
au.pixel.newscgp.com — Cisco Umbrella Rank: 182320
au.audience.newscgp.com — Cisco Umbrella Rank: 195796
49 KB
5 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 714
18 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 372
www.linkedin.com — Cisco Umbrella Rank: 643
3 KB
5 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 785
check.analytics.rlcdn.com — Cisco Umbrella Rank: 3869
idsync.rlcdn.com — Cisco Umbrella Rank: 335
1 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 50995
rm-script.dotmetrics.net — Cisco Umbrella Rank: 6235
40 KB
5 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 700
bidder.criteo.com — Cisco Umbrella Rank: 734
gum.criteo.com — Cisco Umbrella Rank: 399
8 KB
5 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 1992
bs.serving-sys.com — Cisco Umbrella Rank: 1257
lm.serving-sys.com — Cisco Umbrella Rank: 1889
43 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 941
id5-sync.com — Cisco Umbrella Rank: 448
36 KB
4 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 998
c.eu1.dyntrk.com — Cisco Umbrella Rank: 5038
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
187 KB
4 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 78998
www.google.com.au — Cisco Umbrella Rank: 24852
2 KB
4 openx.net
u.openx.net — Cisco Umbrella Rank: 667
us-u.openx.net — Cisco Umbrella Rank: 395
612 B
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 447
2 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 400 Failed
494 B
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 979
24 KB
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 951
806 B
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 727
827 B
3 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 541
stags.bluekai.com — Cisco Umbrella Rank: 516
1 KB
3 turn.com
d.turn.com — Cisco Umbrella Rank: 1154
ad.turn.com — Cisco Umbrella Rank: 743
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
287 B
3 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4253
udc-neb.kampyle.com — Cisco Umbrella Rank: 2327
87 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
3 KB
3 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 388
18 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 696
718 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 639
1002 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 491
466 B
2 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 887
367 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 605
cdn.indexww.com — Cisco Umbrella Rank: 1503
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 810
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 752
852 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 592
1 KB
2 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1431
935 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
104 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 742
5 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1354
beacon.krxd.net — Cisco Umbrella Rank: 549
528 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 949
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 662
57 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1119
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1332
695 B
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3817
400 B
2 inskinad.com
mfad.inskinad.com — Cisco Umbrella Rank: 31292
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 692
873 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 350
740 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 937
1 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 843
1 KB
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 803
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 563
697 B
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 3397
633 B
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1247
401 B
2 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3408
18 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 17566
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
111 KB
2 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 17038
6 KB
2 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 180614
3 KB
2 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 107064
21 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3583
32 KB
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 424
673 B
1 linksynergy.com
tags.rd.linksynergy.com
389 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 644
594 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 24745
650 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 15284
520 B
1 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 3087
218 B
1 r-ad.ne.jp
cs.r-ad.ne.jp — Cisco Umbrella Rank: 129263
683 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2188
419 B
1 tpmn.co.kr
ad.tpmn.co.kr — Cisco Umbrella Rank: 2639
627 B
1 pubmine.com
s.pubmine.com — Cisco Umbrella Rank: 11649
286 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1464
181 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 764
274 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 557
394 B
1 t.co
t.co — Cisco Umbrella Rank: 511
377 B
1 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1157
220 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 503
99 B
1 truste.com
choices.truste.com — Cisco Umbrella Rank: 707
10 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 171
17 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 627
15 KB
1 scanscout.com
dt.scanscout.com — Cisco Umbrella Rank: 29685
698 B
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 7117
830 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 396
2 KB
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1713
468 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 827
385 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 770
67 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 526
720 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 917
862 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1024
540 B
1 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 4949
27 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 23356
20 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1361
24 KB
1 web.app
ts2020-indies-client.web.app — Cisco Umbrella Rank: 207577
2 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 849
12 KB
1 amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
28 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 5090
7 KB
0 sonobi.com Failed
syd-1-apex.go.sonobi.com Failed
484 113
Domain Requested by
24 cm.g.doubleclick.net 12 redirects www.heraldsun.com.au
eus.rubiconproject.com
js.adsrvr.org
eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
22 www.heraldsun.com.au 2 redirects www.heraldsun.com.au
19 content.api.news www.heraldsun.com.au
17 dsum-sec.casalemedia.com 1 redirects www.heraldsun.com.au
ssum-sec.casalemedia.com
16 dt.adsafeprotected.com www.heraldsun.com.au
16 dpm.demdex.net 1 redirects www.heraldsun.com.au
tags.news.com.au
ssum-sec.casalemedia.com
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
tpc.googlesyndication.com
14 sync-tm.everesttech.net 14 redirects
14 match.adsrvr.org 14 redirects
14 resourcesssl.newscdn.com.au www.heraldsun.com.au
ts2020-indies-client.web.app
resourcesssl.newscdn.com.au
12 simage2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
11 x.bidswitch.net 11 redirects
11 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
www.googletagservices.com
11 tags.news.com.au 1 redirects www.heraldsun.com.au
tags.tiqcdn.com
au.tags.newscgp.com
10 pixel.rubiconproject.com 4 redirects www.heraldsun.com.au
eus.rubiconproject.com
js.adsrvr.org
9 play.google.com www.gstatic.com
9 px.moatads.com eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
www.heraldsun.com.au
9 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
ads.pubmatic.com
eus.rubiconproject.com
9 ib.adnxs.com 4 redirects tags.news.com.au
www.heraldsun.com.au
acdn.adnxs.com
9 news.google.com 1 redirects subscriptions.heraldsun.com.au
news.google.com
www.heraldsun.com.au
www.gstatic.com
8 insight.adsrvr.org 1 redirects js.adsrvr.org
eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
www.heraldsun.com.au
8 www.google.com securepubads.g.doubleclick.net
eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
www.heraldsun.com.au
tpc.googlesyndication.com
8 pagead2.googlesyndication.com ad.doubleclick.net
www.googletagservices.com
eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
7 static.adsafeprotected.com bedsberry.com
pixel.adsafeprotected.com
www.heraldsun.com.au
7 cdn.taboola.com www.heraldsun.com.au
cdn.taboola.com
6 b1sync.zemanta.com 6 redirects
6 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
6 www.gstatic.com news.google.com
www.gstatic.com
6 ups.analytics.yahoo.com 5 redirects www.heraldsun.com.au
6 trc.taboola.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
5 choices.trustarc.com choices.truste.com
eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
choices.trustarc.com
5 image2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
5 token.rubiconproject.com 5 redirects
5 sync.taboola.com 3 redirects www.heraldsun.com.au
4 px.ads.linkedin.com 3 redirects eus.rubiconproject.com
4 secure.adnxs.com 2 redirects www.heraldsun.com.au
4 8228261.fls.doubleclick.net 2 redirects www.heraldsun.com.au
4 js.adsrvr.org secure-ds.serving-sys.com
insight.adsrvr.org
4 www.googletagservices.com securepubads.g.doubleclick.net
eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
tags.news.com.au
4 ssum-sec.casalemedia.com s.amazon-adsystem.com
ssum-sec.casalemedia.com
tags.news.com.au
js-sec.indexww.com
4 au.pixel.newscgp.com au.tags.newscgp.com
4 fastlane.rubiconproject.com tags.news.com.au
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
4 sync.mathtag.com 4 redirects
4 pixel.tapad.com ads.pubmatic.com
4 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
3 odr.mookie1.com 3 redirects
3 idsync.rlcdn.com 2 redirects
3 onetag-sys.com 2 redirects www.heraldsun.com.au
3 www.google.com.au www.heraldsun.com.au
3 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
3 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
tags.news.com.au
3 adservice.google.com securepubads.g.doubleclick.net
8228261.fls.doubleclick.net
3 id5-sync.com tags.news.com.au
cdn.id5-sync.com
3 www.facebook.com www.heraldsun.com.au
3 u.openx.net 2 redirects www.heraldsun.com.au
3 sync-t1.taboola.com www.heraldsun.com.au
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 c.amazon-adsystem.com tags.tiqcdn.com
c.amazon-adsystem.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
3 cdn.ampproject.org www.heraldsun.com.au
2 pippio.com 2 redirects
2 image4.pubmatic.com
2 c1.adform.net 1 redirects ads.pubmatic.com
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 simage4.pubmatic.com ads.pubmatic.com
2 c.eu1.dyntrk.com 2 redirects
2 stags.bluekai.com 2 redirects
2 ad.turn.com 2 redirects
2 lm.serving-sys.com secure-ds.serving-sys.com
2 p.adsymptotic.com 1 redirects www.heraldsun.com.au
2 cdn.linkedin.oribi.io snap.licdn.com
2 prebid-a.rubiconproject.com tags.news.com.au
2 um.simpli.fi 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 sync.search.spotxchange.com 1 redirects www.heraldsun.com.au
2 sync.adotmob.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 acdn.adnxs.com www.heraldsun.com.au
tags.news.com.au
2 www.googletagmanager.com secure-ds.serving-sys.com
2 snap.licdn.com www.heraldsun.com.au
snap.licdn.com
2 image6.pubmatic.com ads.pubmatic.com
2 ps.eyeota.net 2 redirects
2 ssum.casalemedia.com 2 redirects
2 eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 static.criteo.net tags.news.com.au
static.criteo.net
2 metrics.heraldsun.com.au tags.news.com.au
2 secure-sdk.imrworldwide.com www.heraldsun.com.au
2 ads.playground.xyz tags.news.com.au
www.heraldsun.com.au
2 mfad.inskinad.com tags.news.com.au
ssum-sec.casalemedia.com
2 sync.srv.stackadapt.com 2 redirects
2 eb2.3lift.com 1 redirects www.heraldsun.com.au
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com 2 redirects
2 ce.lijit.com 1 redirects www.heraldsun.com.au
2 ih.adscale.de 2 redirects
2 match.taboola.com www.heraldsun.com.au
2 ping.chartbeat.net www.heraldsun.com.au
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 cdn.id5-sync.com tags.tiqcdn.com
securepubads.g.doubleclick.net
2 nebula-cdn.kampyle.com tags.tiqcdn.com
nebula-cdn.kampyle.com
2 pixel.zprk.io tags.tiqcdn.com
www.heraldsun.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 assets.vidora.com www.heraldsun.com.au
assets.vidora.com
2 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
2 mhr.talk.news.com.au www.heraldsun.com.au
resourcesssl.newscdn.com.au
2 sg-trc-events.taboola.com www.heraldsun.com.au
cdn.taboola.com
2 bedsberry.com www.heraldsun.com.au
bedsberry.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
1 aa.agkn.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 cms.quantserve.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 udc-neb.kampyle.com
1 im.bluevoox.com 1 redirects
1 y.one.impact-ad.jp eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
1 cs.r-ad.ne.jp 1 redirects
1 mb.moatads.com z.moatads.com
1 geo.moatads.com z.moatads.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 ad.tpmn.co.kr js.adsrvr.org
1 s.pubmine.com js.adsrvr.org
1 d.adroll.com ssum-sec.casalemedia.com
1 csync.loopme.me 1 redirects
1 www.linkedin.com 1 redirects
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 js-sec.indexww.com tags.news.com.au
1 pixel-us-east.rubiconproject.com 1 redirects
1 analytics.twitter.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 uipglob.semasio.net ads.pubmatic.com
1 sync.1rx.io www.heraldsun.com.au
1 fonts.gstatic.com news.google.com
1 z.moatads.com eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
1 ad.adsrvr.org eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
1 hk3-bid.adsrvr.org eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
1 choices.truste.com eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
1 us-u.openx.net www.heraldsun.com.au
1 www.googleadservices.com secure-ds.serving-sys.com
1 static.ads-twitter.com www.heraldsun.com.au
1 check.analytics.rlcdn.com tags.news.com.au
1 tags.bluekai.com 1 redirects
1 beacon.krxd.net www.heraldsun.com.au
1 usermatch.krxd.net 1 redirects
1 dt.scanscout.com 1 redirects
1 edge.adobedc.net cdn1.adoberesources.net
1 rm-script.dotmetrics.net www.heraldsun.com.au
1 adservice.google.com.au securepubads.g.doubleclick.net
1 image5.pubmatic.com www.heraldsun.com.au
1 d.turn.com 1 redirects
1 bs.serving-sys.com secure-ds.serving-sys.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 2v1nmaazabtftnwqbg0lhaxze3ugv1671073782.nuid.imrworldwide.com www.heraldsun.com.au
1 au.audience.newscgp.com au.tags.newscgp.com
1 ncg.tags.news.com.au au.tags.newscgp.com
1 bidder.criteo.com tags.news.com.au
1 htlb.casalemedia.com tags.news.com.au
1 hbopenbid.pubmatic.com tags.news.com.au
1 api.rlcdn.com tags.news.com.au
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 cds.taboola.com cdn.taboola.com
1 cdn.jsdelivr.net tags.news.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 pips.taboola.com cdn.taboola.com
1 t.adx.opera.com www.heraldsun.com.au
1 visitor.omnitagjs.com www.heraldsun.com.au
1 e1.emxdgt.com www.heraldsun.com.au
1 rtb-csync.smartadserver.com www.heraldsun.com.au
1 bh.contextweb.com www.heraldsun.com.au
1 ssbsync.smartadserver.com www.heraldsun.com.au
1 tg.socdm.com 1 redirects
1 jadserve.postrelease.com www.heraldsun.com.au
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 cdn1.adoberesources.net tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 ad.doubleclick.net tags.tiqcdn.com
1 images.taboola.com www.heraldsun.com.au
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 use.fontawesome.com cdn.taboola.com
1 news-networkeditorial.s3.ap-southeast-2.amazonaws.com www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
0 syd-1-apex.go.sonobi.com Failed tags.news.com.au
484 192
Subject Issuer Validity Valid
news.com.au
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-07-16 -
2023-08-17		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon		 2022-09-21 -
2023-09-05		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-27 -
2023-10-29		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
bedsberry.com
R3		 2022-11-15 -
2023-02-13		 3 months crt.sh
web.app
GTS CA 1D4		 2022-10-19 -
2023-01-17		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.vidora.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-23 -
2022-12-22		 3 months crt.sh
au.tags.newscgp.com
Amazon		 2022-01-11 -
2023-02-08		 a year crt.sh
*.zprk.io
Amazon		 2022-10-19 -
2023-11-17		 a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
secure-ds.serving-sys.com
R3		 2022-10-11 -
2023-01-09		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.postrelease.com
Amazon		 2022-11-29 -
2023-12-28		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
*.dotmetrics.net
Amazon		 2022-09-23 -
2023-10-21		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
mfad.inskinad.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
ads.playground.xyz
GTS CA 1D4		 2022-12-11 -
2023-03-11		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
www.newsconnect.com.au
Amazon		 2022-04-09 -
2023-05-08		 a year crt.sh
au.audience.newscgp.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.nuid.imrworldwide.com
Amazon		 2022-05-12 -
2023-06-10		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
metrics.heraldsun.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-17 -
2023-07-18		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
bs.serving-sys.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
edge.adobedc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-19 -
2023-11-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
analytics.rlcdn.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.truste.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-18 -
2023-04-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-10 -
2023-02-10		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-10 -
2023-02-10		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh
lm.serving-sys.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2022-11-08 -
2023-12-07		 a year crt.sh
s.pubmine.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-06 -
2023-10-06		 a year crt.sh
ad.tpmn.co.kr
GTS CA 1D4		 2022-10-20 -
2023-01-18		 3 months crt.sh
*.trustarc.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-11-04 -
2023-12-03		 a year crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2022-03-04 -
2023-03-25		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh

This page contains 62 frames:

Primary Page: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Frame ID: D0A789EE31AE6220F33715678537C7BB
Requests: 209 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=vqf2oU2xorVo6z.Ny4zLACvUr7qm25p3&nonce=0Bfvr7n0rlKmN.ns~c2j1ft5ZvmPYsrH&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: 313320E6E1E98F5FAEB650FA998E9A4D
Requests: 3 HTTP requests in this frame

Frame: https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Frame ID: 141993CB7836C20FD1598285A3B75E12
Requests: 24 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 626D0CC8FD61FF1A419D98DF98D3D653
Requests: 3 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: 8F3D674E76F85B4DADE1455397CF7CEC
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: ACB63674633E1F190537D4CCFB348CB3
Requests: 22 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Frame ID: 511CACABC8AEDD0729A8B8CC62BF8B6A
Requests: 1 HTTP requests in this frame

Frame: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3149E1AACDB6240DF51D8B6370DAEC48
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 3109729B959E6BCF7CF7B14E340A9E4D
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
Frame ID: C5FDD7573CFAF0E2F08712D84E3AE054
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 8AE396FA3A6C73F03174402FCEC6EA5D
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 659E452AF3E605C172E1F5BC4A320476
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 5DCE92FB65424402F62F2096129A4B50
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNp25iq3ELzzBfJEZ4TfME0Ek8nLVBj3B0kAqfWcRWfYJLozMrvQ9Eu8dtEpRDWJrJASpkyFAcZjA2KMG71a_ysG-CgzBv_sfZ1ayCh2NGXRoGHTwsU3QJtg2sIHVtf32AChupiCPa7qsGwk6VXeWCuNpFhJd-WuAkOaBIAR25_3XS6HC5YoPwGzez-Vh8UHUQ1lhGyeqB50FroDQGacRd0CuX9q5NddzymoxI1IB6lFSNvbEho_9NW5Vkg0VRlp3Hxfp-SyGjI8XgVPtLMaMZmOooOeAP8RYSzYUAuIAsMAkjXFRT7If-H0PQjgNG6A&sai=AMfl-YSq-Xa2vrTZ77bdk0YR7NdzpRaGmEqaywEkMDI4yFGQM0Pt69Cz93AZQX__x76vpja4LMdgrjdjgAB8njDfdZ4ZkRnJ8q3FOtBBTvP4jo5S3e7FUOjWZBgkbVtg1myh&sig=Cg0ArKJSzMnRe1jawrRgEAE&uach_m=[UACH]&adurl=
Frame ID: BA848625FE06629393D98E130A5187F8
Requests: 9 HTTP requests in this frame

Frame: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F7C98A900F66BD7C21D957961F829D5E
Requests: 33 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2SzEhisMrC0KeFtImOCExorekHzdixq4288fXzVkx4BwrqSHd1Cq0kmIFu8KgusT_3WaQISGRbE5gX68sW3ic_N37wGZ3HqJ060ZJ0icvdSFMx2WwW8T_8gGC5JXc1T3o6nq58KD60LxjaOr2MTEHICBmnai3T0cyyOxkdPJJ23SKSSUk5PsWyIaRthAQWXe-bxV0DgvmMJwzyNOdIWTPhHsvGPN1G1Vz12cqY4K2MUNCRR4HB8ToNQ1m__oJI29fUQm9UkDUM04O3hIgItdE1y4vwn32WAATbb-r-FRAu4jymMVFoeIJMk4MWzSs3Q&sai=AMfl-YRSzMglZ4tTzxJ519kV4tG_gBCEAjxoJhWBxwi9wy8-UQ0rpQ9257k9ZcLku5XlkOHbeUt5Cqc3kTgGd-lAbsJIgYmJVmyTvl61ANzULN7mJa_vQMy8p4fet-h1-7do&sig=Cg0ArKJSzJ1Z7yLlkh1TEAE&uach_m=[UACH]&adurl=
Frame ID: 73FB2B9026C5267A7C44436F491AC6FD
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxJVZdh541lkJDNwY-6T1m0lAn66K2wc2fGDhTYYu4IpqQEnQE4QJAKfPXmWGraVynVmXyjBdRrJ0-gp5BhPXqE9kB4j08XMfCLrd1d8ME9euwXfavOQD0XJb4qxgwUAP0TGLtYPbqSfyr0Qkr-QEeYvFWso2hH6oKLhZ_87WHcRtKlEJ96HTzwBCwrK6scXw4Nxd8J530SQbnHKo8O6drM0X2E4v-TTF2s1nPgogloOqBlBt0exAHAk_W8w9srUd5dG9p2jlHK_DFZUIR0qmh0lyCOCFQQKGX-nSrMcMYJ8KuLdARqyOkPVi1I57uJw&sai=AMfl-YQlkOA5fhT4cdQDk8NzoSxloUt7E7ZDs4-11c0FJW0CugZ-saHJ84bRVFSg8n5e-SAuINdDXpCFcvQVb1hmUaAgj4Q3nNwR0ez_OiwnSPK4d2KtxnEsdNcNdKmtIXUH&sig=Cg0ArKJSzLLau6mk_l2AEAE&uach_m=[UACH]&adurl=
Frame ID: A369523F164EF0AEA65DCEDFC37C1D55
Requests: 8 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: F43F15EDBDEC23628BD34E6B6BEFBB9B
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 67E10ACEC94C076188A0F7678053C3C1
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: 68B7E253B256E5F221BE30182B594E90
Requests: 4 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 4BDCB177E2C2D378D343B0027593E985
Requests: 4 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 580B6304CD0D231121855C20B802D6BE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 251C6F10A29E1E93E6838E0E8A84FD4B
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CKPzsPvS-vsCFa4etwAdJAECMQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5401263708949.222
Frame ID: 863F9F0C6C7971AD22AF1E77A187A0B2
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CITqsPvS-vsCFcPmcwEdPKsNXQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587840093593.782
Frame ID: AB360D641CF4308475F67DD10E5C7CDA
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 7A6E9F3553DCB22547A6810E3C8A1675
Requests: 4 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: EEACAC209BD0AC2DFF181BA6E4B11D1F
Requests: 4 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/55953/sync?uid=3407f6ba-8900-454e-8d7c-437e273b12f1&_origin=0&gdpr=0&gdpr_consent=
Frame ID: 8DEB34FF1FCFB508E8C6182B26699DF6
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|1&pubId=36557831&chanId=171638111&placementId=6111071016&pubCreative=138405557671&pubOrder=3082546051&cb=525558173&custom=homepage&custom3=168400391&adsafe_par&impId=
Frame ID: 39E9A7B6F5E7B4F594C611736035E251
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:caa7639a-8ff9-4200-8b5b-209efb5c023f&gdpr=0&gdpr_consent=
Frame ID: EE31807ACD77A8D3D7266815F1A80335
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID2BB2C270-1275-4EE1-B10B-096D74BFC1C7
Frame ID: 2F77518CEA4A85DECE5AE3A5B62EAC1E
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138347631275&pubOrder=2553375348&cb=1800766216&custom=homepage&custom3=168400391&adsafe_par&impId=
Frame ID: 2FBD11A7BFD9DF550C0C4F14BC120FCA
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138347631278&pubOrder=2553375348&cb=1607437252&custom=homepage&custom3=168400391&adsafe_par&impId=
Frame ID: 6E50CD19FF27AEBDA4CBDC96FB8788A4
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 26CF86421B5C44182B13F8335EA4D9AE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3DC6BE6D65C01B1BD5A84281513CCEFB
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Frame ID: 951358D438C67869B8338CC025F70268
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0606A77E419B34B8C3B187ABC6130D08
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: 9903D3D7DD21D6AE3C9D91DF133C613F
Requests: 9 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: EC29A88CB851DCB0879528033EEC4553
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: 28F077E868246D8E4F12D161E2E026F1
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CAC70527EF1898EF90F6798AC95A76FA
Requests: 10 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzQwN2Y2YmEtODkwMC00NTRlLThkN2MtNDM3ZTI3M2IxMmYx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e273b12f1
Frame ID: 659DA34011F35DD09237AB6399DE04F4
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30
Frame ID: DE14CE8897141613E46C2FA16DF916CD
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=1&external_user_id=d13c19b7-0716-405b-af08-35d2ae2f9b21&ssp_data=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
Frame ID: F454D83882D24F9970D197ADD0A0E269
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30
Frame ID: F6B90B9080732F9F2F25F048545F9D50
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzQwN2Y2YmEtODkwMC00NTRlLThkN2MtNDM3ZTI3M2IxMmYx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e273b12f1
Frame ID: 0D4EEF86B2900FE5389855813C555A04
Requests: 1 HTTP requests in this frame

Frame: https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=0a82396ba36695c8904cb4078bac8b1f&tpmn_buid=d13c19b7-0716-405b-af08-35d2ae2f9b21
Frame ID: 8B13A902377C9331204954F9A43AB64B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E2A64A229F81135632EBD38BA0503C72
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7C34FBA805A95F68A20BF0C002B8A2F8
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C575338A22A5D834C6D404C08DC23E57
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 87C9F3218CC9E156DA1F4331A8584916
Requests: 1 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: E13B2820EEAB402F89056653EC57585D
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Frame ID: D569CF7B3F19D94B07A7CB3C1EE9951F
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=2BB2C270-1275-4EE1-B10B-096D74BFC1C7&gdpr=0&gdpr_consent=
Frame ID: D56D99C79DDD0A19B0BF8675065AD8E1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qP_QAAAkH1QwAo&gdpr=0&gdpr_consent=
Frame ID: D20E65484B6FF53375CA2E37E59F623E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2866451666043766535&gdpr=0&gdpr_consent=
Frame ID: 42393BDE207C015A6EA5CB67E4CD8193
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6wqwedab3h
Frame ID: 18383A40621B3A088C201D261ADE08B9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KJCJvCbF1rszk4XlJ5Kd6CbGh-8zkYXuKMJskrJn
Frame ID: 5201F33BB3527E6DDD8C6B2DE26A6481
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 682C6B64D7BC3D1E6EBA439735C1D42C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wlQuUioJQix7laNARw8VX6310UA
Frame ID: CED5C5CD0E6C2CA1DD3F1DBEB0630A63
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 34B176C2E71A75965F4912706EB032E3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A64A04C5568D500162AE94446067CCBF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Herald Sun | Breaking News and Headlines from Melbourne and Victoria | Herald Sun

Page URL History Show full URLs

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&167... HTTP 302
    https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

484
Requests

81 %
HTTPS

0 %
IPv6

113
Domains

192
Subdomains

135
IPs

14
Countries

3948 kB
Transfer

10736 kB
Size

209
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16710737741193277904 HTTP 302
    https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671073779502&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671073779502&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
Request Chain 114
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5qP9sCo8YQAAMHrAkMAAAAA HTTP 302
  • https://match.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5qP9sCo8YQAAMHrAkMAAAAA&tbid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&query=taboola_hm%3DY5qP9sCo8YQAAMHrAkMAAAAA&isDirect=0
Request Chain 115
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=56147cb144d0422eb716505b524d08b0 HTTP 302
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=56147cb144d0422eb716505b524d08b0
Request Chain 117
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LBOI6N2I-28-JHA9
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPLcLvTUdofqq1Gf97M-3Gg&google_cver=1
Request Chain 120
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573
Request Chain 121
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3407f6ba-8900-454e-8d7c-437e273b12f1
Request Chain 122
  • https://ce.lijit.com/merge?pid=42&3pid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 126
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=e93b2600-ea01-4114-86cd-cdbc7b44aacd
Request Chain 127
  • https://id5-sync.com/s/464/9.gif?puid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=3407f6ba-8900-454e-8d7c-437e273b12f1&ttl=%%TTL%% HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/5/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/5/3.gif?puid=2866451666043766535&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-bd5btv0MFwcbs7Fsc9Gjk37Wmf79PYLzEU4W70A60g&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F4%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/4/4.gif?puid=caa7639a-8ff9-4200-8b5b-209efb5c023f&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/3/5.gif?puid=e5e71fa7-c77c-4dfb-a1b1-e304fa5001d2&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F2%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F2%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/10/2/6.gif?puid=5719384269748548482&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/1/7.gif?puid=DFD6276B4AF23EFB&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F826%2F0%2F8.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=108&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F826%2F0%2F8.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=4b7087ce-36d8-4728-9219-3934a51d4acf-639a8fff-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D4b7087ce-36d8-4728-9219-3934a51d4acf-639a8fff-5553%26partner_url%3Dhttps%253A%252F%252Fid5-sync.com%252Fc%252F464%252F826%252F0%252F8.gif%253Fpuid%253D4b7087ce-36d8-4728-9219-3934a51d4acf-639a8fff-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4b7087ce-36d8-4728-9219-3934a51d4acf-639a8fff-5553&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F826%2F0%2F8.gif%3Fpuid%3D4b7087ce-36d8-4728-9219-3934a51d4acf-639a8fff-5553%26gdpr%3D0%26gdpr_consent%3D
Request Chain 128
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dtaboola%26bsw_param%3Dd468709f-8e8f-4bd4-92eb-0459d8ceaa95&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=caa7639a-8ff9-4200-8b5b-209efb5c023f&expires=30&ssp=taboola&bsw_param=d468709f-8e8f-4bd4-92eb-0459d8ceaa95&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=d13c19b7-0716-405b-af08-35d2ae2f9b21
Request Chain 129
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0d6d5ecc-7194-4e87-bb2e-fc3bbb730e38 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0d6d5ecc-7194-4e87-bb2e-fc3bbb730e38&tbid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&query=taboola_hm%3D0d6d5ecc-7194-4e87-bb2e-fc3bbb730e38&isDirect=0
Request Chain 130
  • https://u.openx.net/w/1.0/sd?id=543998486&val=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&gdpr=0&gdpr_consent=
Request Chain 131
  • https://eb2.3lift.com/xuid?mid=7772&xuid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 133
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=wlQuUioJQix7laNARw8VX6310UA
Request Chain 134
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=453&user_id=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d13c19b7-0716-405b-af08-35d2ae2f9b21&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 136
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ade8e82f-ffe7-4c80-b86b-88526e59ba92
Request Chain 141
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671073781698 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671073781698
Request Chain 181
  • https://cm.everesttech.net/cm/dd?d_uuid=12316709697606325571715865101471925831 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5qP_QAAAFzkuQNW
Request Chain 184
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Request Chain 189
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=2866451666043766535
Request Chain 191
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=7596305536165464863
Request Chain 192
  • https://token.rubiconproject.com/token?pid=6404&puid=12316709697606325571715865101471925831&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LBOI6NG8-I-M375?gdpr=0
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTIzMTY3MDk2OTc2MDYzMjU1NzE3MTU4NjUxMDE0NzE5MjU4MzE= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDl2SJoIy_TI3kBp0MPYlKw&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 195
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=3407f6ba-8900-454e-8d7c-437e273b12f1
Request Chain 204
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5qP.Y9gwtF.MOeIsu.A9QAA%265314
Request Chain 208
  • https://dt.scanscout.com/ssframework/uid?UIAA=12316709697606325571715865101471925831&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-f59c0b20a6cf374159db6c82588493ca
Request Chain 210
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=12316709697606325571715865101471925831&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=12316709697606325571715865101471925831&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 212
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=12316709697606325571715865101471925831 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=12316709697606325571715865101471925831
Request Chain 215
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au HTTP 301
  • https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
Request Chain 217
  • https://tags.bluekai.com/site/43981?id=12316709697606325571715865101471925831&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 218
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=Y5qP_QAEFZHttgAF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVxUF9RQUVGWkh0dGdBRg==&_test=Y5qP_QAEFZHttgAF
Request Chain 222
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y5qP_QAADtHGEAAe HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5qP_QAADtHGEAAe&expires=90&_test=Y5qP_QAADtHGEAAe
Request Chain 244
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5qP_QAEC08CCgAZ HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5qP_QAEC08CCgAZ&_test=Y5qP_QAEC08CCgAZ
Request Chain 247
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Y5qP_QAAAkH1QwAo HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=Y5qP_QAAAkH1QwAo&_test=Y5qP_QAAAkH1QwAo
Request Chain 255
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5401263708949.222 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CKPzsPvS-vsCFa4etwAdJAECMQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5401263708949.222
Request Chain 256
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587840093593.782 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CITqsPvS-vsCFcPmcwEdPKsNXQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587840093593.782
Request Chain 259
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3407f6ba-8900-454e-8d7c-437e273b12f1&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3407f6ba-8900-454e-8d7c-437e273b12f1&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-Q54eIX9E2uLCXlIrKf6DvSCb26h0mOI-~A&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3407f6ba-8900-454e-8d7c-437e273b12f1&_origin=0&gdpr=0&gdpr_consent=
Request Chain 263
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3407f6ba-8900-454e-8d7c-437e273b12f1&expiration=1673665785&gdpr=0&gdpr_consent=
Request Chain 264
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5qP.Y9gwtF.MOeIsu.A9QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_h9Eg3zps7C_2Zb7zQUUs&google_cver=1&google_hm=2
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAWcBd_oTAv0JTa1xARKYdg&google_cver=1
Request Chain 267
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5qP_QAADtHGEAAe
Request Chain 268
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030001_639a8ffadcaf7&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_639a8ffadcaf7
Request Chain 269
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Request Chain 271
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5qP_QAADtHGEAAe
Request Chain 272
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qP_QAEC08CCgAZ
Request Chain 277
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5qP_QAAAkH1QwAo&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5qP_QAAAkH1QwAo&img=1&__user_check__=1&sync_id=ee46f7e6-7c25-11ed-889d-1a5700cb0407
Request Chain 289
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5qP_QAAAkH1QwAo&t=2592000&o=0
Request Chain 292
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573
Request Chain 299
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:caa7639a-8ff9-4200-8b5b-209efb5c023f&gdpr=0&gdpr_consent=
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K7LCcBJ1TuGxCwltdL_Bxw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=2BB2C270-1275-4EE1-B10B-096D74BFC1C7 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=2BB2C270-1275-4EE1-B10B-096D74BFC1C7 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1f37e46b-e5b2-40b6-b147-cbbc088b6407%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3407f6ba-8900-454e-8d7c-437e273b12f1&ttd_puid=1f37e46b-e5b2-40b6-b147-cbbc088b6407%2C
Request Chain 303
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2BB2C270-1275-4EE1-B10B-096D74BFC1C7&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2BB2C270-1275-4EE1-B10B-096D74BFC1C7&gdpr=0&gdpr_consent=&ct=y
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkJCMkMyNzAtMTI3NS00RUUxLUIxMEItMDk2RDc0QkZDMUM3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMrQjJirehml1hEPAdobVSQ&google_cver=1
Request Chain 307
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:903013B2202C4A24905F0F26C6F8A8E6
Request Chain 309
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=
Request Chain 312
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LBOI6NG8-I-M375 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LBOI6NG8-I-M375&ex=d-rubiconproject.com&status=ok
Request Chain 325
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=2866451666043766535
Request Chain 328
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30
Request Chain 330
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmNhYTlkNTg5NmYxNzY4MDNjMDdhZjcwYTk2YWVkMTRkY2ZmNmFlZg
Request Chain 331
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_0aSJEfLSKOwBp23z9pn1g&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_0aSJEfLSKOwBp23z9pn1g
Request Chain 332
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJPSTZORzgtSS1NMzc1
Request Chain 333
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJmz23i2q928mp2CVlig6LI&google_cver=1
Request Chain 334
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBOI6NG8-I-M375
Request Chain 335
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/d5YJmIdh2r8iInK4G9Bj_w?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Agd7saxE2oI4WTgFxxbKN76EwvA2KOcrYxObtQ--~A
Request Chain 344
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671073786922&url=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671073786922&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1671073786922%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671073786922&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true&liSync=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9091c847-0c1b-4e2b-aa4a-51c2ddb355ed HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9091c847-0c1b-4e2b-aa4a-51c2ddb355ed&_expected_cookie=a138050acbcbcc52f4f2f09d07ee5dd7
Request Chain 348
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2866451666043766535
Request Chain 349
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB
Request Chain 350
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7596305536165464863
Request Chain 352
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=phJgZ9CNY63qZooyBV6V&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD24DIJJTVUOKDJZMTMM3RLJXW66KCKY3FM HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD24DIJJTVUOKDJZMTMM3RLJXW66KCKY3FM HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=phJgZ9CNY63qZooyBV6V
Request Chain 353
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=16f53cf7-7c29-4f78-a59c-40dbfed353d2&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 359
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MzQwN2Y2YmEtODkwMC00NTRlLThkN2MtNDM3ZTI3M2IxMmYx&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e273b12f1 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e273b12f1&google_gid=CAESEP5H3hgIABnodoNcqroZNP0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzQwN2Y2YmEtODkwMC00NTRlLThkN2MtNDM3ZTI3M2IxMmYx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e273b12f1
Request Chain 360
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30
Request Chain 361
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=3407f6ba-8900-454e-8d7c-437e273b12f1&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=3407f6ba-8900-454e-8d7c-437e273b12f1&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=d13c19b7-0716-405b-af08-35d2ae2f9b21&ssp_data=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
Request Chain 362
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30
Request Chain 363
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MzQwN2Y2YmEtODkwMC00NTRlLThkN2MtNDM3ZTI3M2IxMmYx&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e273b12f1 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e273b12f1&google_gid=CAESEP5H3hgIABnodoNcqroZNP0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzQwN2Y2YmEtODkwMC00NTRlLThkN2MtNDM3ZTI3M2IxMmYx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e273b12f1
Request Chain 364
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=3407f6ba-8900-454e-8d7c-437e273b12f1&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=3407f6ba-8900-454e-8d7c-437e273b12f1&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=0a82396ba36695c8904cb4078bac8b1f&tpmn_buid=d13c19b7-0716-405b-af08-35d2ae2f9b21
Request Chain 376
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2866451666043766535
Request Chain 377
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB
Request Chain 378
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=caa7639a-8ff9-4200-8b5b-209efb5c023f
Request Chain 379
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=903013B2202C4A24905F0F26C6F8A8E6
Request Chain 380
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686798587&external_user_id=bab05e2e-514b-4026-b3e4-af56a214c416
Request Chain 381
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Request Chain 382
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=MpJ_N3Z2xmjJTPxGI_7C&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TLQJJPU4M22GJ4G22SKKRIHQR2JL43UG HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TLQJJPU4M22GJ4G22SKKRIHQR2JL43UG HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=MpJ_N3Z2xmjJTPxGI_7C
Request Chain 424
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEAFNOmKGNDofKOweG9eYTR8&google_cver=1&google_push=AavPq0MBb1UA4wC-BII4v1Oldt-jfaPEFpPTKRbK92q9ZLE25WhlcEY4spjPIDXa-Tbd02pNfjKPOOJW538uknK-eAxBfhaRPrPMTA HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEAFNOmKGNDofKOweG9eYTR8&google_cver=1&google_push=AavPq0MBb1UA4wC-BII4v1Oldt-jfaPEFpPTKRbK92q9ZLE25WhlcEY4spjPIDXa-Tbd02pNfjKPOOJW538uknK-eAxBfhaRPrPMTA&prevuid=07030001_639a8ffadcaf7&knw=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AavPq0MBb1UA4wC-BII4v1Oldt-jfaPEFpPTKRbK92q9ZLE25WhlcEY4spjPIDXa-Tbd02pNfjKPOOJW538uknK-eAxBfhaRPrPMTA&google_hm=MDcwMzAwMDFfNjM5YThmZmFkY2FmNw%3D%3D
Request Chain 425
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEBnEVBfB36vb0evWi_7noB0&google_cver=1&google_push=AavPq0Nz57ioj3eedluoSdQyQCOAvXIg-t2JYh1ayE1WIo7qPTIMamLLm0nqPBxmKRTkbabSq66i7Fvy-OABMwhkdEHTrta_LuV40g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AavPq0Nz57ioj3eedluoSdQyQCOAvXIg-t2JYh1ayE1WIo7qPTIMamLLm0nqPBxmKRTkbabSq66i7Fvy-OABMwhkdEHTrta_LuV40g&google_hm=NTF4MzluMDBuQkRBWTAwOG1yZEY
Request Chain 426
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMYYhI9dbUqCvpGYlxcPlgM&google_cver=1&google_push=AavPq0N1dvhlvdtV1ObCOLoIUmBVqgSFLV_tCgNfGmpGe9eOFNDK5QLsd8a_w-lEKJbO0CQxeN6dyW5M_0tDuta7sudrqaBX0P2qUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0N1dvhlvdtV1ObCOLoIUmBVqgSFLV_tCgNfGmpGe9eOFNDK5QLsd8a_w-lEKJbO0CQxeN6dyW5M_0tDuta7sudrqaBX0P2qUQ
Request Chain 428
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEL_Nr1TgyE52yf99gr2o2NY&google_cver=1&google_push=AavPq0OzQJr37NYqpx_FfHkb_4L7RQq7inVFELg0cyGPsaihMasEjdlQzihQPcb4TZYzlJagshNY-Uyna0lTofXN-EdQyUwPeu9ihBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AavPq0OzQJr37NYqpx_FfHkb_4L7RQq7inVFELg0cyGPsaihMasEjdlQzihQPcb4TZYzlJagshNY-Uyna0lTofXN-EdQyUwPeu9ihBA&google_hm=QlMuMDkzOS1jYWVhLTRiYzgtODAwMA==
Request Chain 429
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMYYhI9dbUqCvpGYlxcPlgM&google_cver=1&google_push=AavPq0NGAVALYwmyh5nprP_8nGTZqrym2o8uYp4OfUTnBB1FaUn1-73Zb5FGDDNnRUzSpzHIQdorq5S6-GPouMK1AP0pSWAFwIDeMzQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NGAVALYwmyh5nprP_8nGTZqrym2o8uYp4OfUTnBB1FaUn1-73Zb5FGDDNnRUzSpzHIQdorq5S6-GPouMK1AP0pSWAFwIDeMzQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 430
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEN-5P5c-IJy7PLva4Kgw95w&google_cver=1&google_push=AavPq0O_c8tQFh-cpXVM9LczLXXheARBxulFF5HvB9iVYoqqXxxVZ6lHnveOdAB8czgGNw7iP_gv6ppcbD4GJoCJCBjyEx8FCjKig3A HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEN-5P5c-IJy7PLva4Kgw95w&google_push=AavPq0O_c8tQFh-cpXVM9LczLXXheARBxulFF5HvB9iVYoqqXxxVZ6lHnveOdAB8czgGNw7iP_gv6ppcbD4GJoCJCBjyEx8FCjKig3A&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0O_c8tQFh-cpXVM9LczLXXheARBxulFF5HvB9iVYoqqXxxVZ6lHnveOdAB8czgGNw7iP_gv6ppcbD4GJoCJCBjyEx8FCjKig3A&google_hm=NVV1c0FzanVBam0wLWhoLU9VUnQ=
Request Chain 461
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qP_QAAAkH1QwAo&gdpr=0&gdpr_consent=
Request Chain 462
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2866451666043766535&gdpr=0&gdpr_consent=
Request Chain 463
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6wqwedab3h
Request Chain 464
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KJCJvCbF1rszk4XlJ5Kd6CbGh-8zkYXuKMJskrJn
Request Chain 465
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 466
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wlQuUioJQix7laNARw8VX6310UA
Request Chain 467
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=caa7639a-8ff9-4200-8b5b-209efb5c023f
Request Chain 468
  • https://idsync.rlcdn.com/420486.gif?partner_uid=2BB2C270-1275-4EE1-B10B-096D74BFC1C7 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDJCQjJDMjcwLTEyNzUtNEVFMS1CMTBCLTA5NkQ3NEJGQzFDNxAAGg0I_p_qnAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=2e0417b5f123f614e9ea8036d681e61bcf5d7d6e6f971c0888c907ec9aff0ed7791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyZTA0MTdiNWYxMjNmNjE0ZTllYTgwMzZkNjgxZTYxYmNmNWQ3ZDZlNmY5NzFjMDg4OGM5MDdlYzlhZmYwZWQ3NzkxNDI2YjU0MTdkY2UyMRAAGgwI_5_qnAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyZTA0MTdiNWYxMjNmNjE0ZTllYTgwMzZkNjgxZTYxYmNmNWQ3ZDZlNmY5NzFjMDg4OGM5MDdlYzlhZmYwZWQ3NzkxNDI2YjU0MTdkY2UyMRAAGgwI_5_qnAYSBAgCEABCAEoA&google_gid=CAESECwhMbRSBFnvFLUycI8mR_k&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=1106de63-b9b8-488e-a715-5eb00aafe1a0
Request Chain 469
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2BB2C270-1275-4EE1-B10B-096D74BFC1C7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HiKHPldE2uX7la24RyYdD_d4WyshCAU-~A&gdpr=0&gdpr_consent=
Request Chain 470
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d13c19b7-0716-405b-af08-35d2ae2f9b21&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522730902714800831&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=1f37e46b-e5b2-40b6-b147-cbbc088b6407&ssp=pubmatic&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522730902714800831&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=207480804366001304235&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10522730902714800831&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d13c19b7-0716-405b-af08-35d2ae2f9b21&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 471
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5719384269748548482
Request Chain 472
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7596305536165464863&gdpr=0&gdpr_consent=&us_privacy=

484 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heraldsun.com.au/
Redirect Chain
  • http://www.heraldsun.com.au/
  • https://www.heraldsun.com.au/
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16710737741193277904
  • https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
523 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
fccb25d16f118b7e7a9d0bad2197c96501d7ba1142cd7ff50c5557d727b5543c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 03:09:38 GMT
expires
Thu, 15 Dec 2022 03:09:38 GMT
host-header
a9130478a60e5f9135f765b23f26593b
is-https
true
pragma
no-cache
server
nginx
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 535614 0 pmb=mTOE,4
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3daa91b0105669b333242cb2dd528166b0-1671073775&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=aa91b0105669b333242cb2dd528166b0
x-bpath
OLD
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options
nosniff
x-opw
4
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
sin1 0 2 9980
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-xss-protection
1

Redirect headers

cache-control
max-age=1978
content-length
154
content-type
text/html
date
Thu, 15 Dec 2022 03:09:35 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1652934576.471666"
location
https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
server
AkamaiNetStorage
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.247 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-247.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:39 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
275FEC52742BD6B3
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=97024
accept-ranges
bytes
content-length
11472
x-amz-id-2
IVnTIaUhKHXQir+Znof6dy37oHqsxU5oLNTbsgCQSwUsi/yxeEd2fckGsI5WAk0gjMs/U4ujn1Y=
expires
Fri, 16 Dec 2022 06:06:43 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.247 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-247.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Dec 2022 03:09:39 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
CV9JBWAJFJ5W4Y5G
etag
"ad24be3fafec705de20c00e56afe05ae"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=582610
accept-ranges
bytes
content-length
12052
x-amz-id-2
JTLCXiXUPsXtO92pF6huxdFYIfoKp3jAch7N5v+11FSKgweB9dQvJ2FxrUfXJsIUUQLDJembajw=
expires
Wed, 21 Dec 2022 20:59:49 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.247 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-247.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:39 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
5E932DF2084C3F2F
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=64682
accept-ranges
bytes
content-length
12440
x-amz-id-2
WMic+EFGiWdQCWjaxp5kDVzlrDrO3M7H8xmN/7FbQJyvdbRbF+/nlF5ax+l7nHzNo1iwz9ZTmUc=
expires
Thu, 15 Dec 2022 21:07:41 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.247 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-247.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Dec 2022 03:09:39 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
D5509D0BA22E6447
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=350343
accept-ranges
bytes
content-length
11372
x-amz-id-2
gcjYwkNeKzl/QoYd2RdSCUAMdqlAfsg+6AGakSKNgroTpc7v9Hlkk/IvTe4PnMuy1AZAyHma9WM=
expires
Mon, 19 Dec 2022 04:28:42 GMT
lux.js
cdn.speedcurve.com/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
b0e3f8264efae0bccf0c34f32f588a6bc610df37a8a53552da41b76e9b1c7708

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
964
date
Thu, 15 Dec 2022 03:09:38 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
3825
x-cache
HIT
content-length
7152
x-served-by
cache-syd10127-SYD
last-modified
Thu, 15 Dec 2022 02:05:53 GMT
server
Apache
x-timer
S1671073779.730980,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Dec 2022 02:05:53 GMT
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f948c330c0e25b79dfcb7a2f039dfa3af4ddacdbea9077cbfe722d438f09f5a4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:09:39 GMT
date
Thu, 15 Dec 2022 03:09:38 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
958
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
W/"63844cfe-879"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d4a9b2e1495aff1c72b808d366bbc3cc6a43706e817befbb5aee91611f9884b3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:10:13 GMT
date
Thu, 15 Dec 2022 03:09:38 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2967
x-rq
sin1 0 2 9980
last-modified
Wed, 30 Nov 2022 04:28:24 GMT
server
nginx
etag
W/"6386dbe8-1d74"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=35
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:09:56 GMT
date
Thu, 15 Dec 2022 03:09:38 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1537
x-rq
kix1 0 2 9980
last-modified
Mon, 05 Dec 2022 05:56:06 GMT
server
nginx
etag
W/"638d87f6-2b9b"
vary
User-Agent
content-type
text/css
cache-control
max-age=18
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:09:43 GMT
date
Thu, 15 Dec 2022 03:09:38 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
6236
x-rq
nrt1 0 2 9980
last-modified
Thu, 24 Nov 2022 01:45:33 GMT
server
nginx
etag
W/"637eccbd-7b68"
vary
User-Agent
content-type
text/css
cache-control
max-age=5
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:09:39 GMT
date
Thu, 15 Dec 2022 03:09:38 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
894
x-rq
nrt1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:04 GMT
server
nginx
etag
W/"63844cfc-b62"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 		240 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
375fa7d646eb52c53c4973a0ba502e5edc41e5a455c57232dc290b36ae1436e4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
IstAHiwhym5ISyDMzMegzMRg_TKE0MT6
content-encoding
gzip
via
1.1 varnish
date
Thu, 15 Dec 2022 03:09:38 GMT
x-amz-request-id
HSHGX6GHAYFK21AG
age
9561
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
7
content-length
36720
x-amz-id-2
AEiRlpGvxUDnjdUx9ddTrLxK4H1kaqbpSwlQhwfVEclKPvf3L+yeQRCamr3M4XEHZLTauWPZ/80=
x-served-by
cache-syd10151-SYD
last-modified
Thu, 15 Dec 2022 00:30:18 UTC
server
nginx
x-timer
S1671073779.727846,VS0,VE0
etag
"f60bccb2c268e8c50c3b700f9e6fd3d14ab4b36b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
9
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
2
2fd7680d
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/2fd7680d
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7bc5ef548dbde54ff0472e34814e5a79a711865437493388d8d01e7eb7f7220e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:09:38 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Thu, 15 Dec 2022 03:09:38 GMT
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-arrrg4
https://www.heraldsun.com.au/
x-opw
4
content-length
8769
pragma
no-cache
x-bpath
OLD
blaizehappened
true
etag
"7b4d7d1120aa2895971692d6e636333bfa8f9d3c44ac48cdb16e64ebd0efcf52"
vary
User-Agent, Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f2fd7680d&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=2fd7680d&session=aa91b0105669b333242cb2dd528166b0
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Fri, 13 Jan 2023 07:34:26 GMT
date
Thu, 15 Dec 2022 03:09:38 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3055
x-rq
sin1 0 2 9980
last-modified
Sun, 04 Dec 2022 22:07:54 GMT
server
nginx
etag
W/"638d1a3a-1f69"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2521488
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.247 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-247.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Dec 2022 03:09:39 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
8CFC5CF20FCCF0E0
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=201506
accept-ranges
bytes
content-length
16112
x-amz-id-2
AX9xKzvyw8F7URJ4HsRau/7gUlz9ldHtflgeH4seCCuG/IAZ+XqRAnV+hWm9j5KML9DAp3P3UaA=
expires
Sat, 17 Dec 2022 11:08:05 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.247 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-247.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:39 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
1J7K2R2S5W0QCG3W
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=491293
accept-ranges
bytes
content-length
15948
x-amz-id-2
nruS5wshl+Z53oSxuJC5+gzpa8OsRlwVDWEf/z6xyogyoJwFPbDOW+3prnciPYrDNF71xlrPNUg=
expires
Tue, 20 Dec 2022 19:37:52 GMT
046773c9f21cbe40bf400b94585faa63
content.api.news/v3/images/bin/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/046773c9f21cbe40bf400b94585faa63?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
cc0d616327ba36317c494ef34473d2b786e85a1c29f1f2eb3ef56e172faf9182

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:38 GMT
x-check-cacheable
YES
edge-cache-tag
046773c9f21cbe40bf400b94585faa63
content-length
27460
last-modified
Thu, 15 Dec 2022 03:02:02 GMT
server
Akamai Image Manager
x-serial
574
etag
628098d2c0faf2f6d7634bc5df2d41d8-046773c9f21cbe40bf400b94585faa63-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5183421
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 02:59:59 GMT
96330df88a1d58ec9ada87e3cbba08b4
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/96330df88a1d58ec9ada87e3cbba08b4?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
bb0c14cd339c6a54d0a34d590e897937afc38109202bca355cb1ffd06b2701b0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:38 GMT
x-check-cacheable
YES
edge-cache-tag
96330df88a1d58ec9ada87e3cbba08b4
content-length
3975
last-modified
Thu, 15 Dec 2022 00:10:35 GMT
server
Akamai Image Manager
x-serial
1281
etag
d51002a08c58bc0f7b3807d0017daec0-96330df88a1d58ec9ada87e3cbba08b4-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5173255
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 00:10:33 GMT
f6e34f4774f54fed37a6d6081ab5f481
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f6e34f4774f54fed37a6d6081ab5f481?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
1e343140fba50863f9a58310f2917a6a081b047af98a6f38a319b9e7987dd286

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:38 GMT
last-modified
Thu, 15 Dec 2022 01:11:01 GMT
server
Akamai Image Manager
etag
4fb90516e0e329ce50c0982937bb622e-f6e34f4774f54fed37a6d6081ab5f481-150
edge-cache-tag
f6e34f4774f54fed37a6d6081ab5f481
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5176716
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4736
expires
Mon, 13 Feb 2023 01:08:14 GMT
a69c8cfc88f6670714200bd80db0d14e
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/a69c8cfc88f6670714200bd80db0d14e?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
da75b108ff1ca812d896c648f2aef586fbd65374274dec7890fb9fc411bb7d14

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:38 GMT
last-modified
Thu, 15 Dec 2022 01:13:28 GMT
server
Akamai Image Manager
etag
2be1fbbfe10ec955811980490e9f962e-a69c8cfc88f6670714200bd80db0d14e-150
edge-cache-tag
a69c8cfc88f6670714200bd80db0d14e
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5176896
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3986
expires
Mon, 13 Feb 2023 01:11:14 GMT
46a9f1701d5dda4e3fedfaf2fa3c5ad1
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/46a9f1701d5dda4e3fedfaf2fa3c5ad1?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
68ba68fdbe01e94c9f187960f9aecd379d993e725f2a3f04f9e0c36cee41ce30

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:38 GMT
last-modified
Thu, 15 Dec 2022 00:43:02 GMT
server
Akamai Image Manager
etag
a046e53ac4757d14a961f8549349a10d-46a9f1701d5dda4e3fedfaf2fa3c5ad1-150
edge-cache-tag
46a9f1701d5dda4e3fedfaf2fa3c5ad1
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5175192
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5677
expires
Mon, 13 Feb 2023 00:42:50 GMT
605af6d2a074a245de4cc83f1258d9d5
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/605af6d2a074a245de4cc83f1258d9d5?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
dbd3a8ebc22466c0a20ddf58489252b8ef30dad1f4d1c4e577b0b324b00db77c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:38 GMT
x-check-cacheable
YES
edge-cache-tag
605af6d2a074a245de4cc83f1258d9d5
content-length
5140
last-modified
Thu, 15 Dec 2022 01:18:00 GMT
server
Akamai Image Manager
x-serial
1725
etag
5d3b2f8f3f4010d35af2f33337a05bc1-605af6d2a074a245de4cc83f1258d9d5-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5177157
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 01:15:35 GMT
031e6619433cbd8dca7b8b07507347b8
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/031e6619433cbd8dca7b8b07507347b8?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
dea5d793682ff6a99a6b9f9898a04b2aefb899340d1562ae7fb29b0804ba3f88

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:39 GMT
x-check-cacheable
YES
edge-cache-tag
031e6619433cbd8dca7b8b07507347b8
content-length
4636
last-modified
Thu, 15 Dec 2022 01:39:54 GMT
server
Akamai Image Manager
x-serial
1718
etag
9f09cf15d7d15423f0e91166c28454d8-031e6619433cbd8dca7b8b07507347b8-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5178653
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 01:40:32 GMT
209f9da936d61a908fe7da7c61b762d4
content.api.news/v3/images/bin/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/209f9da936d61a908fe7da7c61b762d4?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
bc727e9522d980b6d047a6555aa711399b89c8980a2175c1226169b0337c95df

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:38 GMT
last-modified
Thu, 15 Dec 2022 02:43:27 GMT
server
Akamai Image Manager
etag
e792042d50b1e360bfbcf8677a5ad9f4-209f9da936d61a908fe7da7c61b762d4-650
edge-cache-tag
209f9da936d61a908fe7da7c61b762d4
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5182325
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
25856
expires
Mon, 13 Feb 2023 02:41:43 GMT
3a9d7e0df0fe970352278d04ab86d7fc
content.api.news/v3/images/bin/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3a9d7e0df0fe970352278d04ab86d7fc?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8b346f5da4ac6be488bb5c02a6742c845cdb51ad17c64669f376af02cfae0250

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:38 GMT
last-modified
Thu, 15 Dec 2022 01:24:24 GMT
server
Akamai Image Manager
etag
857281c34e406428127379b27f6f8ca6-3a9d7e0df0fe970352278d04ab86d7fc-650
edge-cache-tag
3a9d7e0df0fe970352278d04ab86d7fc
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5177649
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
28145
expires
Mon, 13 Feb 2023 01:23:47 GMT
fb9a950c48e56171ef60381dc958327b
content.api.news/v3/images/bin/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/fb9a950c48e56171ef60381dc958327b?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4245c9317bdd03c399c7d209333549e525906f02f649a11cbd5707ef2782af03

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:38 GMT
x-check-cacheable
YES
edge-cache-tag
fb9a950c48e56171ef60381dc958327b
content-length
37558
last-modified
Thu, 15 Dec 2022 01:24:22 GMT
server
Akamai Image Manager
x-serial
1171
etag
8f5353b1f8050b6c9ac68bf56954d11a-fb9a950c48e56171ef60381dc958327b-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5177577
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 01:22:35 GMT
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.247 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-247.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Dec 2022 03:09:39 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
C18689EA7EA08C40
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=69474
accept-ranges
bytes
content-length
540
x-amz-id-2
3HpRKeVx/M23wqjeI91EfMscREQGPfKZL/bdvcYoSvOw15VYl/77SR/9LKvbQHDZ6Dux8bhB8UM=
expires
Thu, 15 Dec 2022 22:27:33 GMT
rea-logo.png
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/rea-logo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.169.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 03:09:39 GMT
x-amz-version-id
fJFk.rSD7m0my1Uc67iV0dc4uKOxz4yR
Last-Modified
Thu, 09 Sep 2021 21:17:00 GMT
Server
AmazonS3
x-amz-request-id
CRD8SGJJGRV9TH7A
ETag
"731035d55715734eff2f2a0f9afb31e7"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
28648
x-amz-id-2
9aAVD3DkImAb77sD4pGOILkQ+LEyItVjWi5OdoNI1Kqd1KziU9zKGW12HLcbXQqujjDbpqTQm4cPv1owpi4kHA==
heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Fri, 13 Jan 2023 08:42:43 GMT
date
Thu, 15 Dec 2022 03:09:38 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2891
x-rq
sin1 0 2 9980
last-modified
Sun, 04 Dec 2022 22:07:54 GMT
server
nginx
etag
W/"638d1a3a-1e5e"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2525585
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css?ver=v0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 03:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
etag
"4e195ff32f27eb3c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 15 Dec 2022 03:09:39 GMT
/
www.heraldsun.com.au/_static/ 		99 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZuYGRuaGBoVEWAK9DIhM=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4dac27962abc535e8e0c5707e167d2fe63d16dbfda95ce820c6c8218796d24c1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Thu, 15 Dec 2022 03:09:38 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
100912
x-rq
sin1 0 2 9980
last-modified
Mon, 05 Dec 2022 20:10:12 GMT
server
nginx
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 15 Dec 2022 03:09:39 GMT
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.247 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-247.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Dec 2022 03:09:39 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
415A614139BCDA02
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=545857
accept-ranges
bytes
content-length
535
x-amz-id-2
PNg1zmgGWljUsHSmH5OvFn1v51xVRQc5WPXzdEkzqbgpSjMbKvpn18AnhwqenDV1yWJhMB5Abqg=
expires
Wed, 21 Dec 2022 10:47:16 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.247 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-247.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:39 GMT
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
HBSM65NXW692RVP6
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=465511
accept-ranges
bytes
content-length
586
x-amz-id-2
u7f7Gi68iGJY0DiRegO0fNtiPTUOatAsJ44BUTin/3jhqu4YfC+TUH48SPBNhy8NBinMhmKQtr4=
expires
Tue, 20 Dec 2022 12:28:10 GMT
adblock.js
tags.news.com.au/prod/adblock/ 		102 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
application/x-javascript
date
Thu, 15 Dec 2022 03:09:38 GMT
cache-control
max-age=78981
server
AkamaiNetStorage
etag
"bebf5f8dc74222b04669a0854d13b696:1634099175.124073"
content-length
102
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
load.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 15 Dec 2022 03:09:39 GMT
x-amz-request-id
769Q37HT361EJFAE
age
255
x-cache
HIT, HIT
content-length
1123
x-amz-id-2
tYdPMngv710tMSP6xQi7thZP+hgpno/vIuX2wz0Hkx5Gi1OeC9MsQuoSoynYmXr+kliP05dZYf8=
x-served-by
cache-lax10664-LGB, cache-syd10152-SYD
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1671073779.150696,VS0,VE0
etag
"1a868d280f9424f5d82876d6cf0c46b9"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
2, 14
impl.20221213-28-RELEASE.js
cdn.taboola.com/libtrc/ 		697 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f164ec8de5881a65f775c90a18557a2ca67a4ef51f35aed61135683efe18baf1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
Lrl1e2Aw8HzCg9OgpbTX6ln5I5_T3ZPx
content-encoding
br
via
1.1 varnish
date
Thu, 15 Dec 2022 03:09:38 GMT
x-amz-request-id
N624879947PWDVVD
age
12836
x-cache
HIT
content-length
147906
x-amz-id-2
tPZBpqt3ILdR+NPrbTWYoJrD2welhEef7VMEN934ReaQzORsvx21pbF3ptx6Guu4GrX/BGL1Ht0=
x-served-by
cache-syd10151-SYD
last-modified
Tue, 13 Dec 2022 15:34:28 GMT
server
AmazonS3-br
x-timer
S1671073779.947845,VS0,VE0
etag
"a4495474400267464c5d5703cfb4ef74"
vary
Accept-Encoding
content-type
application/javascript
abp
41
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
12559
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-104.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:57:46 GMT
content-encoding
gzip
via
1.1 4187f012ebd71eb85a8870ea46453784.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
40313
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
Ov1-MmEmwm5O-U7c3SrhGHnMcivWtYZtqJiN7Sh4ZFISFALTmp_FdA==
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2MMMQK60YJW48WHK
age
3910
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
EoOXFEYkoqmq9Qunsc+XCrazIO2Muxp8r/rcbOFIoXu/McBqxvGRu0/LL6aC8se4hEK9gO0nSks=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gui3y25Ekv1MHYdvGPjC5Fq1u%2FtAZrR%2BfOGlDxGRzEOVyMYNQp75BZbyPGlfHhyL1bk%2Fx2lnIRTN46jAhmZ3iEwGIZHONdAGo3cALkYr3uONsl28svgo5RRVdfuY6D40vJc0IBUW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
779bfb534f576bd0-SIN
pmk-202003261.4.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 15 Dec 2022 03:09:39 GMT
x-amz-request-id
CBJAXHHVTDDK1AH7
age
21402613
x-cache
HIT, HIT
content-length
30954
x-amz-id-2
T+SO3zzAu/vI3ID3zGGjDx2/OWdNCwfDObUAO4AV3bMqhIR2V9jGe9Y4TcERARxY+Vu0wOuMQqY=
x-served-by
cache-sna10723-LGB, cache-syd10152-SYD
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1671073779.370500,VS0,VE0
etag
"b7fcedf037c57085d364b689ca46f32e"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 7084
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/ 		60 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
807309e11ee0715a03218fa4f8e68809350e81ba539823720dffa7bab9b1fc29
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Thu, 15 Dec 2022 03:09:39 GMT
x-datacenter
gce-asia-east1
etag
"e318ec5b06b0d633aa5cd0fc97b5b2398e2cdf243d74a5a19f147a7921b2d9e7"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-b5lx
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
718439402
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=03%3A09%3A39.377&lti=deflated&data=%7B%22id%22%3A66%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1670946107109%2C%22vi%22%3A1671073779375%2C%22cv%22%3A%2220221213-28-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11136%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A1329.0625%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7b7ac50b79bf18752a58cfb881a3becafbe2578a3aabfee87d4d909226425f98

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
156
date
Thu, 15 Dec 2022 03:09:39 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-syd10151-SYD
server
nginx
x-timer
S1671073779.433206,VS0,VE156
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:09:40 GMT
date
Thu, 15 Dec 2022 03:09:39 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
74
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
"63844cfe-37"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		277 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Thu, 15 Dec 2022 03:09:39 GMT
server
AkamaiNetStorage
etag
"b4a3b9b58bfcfee5da16aa61754376ea:1658294497.988769"
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=531
is-https
true
x-opw
4
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 15 Dec 2022 03:18:30 GMT
indies-loader.js
ts2020-indies-client.web.app/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36a1d1c43e402933e481767a31986cd28968a959cd0fcfb614fa1b2da6a8b7cc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
cache-syd10146-SYD
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Thu, 15 Dec 2022 03:09:39 GMT
last-modified
Mon, 14 Nov 2022 00:03:09 GMT
x-timer
S1671073780.639635,VS0,VE0
etag
"cbb3dfd4f549aa029702fc7ca53f4c8dd52daaf8e9559703aa852d3760850ff6-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1470
x-cache-hits
288779
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		97 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
871692dfb0891aec6f11a20084973748da4f55804d2c982b1f6e10c4855fe7da
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:10:31 GMT
date
Thu, 15 Dec 2022 03:09:39 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
29864
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
W/"63844cfe-182d6"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=52
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:09:40 GMT
date
Thu, 15 Dec 2022 03:09:39 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2149
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
W/"63844cfe-1973"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 03:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
etag
"4e195ff32f27eb3c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 15 Dec 2022 03:09:39 GMT
amp-story-player-v0.js
cdn.ampproject.org/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
c98c20916f12f74e43f885162eb285c213a978a45c76769a2517e4b8c6d4b1ae
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 03:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16115
x-xss-protection
0
server
sffe
etag
"6fc2662babd12b8e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 15 Dec 2022 03:09:39 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671073779502&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20a...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671073779502&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671073779502&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.33.88.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-104.sin2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:40 GMT
via
1.1 4187f012ebd71eb85a8870ea46453784.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
QDYyWjmovBn5TyVAxAG7DEJKKtpQdJvK0D-x0WzL1IHLW8rGqf8l2A==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671073779502&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
date
Thu, 15 Dec 2022 03:09:39 GMT
via
1.1 4187f012ebd71eb85a8870ea46453784.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
content-length
0
x-amz-cf-id
wkczIBrYMm-uvdaejPQMvb5FNzet-XG1QuKKN90PQ3MVUxENtTsIZA==
x-cache
Miss from cloudfront
userx.20221213-28-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20221213-28-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392df454db433937cbd9eab9124a901bbdfa8309483d629420f4f177237a3bef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
37d5eleN_6OaHEk3s7Shzw66j8sfEa21
content-encoding
gzip
via
1.1 varnish
date
Thu, 15 Dec 2022 03:09:39 GMT
x-amz-request-id
HJCQNBQDHMBBVN8V
age
68
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
peWUOxbv2bGtrWHppAKxSTymak7LUwfEUmQ2jcuNeIy1x73PCefQHcnh4O6Tl0spBCcDbe3HXXI=
x-served-by
cache-syd10151-SYD
last-modified
Wed, 14 Dec 2022 10:01:56 GMT
server
AmazonS3
x-timer
S1671073780.716964,VS0,VE0
etag
"387419e6bca348b851c6311c87a7394b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
39
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
13
output-onlinepngtools.png
cdn.taboola.com/static/impl/png/ 		433 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/impl/png/output-onlinepngtools.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
AAyhRafOuktzn.f74Q8OqW.nPL5_HaO.
date
Thu, 15 Dec 2022 03:09:39 GMT
via
1.1 varnish
x-amz-request-id
JC91BP2JQ28V5KMY
age
8658
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
433
x-amz-id-2
G4eyqL9eH/PW5fQ6BSslf4KbqY0dfvjpFhoRZLmaJ+Urb5/+YMWAIR6OEj3azhAXZKdpNmy7jYg=
x-served-by
cache-syd10151-SYD
last-modified
Mon, 15 Feb 2021 03:14:25 GMT
server
AmazonS3
x-timer
S1671073780.717662,VS0,VE0
etag
"85ce6ba53f1b4531a8d6ea8389d13cf7"
content-type
image/png
abp
39
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
97
social
sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=HK:SG:V&lti=deflated&ri=f1786438df0e6b7d87845f4686e51c89&sd=v2_c4a930d1cfb4a83e50562bf455e711c3_f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573_1671073779_1671073779_CIi3jgYQgPNHGK-diZ7RMCABKAEwEDiu_QZA8IUQSOaS1wNQlZoCWABgAGiQ8oHT17O4ql1wAQ&ui=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&pi=/&wi=873729681997272865&pt=home&vi=1671073779375&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=03%3A09%3A39.682&id=573&llvl=2&cv=20221213-28-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
THUMBNAIL-3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2022/10/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2022/10/THUMBNAIL-3.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9c387d446d57313c4a8bff837dc8adc35268a50b86de7f7e0fb3e2d6495fc267

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 15 Dec 2022 03:09:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2022/10/THUMBNAIL-3.jpg
age
4935703
edge-cache-tag
426185833461575704444405455687490393880,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
cache-tag
426185833461575704444405455687490393880,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
84
req-referer
https://www.adelaidenow.com.au/
content-length
7138
x-request-id
1653fc637228b8d1612a87a02309826d
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000166-IAD, cache-iad-kiad7000123-IAD, cache-bur-kbur8200177-BUR, cache-iad-kjyo7100171-IAD, cache-syd10151-SYD
last-modified
Tue, 18 Oct 2022 22:46:42 GMT
server
nginx
x-timer
S1671073780.743689,VS0,VE0
etag
"9291e7aa4f9cdfb91672e781c278f578"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 34, 13
campaigns
resourcesssl.newscdn.com.au/indies/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.247 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-247.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
f782453376c8eafe4712af01d339385534774c44b0ebdb57ed5eadf96d49e859
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

x-cache-hits
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Thu, 15 Dec 2022 03:09:40 GMT
x-powered-by
Express
content-length
720
x-served-by
cache-qpg1253-QPG
server
Google Frontend
x-timer
S1671072683.966956,VS0,VE359
etag
W/"774-Gz0BfRPqOiT4UaGn9yqXPba+ckw"
x-i
true
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
f6dba6a030812f9a0b90ea340acc0eb8
cache-control
private, max-age=600
function-execution-id
r4n56pohv5hf
accept-ranges
bytes
x-orig-accept-language
en-US,en;q=0.9
x-country-code
SG
expires
Thu, 15 Dec 2022 03:19:40 GMT
campaigns
resourcesssl.newscdn.com.au/indies/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.247 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-247.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
private, max-age=1800
content-type
text/html
date
Thu, 15 Dec 2022 03:09:40 GMT
expires
Thu, 15 Dec 2022 03:39:40 GMT
function-execution-id
hcwu6plxdfcz
server
Google Frontend
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-cache-hits
0
x-cloud-trace-context
80cf21959d5aa7333cce02f6f9bb4a93
x-country-code
SG
x-i
true
x-powered-by
Express
x-served-by
cache-qpg1235-QPG
x-timer
S1671073780.805248,VS0,VE255
comments-count
mhr.talk.news.com.au/api/v1/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=d8a4c386a9b019351beb2a9c7894ea24,0acdf20082a9a9e864eea826e4e6d491,694271b3edea797dd155c91b91112553,e452fab25b988f03184ee3f83d34eb66,afa8e6bf423c08a06b3b144e7ffd1ad8,f4515d3a1626a52090abd3df9741a8c6,fff69647aae2d2f25730afd5c32c889d,a0fddd7dd7be79015bf63e48f0cae4e2,14c5878bd9d8eb545fa3aba707a69982,26fb867e9be9410343d09fc971eb24aa,b8c0552dcddff92b356b57131ff53feb,9058a547bf63318ea30734a607f62395,71d6ba0068a7953235d3fc84a4a9cf62,83ad7e17de8db18b8c4129ab2aa2696b,2b987142ef5f21052497622999e7b07a,11fdd4c38ac6594563a3302e2b0035d7,58e373030198ec6bab10fac8c3a055a9,ff0ec866d5daa9a0a3db89fb68e8493f,a9ef3b044855817d0de00e8fee0c173d,4ffdefac657dfcebc8138c1692c881e4,38ddb968355d700320bc4301c449fbd8,11b5b0198f770618adf8a9cf20be3e3f,e979c3c47891249c9ada8e5c5d4ea4ba,14ec0e4f539d8258b675e049e5c7b240,a77116bc5acebbf02a1e364ee35f7281,4cf9df54798686096526b7fca4d04780,fd3777e08a3ec15e20854e9ebefab5c2,a38c4b2cd6ae2a466fce6c4ddf3d016e,f29ef8063914c9a3b3cf6f47e8d0e138,7f3d18c0df7151e40bb2e40fe2daa974,047751ba3e5408cd15c60119c2fb2d27,154067ae831d538827d3d23896d85108,9384b8cba8b2318beb7b886cf174a2b0,a018ac2b580c483ecc9a11d1c72267bf,848479f42854d5e58e89b382a32964dc,639cf4a816c691074ad58d301df95ec3,6d28c339ca7a6b3326addf6e17b71011,c64a238fba8fb01cac7051e8bef01f83,da86db486f131f5fca444c59cb783471,86744ce4a7e17b34f9f9d44ed525cfef
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
3687399516733927a932d97f42b3f7a5b124e1d21c7cf7cff2a110e8174ad30d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 03:09:40 GMT
server
nginx/1.20.1
etag
W/"5dc-tGcR5qhnYLWokXFHli4fSb/mNbM"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
abeee360-7c24-11ed-8854-cd7fa50f7c8e
content-length
857
x-xss-protection
1; mode=block
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b04773d5df5fd9ca777408f0d78c6ed64aaf6165bc70c99a11d6b0d4cc06e9c6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Thu, 15 Dec 2022 03:09:39 GMT
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1696
x-rq
sin1 0 2 9980
server
nginx
vary
User-Agent
allow
GET
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=8
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 15 Dec 2022 03:09:47 GMT
1a9b6e7d4f9f03388987468c9a0caa95
content.api.news/v3/images/bin/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1a9b6e7d4f9f03388987468c9a0caa95?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
707d2c0e6f2ebf60d6f8555335382ee4b51f7577298d08a7f7b357e0efa33adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:39 GMT
last-modified
Wed, 14 Dec 2022 21:28:49 GMT
server
Akamai Image Manager
etag
8f69cbcc0c2eb35b3e7d9ba1f5e3ccf5-1a9b6e7d4f9f03388987468c9a0caa95-150
edge-cache-tag
1a9b6e7d4f9f03388987468c9a0caa95
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5163595
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5420
expires
Sun, 12 Feb 2023 21:29:34 GMT
ad585a5dfc408c0117c406b39c7cce45
content.api.news/v3/images/bin/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ad585a5dfc408c0117c406b39c7cce45?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f165a9d06f5fa4a94dde100488e8932c15f31013058fe53aecf6828378b73035

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:39 GMT
x-check-cacheable
YES
edge-cache-tag
ad585a5dfc408c0117c406b39c7cce45
content-length
8202
last-modified
Tue, 13 Dec 2022 00:48:27 GMT
server
Akamai Image Manager
x-serial
259
etag
af7f9a06bd1eec563c2ca3fe17dc639a-ad585a5dfc408c0117c406b39c7cce45-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5002597
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 11 Feb 2023 00:46:16 GMT
c3aac69b3b321934118cb867c9e93520
content.api.news/v3/images/bin/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c3aac69b3b321934118cb867c9e93520?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e1623e1451248e9a54e49b3fbc7290db5e5e620756f4c8933efeece19abc5816

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:39 GMT
x-check-cacheable
YES
edge-cache-tag
c3aac69b3b321934118cb867c9e93520
content-length
6621
last-modified
Wed, 14 Dec 2022 03:40:20 GMT
server
Akamai Image Manager
x-serial
1049
etag
6b9afaabc430fda4777ee8b5a1fe47c0-c3aac69b3b321934118cb867c9e93520-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5099335
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 12 Feb 2023 03:38:34 GMT
authorize
login.newscorpaustralia.com/ Frame 3133 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=vqf2oU2xorVo6z.Ny4zLACvUr7qm25p3&nonce=0Bfvr7n0rlKmN.ns~c2j1ft5ZvmPYsrH&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.243.62 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-243-62.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
c91da41b350edbad9daa9e61681b6e9e37b98cfea296b4cbb5b7ae1fa2c36950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
779bfb5a0ad14ca1-SIN
content-encoding
gzip
content-length
815
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Thu, 15 Dec 2022 03:09:40 GMT
expires
Thu, 15 Dec 2022 03:09:40 GMT
ot-baggage-auth0-request-id
779bfb5a0ad14ca1
ot-tracer-sampled
true
ot-tracer-spanid
06ebb5e06286f559
ot-tracer-traceid
26448127305b70c3
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-000000000000000026448127305b70c3-06ebb5e06286f559-01
tracestate
auth0-request-id=779bfb5a0ad14ca1,auth0=true
vary
Accept-Encoding
x-akamai-transformed
9 581 0 pmb=mTOE,3
x-auth0-requestid
570e08b52395ea17c60b
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
998
x-ratelimit-reset
1671073781
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.178 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-178.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
24410676eb08d5eb735d4106f35c8e1de84e2c6d10e4f6b68222125d6a52da6a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:40 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 06:01:49 GMT
server
AkamaiNetStorage
etag
"edd094a83833400340dd04039cdd122f:1670479309.994367"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1553
expires
Thu, 15 Dec 2022 03:14:40 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		82 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.178 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-178.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cbdaa0d9ab150be50ea53f75a1d0ef126a96cf88511bbc00577be698db00fb9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:40 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 06:01:50 GMT
server
AkamaiNetStorage
etag
"173d1f23698ee8297b151a48bdea9d96:1670479310.123213"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
21334
expires
Thu, 15 Dec 2022 03:14:40 GMT
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		192 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
785465b09f140b9b51cd3cd6df111c999e5ae3b678f1f4a034463ee62f04da56
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:09:40 GMT
date
Thu, 15 Dec 2022 03:09:39 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
45762
x-rq
sin1 0 2 9980
last-modified
Mon, 05 Dec 2022 04:54:40 GMT
server
nginx
etag
W/"638d7990-30150"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fec72676feb48045880ac7db884269bb0a4ddf1c622714818c644d2615c119b4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:10:01 GMT
date
Thu, 15 Dec 2022 03:09:39 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3442
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
W/"63844cfe-21ad"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=22
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
fb2f3e951cc5c5252803e6620f68a29f
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/fb2f3e951cc5c5252803e6620f68a29f?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2e29f9b139b8d969decbd30d8d27b2ca29053a0d2bf60f9be5731e215fef26c4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:40 GMT
x-check-cacheable
YES
edge-cache-tag
fb2f3e951cc5c5252803e6620f68a29f
content-length
4293
last-modified
Thu, 15 Dec 2022 02:21:54 GMT
server
Akamai Image Manager
x-serial
1778
etag
369418ff8d8829389786332f3b3f85b3-fb2f3e951cc5c5252803e6620f68a29f-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5181072
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 02:20:52 GMT
746fbda76810cf5454d04ab1f20edee3
content.api.news/v3/images/bin/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/746fbda76810cf5454d04ab1f20edee3
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
291a3d79990d83388695cb991d16245105d67f77d4b1c82cba26c2f156583a3a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:40 GMT
last-modified
Thu, 15 Dec 2022 01:46:56 GMT
server
Akamai Image Manager
etag
e25bb139ae5df1ec3668aa3e297a838b-746fbda76810cf5454d04ab1f20edee3-0
edge-cache-tag
746fbda76810cf5454d04ab1f20edee3
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5179004
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
32074
expires
Mon, 13 Feb 2023 01:46:24 GMT
pixel_2fd7680d
www.heraldsun.com.au/akam/13/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_2fd7680d
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/2fd7680d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-bpath
OLD
date
Thu, 15 Dec 2022 03:09:40 GMT
blaizehappened
true
vary
User-Agent
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
is-https
true
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_2fd7680d&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=pixel_2fd7680d&session=aa91b0105669b333242cb2dd528166b0
x-arrrg4
https://www.heraldsun.com.au/
x-opw
4
content-length
0
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
skeleton.js
static.adsafeprotected.com/ 		17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.210.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-210-105.lax50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 11:08:04 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 0931eacdfabebfd9816e3573b4bf15b4.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX50-C1
age
403297
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
iNO06Peta-p6AvD_yHQbpuTCn3hjbyNHRwx6ZrIbS70hkAKXv0FY5w==
cd02296291f1681030fda3fd3fbd60c1
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/cd02296291f1681030fda3fd3fbd60c1?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4dee19d7dd0581c179a55c4accb3012dd4bee4ea86acd9948a1487f76e40bf66

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:40 GMT
x-check-cacheable
YES
edge-cache-tag
cd02296291f1681030fda3fd3fbd60c1
content-length
4432
last-modified
Thu, 15 Dec 2022 02:34:39 GMT
server
Akamai Image Manager
x-serial
460
etag
c12cb410ff167821133d22e9d8cd213c-cd02296291f1681030fda3fd3fbd60c1-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5182019
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 02:36:39 GMT
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-76.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 ac187c6f8a07d8e2befb08fa6809bc08.cloudfront.net (CloudFront)
date
Wed, 14 Dec 2022 23:05:38 GMT
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
14642
x-amz-server-side-encryption
AES256
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
SvvjsH1z2atkeN5xbIyoAdziiJGIS07JVzB99PhPeSRSZvJa3eaJrA==
mynews-promo.png
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b890e2fe66bddbfcf0aad772997478817d1ee529a7d79bc58d296a33a68970fa
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Mon, 19 Dec 2022 04:51:19 GMT
date
Thu, 15 Dec 2022 03:09:40 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
31250
x-rq
nrt1 0 2 9980
last-modified
Sun, 04 Dec 2022 22:07:54 GMT
server
nginx
etag
W/"638d1a3a-79f6"
vary
User-Agent
content-type
image/png
cache-control
max-age=351699
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/ 		1 KB
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.247 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bbd29deca68f9639a9456faedcb3c18abc0af0b4bd8336b49a82b61c34296bfe
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:20:08 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Thu, 15 Dec 2022 03:09:40 GMT
last-modified
Fri, 25 Nov 2022 07:11:01 GMT
x-timer
S1670908410.580240,VS0,VE347
etag
"b1ca29a23e5260534bf5bac85850f27c26008d0db91e6f95dc58f6ba485b4e12"
x-i
true
vary
Accept-Encoding
x-served-by
cache-qpg1242-QPG
content-type
text/css; charset=utf-8
cache-control
max-age=628
accept-ranges
bytes
content-length
482
x-cache-hits
0
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/main.js
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.247 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e1f33bea29d3a3031701b094adb902ff0e8609f9629c6bee9d9ee45bdfe78bdc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:26:03 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Thu, 15 Dec 2022 03:09:40 GMT
last-modified
Fri, 25 Nov 2022 07:11:01 GMT
x-timer
S1670908409.392753,VS0,VE258
etag
"456051da5149d639dd12231e1f147753d0bd2cb193079988e6aac163b80e871c"
x-i
true
vary
Accept-Encoding
x-served-by
cache-qpg1278-QPG
content-type
text/javascript; charset=utf-8
cache-control
max-age=983
accept-ranges
bytes
content-length
7797
x-cache-hits
0
bulk
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=HK%3ASG%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
95
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:40 GMT
via
1.1 varnish
x-served-by
cache-syd10151-SYD
server
nginx
x-timer
S1671073781.741546,VS0,VE95
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
v2sejZ5-FGJqQs_FAwK5d-aUe376GIDbiAUfsmgWPqCZACU-OSHYF0gYDuLFJQuNzRuG6PC_E
bedsberry.com/ 		187 B
214 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2sejZ5-FGJqQs_FAwK5d-aUe376GIDbiAUfsmgWPqCZACU-OSHYF0gYDuLFJQuNzRuG6PC_E
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
5eea965bd4580f342affc5008864573b0946d5bd2dfa7e47f9d2536b28a843a9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 15 Dec 2022 03:09:41 GMT
via
1.1 google
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-spot-b5lx
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 15 Dec 2022 03:09:40 GMT
title-arrow-blue.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		168 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-blue.svg
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.247 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-247.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
462de0cf99e5a07877be62391df469f48b1fb508b31d01ceab53b0a7bf1a73ce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:40 GMT
last-modified
Wed, 14 Sep 2022 05:11:08 GMT
server
AmazonS3
x-amz-request-id
4S5JTGWCSWBHNB03
etag
"66be3d1dd6a8e48ce691f235e6119f50"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=439427
accept-ranges
bytes
content-length
168
x-amz-id-2
gUzQxo5Wray7qrMjMwq/E8acfAtIb4VU4TBORDtft/eIL3V+hPswuKg/TvVi+AQMB8zhK8aUyo4=
expires
Tue, 20 Dec 2022 05:13:27 GMT
query
www.heraldsun.com.au/sitesearch/1/indexes/prod_plnn_content_bylatest/ 		26 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/sitesearch/1/indexes/prod_plnn_content_bylatest/query?x-algolia-agent=Algolia%20for%20JavaScript%20(4.13.1)%3B%20Browser%20(lite)&x-algolia-api-key=&x-algolia-application-id=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ccd29fb2f25f0ca52df4dee355c1fe99d6c2e9f27949fe44e0c6df3e874b0fdb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

expires
Thu, 15 Dec 2022 03:09:41 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Thu, 15 Dec 2022 03:09:41 GMT
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
content-disposition
inline; filename=a.txt
x-opw
4
content-length
26442
pragma
no-cache
x-alg-pt
40
server
nginx
vary
User-Agent
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16710737808400.2279534390675566
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
content-encoding
gzip
date
Thu, 15 Dec 2022 03:09:40 GMT
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
833
expires
Thu, 15 Dec 2022 03:09:40 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
application/x-javascript
date
Thu, 15 Dec 2022 03:09:40 GMT
cache-control
max-age=65651
server
AkamaiNetStorage
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=956901863930.137
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=956901863930.137?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
cafe /
Resource Hash
e23cf54d0da26fb920ba7736991af32a2d83595dd8f4a08d94bf6087cf4bec4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12625
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.35.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-35-226.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 01:36:38 GMT
content-encoding
gzip
via
1.1 54d4d00f5a92073c1a23e29f92000462.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:02:37 GMT
server
nginx
x-amz-cf-pop
SIN2-P1
age
5582
etag
W/"639218ad-11856"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
G2nfWcX8ymqGwDYCMvcbgc4pHkoregUMwdeHnA4F5a34wgO55uxAOQ==
expires
Fri, 16 Dec 2022 01:36:38 GMT
metrics.js
tags.news.com.au/prod/metrics/ 		187 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
757066733cc5808a89fa43b99da0148bc8fad6820af900f0ab67d6109ee1af11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:40 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"789aa25e8122305509df6e8b6103f3c6:1666763008.613847"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=77828
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Dec 2022 03:09:40 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=60582
content-length
9840
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Dec 2022 03:09:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
pA4xLhB7xKxPSh26wmAJ4k0w8HSX8ru1gzNut9T12QlTFELmj+135ofsVOSMVheV9PWlUge8/Gk/wHe/x6WwSg==
x-fb-trip-id
548340344
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-27.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 02:38:13 GMT
Content-Encoding
gzip
Via
1.1 1b42f8a12f90ea0a7f04e17b988d6830.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Mar 2022 03:18:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN52-P1
Age
1889
ETag
W/"cd21e4d44772e851dcd7105fef09c01e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600
Connection
keep-alive
X-Amz-Cf-Id
AgUUi7AbmCUI-WGysw-88schqCzW0HTuS7w1HtX2RSweDrn4zUE_gA==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2022-12-15T03%3A09%3A40.858Z&country=au&newsconnectId=&fpid=aa91b0105669b333242cb2dd528166b0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.217.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-217-104.compute-1.amazonaws.com
Software
/
Resource Hash
f783a98f82eab75754ecaae44f592895ba33a7be2e3920c05f4143047347d4a4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:41 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2862
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5e1f5e47fcd4c4a4923cf617a5025ac465087f7c99384f3e45121c2b5d6c5e9
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
UMrEOOoRVoPiBBX.XHkgU0Lo2Jl9BQ7R
content-encoding
gzip
via
1.1 varnish
date
Thu, 15 Dec 2022 03:09:41 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
FXZ740X792WN4M9N
x-cache
HIT
content-length
520
x-amz-id-2
dyRXwCFfuyLEyiKBxhe0MP6ZJf1JgnDEyhFPm93wlxrhsLFMv2BuMtgZpBGNpvJD3g9O+wO/tuo=
x-served-by
cache-syd10145-SYD
last-modified
Mon, 07 Nov 2022 04:24:13 GMT
server
AmazonS3
x-timer
S1671073781.122241,VS0,VE0
etag
"1e637b4fd7dec49af4390ec7ed24432b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
2864188
id5-api.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
MPPZXSN02VSTMT9F
age
54
etag
W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
779bfb5c0ff2aae7-SYD
x-amz-id-2
kw27fDfYfh8B9hjsFBCGebIKTd/A1DchBNERGw9YsWdDGKf049qNucAfSbx3f2jKywcCawKMjBM=
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.44.233 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-233.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Dec 2022 03:09:41 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Fri, 18 Mar 2022 11:22:12 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
20617
expires
Thu, 15 Dec 2022 04:09:41 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
82abd351cc44ce888587e81355124ba7f09e06448c6218d0d37b028f85b5588b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:40 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"f1604ee8add5dbb6f8ce1e3a4b7711de:1669603221.223968"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=37517
content-length
2297
tad.js
tags.news.com.au/prod/tad/ 		109 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6f31e08174a2c5faf665d6cced153a270adb26d94cbf1812c5b4be5363e3f5ec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:40 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ada52adfc48f667e35362bd9e99165d1:1670478883.668009"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=72347
content-length
33851
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
bdda5fd122f247d9ac522edad66dad0f5874fd9cedd384cb8a974558b28d6837
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27541
x-xss-protection
0
server
sffe
etag
"1422 / 993 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Dec 2022 03:09:41 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.39.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-39-40.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c1e1c3ae7f9b71951f0539bbea7738054c26fee2e896ebb54f253db765d4c84

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:36:08 GMT
content-encoding
gzip
via
1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront), 1.1 688d077d459126044c73cddb0faa7b3c.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 21:39:34 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3, SIN2-P1
age
2013
etag
W/"909ff158818033daa43a2d271ecda3db"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
YhTg3mBg79iyAROJxv5NyUjwwVRMnJkXTmNOvOjmreBWNQA3CD_WZw==
prebid.js
tags.news.com.au/prod/prebid/ 		366 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:40 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a5e55cf5b1d1242200b67a7ae1da6953:1664416072.664196"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=54317
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-87.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1af93a79baedcd0b0141f5ea252e90b09939df173357ac3dbcba632498e5385d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
ClDIgD0zuwLI7F0xhBbpGkCt4wZOjpVN
content-encoding
gzip
via
1.1 02d36a84a910749e0e01cf16e7e1a02a.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 03:05:07 GMT
last-modified
Thu, 13 Oct 2022 05:35:01 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
274
x-amz-server-side-encryption
AES256
etag
W/"964c4cc68e0d531d901baf0d73f36918"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
hqScgLZH1PNzW8anSEjuTy7aGy92N99Bu0YGJ7TwYUE-bRAdEbJv-A==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1ad4794a2327551b3b4c89fc345ca763c117d50a001fc64f050dd4ce1ef7ddfc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:40 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"2b9045a036305d0268317898151e53de:1667439593.577923"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=79284
content-length
5801
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c77d9fedc0a692cdb6cfd3f9f2d9ad7e38f17d11d5d860c86bee2357b1f4bec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 15 Dec 2022 02:57:54 GMT
server
cloudflare
age
707
cf-polished
origSize=5866
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhAEasVmZ7lN9enLOSsyacGW7EM1u2kgWr%2BUyq33hw58LL2eOKjPQp6qMgibs%2BmEAcn1y3VTozZp6O9Zx8Lbl8dqG75ksGk7weDsuuJURgyZ%2BiRfJGPyzFhIKjSmJH%2FQC3ZZ66Uh"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
779bfb5e1bb3a979-SYD
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.178 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-178.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:40 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 02:18:16 GMT
server
AkamaiNetStorage
etag
"479ba55551c0a2369f399625b1c2c4ea:1632190696.475182"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
899
expires
Fri, 30 Dec 2022 03:09:40 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 15 Dec 2022 03:09:40 GMT
via
1.1 varnish
x-amz-request-id
R49A95MEAARZDWRY
age
13348
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
OwQO4r3NRn2mobB8qX5KI65TenVKTAqHjn3l8Eljsiqz/LERXHRjxQ8w1JWWw1vGRMYpafcYhZ8=
x-served-by
cache-syd10151-SYD
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1671073781.917716,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
39
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2792
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.193.153 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-193-153.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1e5b8e36471f58025ddc9e4d36d2f3239b28c019326638c5b207aed348b457c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:42 GMT
content-encoding
gzip
last-modified
Sun, 04 Dec 2022 12:49:58 GMT
server
AmazonS3
x-amz-request-id
VBSGRMDGRMTATJDJ
x-amz-cf-pop
ATL58-P1
etag
"35540205d0226005e7cee3000c54ae8f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
EUbtxkrcE1cKQzu7ZKs1tD2beamQSVDnt1xDcYZja63v86LbG_BGNw==
x-amz-id-2
l/gSRa5XquhGfXrcUKta7HP7iDuMtOTx8XKIN+IsOqP1UxdcsJYoJpFXlDIZt2GxhLkxqy5DkAo=
content-length
21840
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202212080601&cb=1671073781115
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.116.178 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-116-178.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:41 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Thu, 15 Dec 2022 03:19:41 GMT
csp-reports
login.newscorpaustralia.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/csp-reports
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.243.62 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-243-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/csp-report

Response headers
6e39d52e
login.newscorpaustralia.com/akam/13/ Frame 3133 		0
0
1-OwwC
login.newscorpaustralia.com/tUl-ebg4aorK3/xmiFn1M/SJEre60/maEbcLXN9S5D/YhJzb2w0Ag/aTxwew/ Frame 3133 		0
0
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24713e413b9683a29e14f18d8cfe3a6657f2d693c59aa833bc58706f490150c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
Fp2yHOl1Q6EBCrmf.6.R4BH9p6d4MB1Q
content-encoding
gzip
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 02:42:46 GMT
last-modified
Tue, 13 Dec 2022 07:19:14 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
1617
x-amz-server-side-encryption
AES256
etag
W/"c4a50f37b02f511ddc08ff3c6fe94ba2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
7UFDU4sIy9quIxomVjNbpk8kvgTC_ni1kjCWfQeXBeMPXA6RG5LFsA==
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		257 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.243.62 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-243-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:41 GMT
content-encoding
gzip
strict-transport-security
max-age=600
last-modified
Tue, 30 Aug 2022 05:33:14 GMT
x-amz-cf-pop
SIN5-C1
etag
"04df6ed36e659404b1589354c5fb8697"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1
accept-ranges
bytes
x-amz-cf-id
TucMuRo0wQet2z_7KQV_92pMFouMoYnE4Sn-asuPeO0oMgM17tPVEQ==
comments-count
mhr.talk.news.com.au/api/v1/ 		116 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=0e3d39e675c1c34bfe07dcb218774b8e,%20728b7a63bcc39b6f8aa80e671767ca6e,%20ba8ba24f0c7cb07b331e6121134825f0
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
cf8afe3a3b0417b7b55c00f55ff021f31ec8f1021d1462b21a806b73fb1c14cc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 03:09:41 GMT
server
nginx/1.20.1
etag
W/"74-p0zRBt0Q/dK66eRpwQEtB+UnBEQ"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
aca51400-7c24-11ed-9de1-c1202bb9c6a7
content-length
108
x-xss-protection
1; mode=block
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=956901863930.137?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 08:40:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
66577
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 08:40:05 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssljKYTgcMk3Pp8iMir_tnlQ6JOn1eZbTbsnf5ska7D2Z4XIoiUYHa8NFRjn2eG3ChKy0eW3-ivBUfU6Koi1ZOUK6oPqqTsnE9404V6uvqFyf8u4J38O-HR03U5eTH922K4uagR1VqIcVoQkeJK&sai=AMfl-YQX3SuD9nFeDKff-loKhjV0W3MpdbJlaQTDyNCTx4dE-iIylQH8wxF5iYXTq4XqTkyX5O34dKUjTqtiS-WsKA&sig=Cg0ArKJSzIVl_q_Mqlg1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20221207.97994&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=956901863930.137?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 03:09:42 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=CFEnyECoayWaDgOZWx&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11807&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2F&b=8679&t=B6Zl_6BmNVqZe9IWSRnKvnCakdYw&V=139&i=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=0&_acct=anon&sn=1&sv=C23EYR1hKa-DTU836BbYvyhBGNp33&sd=1&im=062b0732&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.50.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-50-245.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:42 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb805ed0f4abf2c0cd626b8cb5022191bce25dcae35c3dca265b174998600eac

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 15 Dec 2022 02:58:15 GMT
server
cloudflare
age
686
cf-polished
origSize=47101
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YsL7Pg4elILfn0vrZHuIynF%2BPibHVxjbaHxCQ56lCyX%2BxgwGjQnHCsq4keXH6gG%2B0Kk2Jd7xHXJzRBJHdPh%2F89Szdl4daqwe5n8mGlEDypONmb5pgm%2FFbg5X%2FCOVInqsEKcCaHDv"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
779bfb5eeca8a979-SYD
101956
jadserve.postrelease.com/suid/ Frame 1419 		43 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.56.245.55 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-245-55.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:42 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
rtb-h
match.taboola.com/sg/supershiprtb-display-network/1/ Frame 1419
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5qP9sCo8YQAAMHrAkMAAAAA
  • https://match.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5qP9sCo8YQAAMHrAkMAAAAA&tbid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&query=taboola_hm%3DY5qP9sCo8YQAAMHrAkMAAA...
0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5qP9sCo8YQAAMHrAkMAAAAA&tbid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&query=taboola_hm%3DY5qP9sCo8YQAAMHrAkMAAAAA&isDirect=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 15 Dec 2022 03:09:43 GMT
via
1.1 varnish
server
nginx
x-timer
S1671073783.070877,VS0,VE128
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10151-SYD

Redirect headers

location
https://match.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5qP9sCo8YQAAMHrAkMAAAAA&tbid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&query=taboola_hm%3DY5qP9sCo8YQAAMHrAkMAAAAA&isDirect=0
date
Thu, 15 Dec 2022 03:09:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
425665
/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame 1419
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=56147cb144d0422eb7...
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=56147cb144d0422eb716505b524d08b0
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=56147cb144d0422eb716505b524d08b0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
424902

Redirect headers

location
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=56147cb144d0422eb716505b524d08b0
date
Thu, 15 Dec 2022 03:09:43 GMT
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 1419 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 1419
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LBOI6N2I-28-JHA9
0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LBOI6N2I-28-JHA9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Thu, 15 Dec 2022 03:09:43 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1671073783.010598,VS0,VE94
x-cache
MISS
accept-ranges
bytes
x-served-by
cache-syd10151-SYD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LBOI6N2I-28-JHA9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 1419
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPLcLvTUdofqq1Gf97M-3Gg&google_cver=1
0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPLcLvTUdofqq1Gf97M-3Gg&google_cver=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
95
date
Thu, 15 Dec 2022 03:09:42 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1671073783.806066,VS0,VE95
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10151-SYD

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPLcLvTUdofqq1Gf97M-3Gg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1419 		42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573:$UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:09:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 1419
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573
date
Thu, 15 Dec 2022 03:09:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
425665
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 1419
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3407f6ba-8900-454e-8d7c-437e273b12f1
0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3407f6ba-8900-454e-8d7c-437e273b12f1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
104
date
Thu, 15 Dec 2022 03:09:43 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1671073783.030666,VS0,VE104
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10151-SYD

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3407f6ba-8900-454e-8d7c-437e273b12f1
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
merge
ce.lijit.com/ Frame 1419
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:43 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:43 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 1419 		49 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 1419 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:43 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 1419 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.34.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-34-118.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:43 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1419
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=e93b2600-ea01-4114-86cd-cdbc7b44aacd
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=e93b2600-ea01-4114-86cd-cdbc7b44aacd
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
424902

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:43 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=e93b2600-ea01-4114-86cd-cdbc7b44aacd
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
971675
content-length
0
expires
Thu, 15 Dec 2022 00:00:00 GMT
push
pixel.tapad.com/idsync/ex/ Frame 1419
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&gdpr=0&gdpr_consent=&us_privacy=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=3407f6ba-8900-454e-8d7c-437e273b12f1&ttl=%%TTL%%
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/5/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/5/3.gif?puid=2866451666043766535&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-bd5btv0MFwcbs7Fsc9Gjk37Wmf79PYLzEU4W70A60g&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F4%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/4/4.gif?puid=caa7639a-8ff9-4200-8b5b-209efb5c023f&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
  • https://id5-sync.com/c/464/108/3/5.gif?puid=e5e71fa7-c77c-4dfb-a1b1-e304fa5001d2&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F2%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F2%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/10/2/6.gif?puid=5719384269748548482&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/1/7.gif?puid=DFD6276B4AF23EFB&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F826%2F0%2F8.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=108&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F826%2F0%2F8.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=4b7087ce-36d8-4728-9219-3934a51d4acf-639a8fff-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4b7087ce-36d8-4728-9219-3934a51d4acf-639a8fff-5553&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F826%2F0%2F8.gif%3Fpuid...
0
0
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 1419
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dtaboola%26bsw_param%3Dd468709f-8e8f-4bd4-92eb-0459d8ceaa9...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=caa7639a-8ff9-4200-8b5b-209efb5c023f&expires=30&ssp=taboola&bsw_param=d468709f-8e8f-4bd4-92eb-0459d8ceaa95&gdpr=0&gdpr_consent=
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=d13c19b7-0716-405b-af08-35d2ae2f9b21
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=d13c19b7-0716-405b-af08-35d2ae2f9b21
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
426539

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=d13c19b7-0716-405b-af08-35d2ae2f9b21
Date
Thu, 15 Dec 2022 03:09:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 1419
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0d6d5ecc-7194-4e87-bb2e-fc3bbb730e38
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0d6d5ecc-7194-4e87-bb2e-fc3bbb730e38&tbid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&query=taboola_hm%3D0d6d5ecc-7194-...
0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0d6d5ecc-7194-4e87-bb2e-fc3bbb730e38&tbid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&query=taboola_hm%3D0d6d5ecc-7194-4e87-bb2e-fc3bbb730e38&isDirect=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 15 Dec 2022 03:09:45 GMT
via
1.1 varnish
server
nginx
x-timer
S1671073786.600980,VS0,VE129
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10151-SYD

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0d6d5ecc-7194-4e87-bb2e-fc3bbb730e38&tbid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&query=taboola_hm%3D0d6d5ecc-7194-4e87-bb2e-fc3bbb730e38&isDirect=0
date
Thu, 15 Dec 2022 03:09:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
427900
sd
u.openx.net/w/1.0/ Frame 1419
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:43 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&gdpr=0&gdpr_consent=
date
Thu, 15 Dec 2022 03:09:43 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
xuid
eb2.3lift.com/ Frame 1419
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 03:09:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Thu, 15 Dec 2022 03:09:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame 1419 		49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.252.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-252-46.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:44 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 1419
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=wlQuUioJQix7laNARw8VX6310UA
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=wlQuUioJQix7laNARw8VX6310UA
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
427900

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=wlQuUioJQix7laNARw8VX6310UA
Date
Thu, 15 Dec 2022 03:09:44 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 1419
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=453&user_id=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&gdpr=0&gdpr_consent=&us_privacy=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d13c19b7-0716-405b-af08-35d2ae2f9b21&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d13c19b7-0716-405b-af08-35d2ae2f9b21&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 03:09:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d13c19b7-0716-405b-af08-35d2ae2f9b21&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Thu, 15 Dec 2022 03:09:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
t.adx.opera.com/ Frame 1419 		35 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:44 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 1419
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ade8e82f-ffe7-4c80-b86b-88526e59ba92
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ade8e82f-ffe7-4c80-b86b-88526e59ba92
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
428705

Redirect headers

date
Thu, 15 Dec 2022 03:09:44 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ade8e82f-ffe7-4c80-b86b-88526e59ba92
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Thu, 15 Dec 2022 03:09:41 GMT
x-amz-request-id
X0ZYP01DBVFV8BGR
age
2548
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
4Kz0IYrYemcpVmkh7tqXAdNXHjnvoIBG0gj4fKylvZEutp7Kxoecb4kvf6bm3AoltdeGYgepo18=
x-served-by
cache-syd10151-SYD
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1671073782.717206,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
39
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
5988
eid-encv2.es5.js
cdn.taboola.com/scripts/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid-encv2.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb2ab5b5cdfb45aad4d8911147a322e9546a12881682d80eaaa9040e77d63288

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
5Ow5rm4wA7Q0UhOZ9VP078H429HAqiL6
content-encoding
gzip
via
1.1 varnish
date
Thu, 15 Dec 2022 03:09:41 GMT
x-amz-request-id
T8QXA0JT6CXJY0E8
age
1671
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5616
x-amz-id-2
Un+NQSXDhhNGyoubzoFfJbinyaWiJlzEKkhl7dXGJtWRKGVBY+xmevYD7lwz4BclbMQg1Hg2xGg=
x-served-by
cache-syd10151-SYD
last-modified
Wed, 14 Dec 2022 10:39:25 GMT
server
AmazonS3
x-timer
S1671073782.717309,VS0,VE0
etag
"ff9bbfda54628457069031e22f7300f5"
vary
Accept-Encoding
content-type
application/javascript
abp
39
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
3918
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 08:29:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239986
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Dec 2023 08:29:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		144 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
x-xss-protection
0
expires
Thu, 15 Dec 2022 03:09:42 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671073781698
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671073781698
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671073781698
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.214.51.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-51-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
af443a5abe2eb9d462641c0b26b3795a40fd055df03b9b46b41b8ac868915f6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-05932ed3d.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
vx7oZZQVRME=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1563
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v041-0ebb8c108.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
lU7FIbRLQHI=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671073781698
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
384959879014125
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/384959879014125?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
00963888aa539b10793484d1b020aac609a909c06f08441b3cb0b3cc37e9635f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Dec 2022 03:09:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
85936
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Bm5DGJCZR0x7NGDqbIdMB1BECS0HXkTKQoL/m3dpit6S0+VzY6MHbzQlpf0Ae5qN5yzlzM2I0AZy/YlVBNSNlg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:42 GMT
server
AkamaiNetStorage
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=1516
content-length
65
/
pips.taboola.com/ 		4 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
cache-syd10155-SYD
date
Thu, 15 Dec 2022 03:09:42 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.39.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-39-40.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding
gzip
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
date
Wed, 14 Dec 2022 05:16:28 GMT
x-amz-cf-pop
SIN2-P1
age
78794
x-cache
Hit from cloudfront
last-modified
Wed, 07 Dec 2022 02:43:04 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
oq1WuBa8e-kTmIQ1wMTLiKRz2z1UrSoPnPHOt2XkKhwKCQqKmtOQSw==
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-23.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 10:28:21 GMT
Content-Encoding
gzip
Via
1.1 7d8cd6b1cab0712d291c381dc839b042.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
405683
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
auxgJ1UZcoci7ffpfub2zCfPnTMPhNZNgJV4OJbJ44djr92xLs0Q3g==
config
c.amazon-adsystem.com/cdn/prod/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.39.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-39-40.sin2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:35:57 GMT
via
1.1 688d077d459126044c73cddb0faa7b3c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P1
age
2024
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
bZNL7ZDpBgCO4E9gyTCjSWqZryPfu9FrGpaf9gEKyKJPutytaVWUvw==
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=8bf258c793dbc6bdc72e781dd1a5d791&timewithTz=2022-12-15T03:09:40.858Z&country=au&newsconnectId=&fpid=aa91b0105669b333242cb2dd528166b0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.217.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-217-104.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:41 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221215
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e993b065ce2b946688eef1341f0b28db3b9b93d6f1bd609a37166abb077ade30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 03:09:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
40090
x-jsd-version
1.0.1556
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4577-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66e-7f8qDY2VEq3Tg9Q/RU9Vxgw1xIU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0X%2BsYzX7Uos20fDyZzCUD%2Bipu%2FZ%2Fb4j2q8Se1VuuyLkQSHLx1wjnm%2B%2FRKz5ideI4aBN7iuL2SnVJ3tFRGABTnlUQP8K%2BlnCsoJUvP%2BtcWnByrACPXcH6zycz43H77YRHzw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
779bfb63b93f550f-SYD
door.js
au-script.dotmetrics.net/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13062
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-7.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
232c948603c17dc66940eb62927c550570b7859a8044c8e9d3f92943a9159124

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:44 GMT
content-encoding
br
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
etag
"13062...218.2022121503"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
xiWydY1Tn-Zv4qnICtViuxszdnHPS0SY_7vl4gXYkgg-owW85d555g==
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 15 Dec 2022 03:09:42 GMT
cache-control
no-store
server
nginx
swg.js
news.google.com/swg/js/v1/ 		149 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
sffe /
Resource Hash
c18e2c0430dae4a90ea1281694f07d8ec9c8865d526ff1f948cfd605f344d140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:08:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46777
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 18:33:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:58:08 GMT
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
Tw1ZrV6S6M8HrQmSnEoR4BpykB7j_69v
content-encoding
gzip
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 02:42:06 GMT
x-amz-cf-pop
SIN2-P2
age
1657
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 28 Sep 2022 14:09:01 GMT
server
AmazonS3
etag
W/"81a9e2a298d0019660cb2966f0c24748"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
6gw1LSK2yI5l7LjsUJ0NLogNezEFL1lXEzguYrkE_VQUzpwZfE3OWw==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1671073782434&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.2.1671073782432.1005616423&it=1671073781721&coo=false&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 15 Dec 2022 03:09:44 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
validate
assets.vidora.com/v1/ 		0
299 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-76.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 03:09:42 GMT
via
1.1 ac187c6f8a07d8e2befb08fa6809bc08.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
7lyLgl-NlPU01Ijl-sugIGSRpFrspI37KKWLblNS3UpeitXWAx6gpQ==
expires
Thu, 15 Dec 2022 03:09:41 GMT
701.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
6ea04aa12c5127809e1127bdf7f814a7296cd02c8589aeda6f9a16398506ad99
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 03:09:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		113 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&pid=6LH9tSJUkrDDm&cb=0&ws=1600x1200&v=22.1201.834&t=2000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%2C%221000x150%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-2%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-2%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.30.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-30-231.sin2.r.cloudfront.net
Software
Server /
Resource Hash
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:42 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
113
x-amz-cf-id
9WektAiibhdeYiaMwfYcZ7qZ22CjbTND4EUIpmR1sCxpSYJjqMYfOA==
envelope
api.rlcdn.com/api/identity/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 03:09:42 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 626D 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
290
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Thu, 15 Dec 2022 03:04:52 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 28 Sep 2022 14:09:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
x-amz-cf-id
lazwhF3Y8OfIIDd_8I0zD9M9pkWnx9VFn6LcZyX-R8E8ofH5Js6VRA==
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
kefD87rpNa3sUBHNjAEOkjjRzic54A4V
x-cache
Hit from cloudfront
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 15 Dec 2022 03:09:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v2
mfad.inskinad.com/api/ 		158 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mfad.inskinad.com/api/v2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.166.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-166-22.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
fa157089af4b90cd83ebad0e30ba1da678e690b0705183636b22592107d50f51

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

expires
0
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:43 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"9e-EYz48P7JMnjRza+mvTGy5VSOgUI"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
158
x-served-by
bifrost-production-shard001-us-east-1b-i-00714f3e0194e5f2d
trinity.json
syd-1-apex.go.sonobi.com/ 		0
0
prebid
ads.playground.xyz/host-config/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/host-config/prebid?v=2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 03:09:43 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
bc2bd837-a07d-43a4-b54e-081602497a59
prebid
ib.adnxs.com/ut/v3/ 		19 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:43 GMT
AN-X-Request-Uuid
9b5eb90e-3148-4cc7-a9de-3780e604c8ce
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		407 B
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=2&alt_size_ids=57%2C68&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=86b0fb5f-f0d7-4acd-be2f-36dbd673bff5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&slots=1&rand=0.6714178220564737
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
803cf9015548ef7142b604cd241fb74444ba503821f9eeb53fa7c739795fb24f

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
407
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		406 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=b99bf0f2-ef88-4921-b65e-e3f5f57c3f73&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&slots=1&rand=0.3294136962143841
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
60b5a92e9329d7033d4e7ba617b174e19d8527a99194cc18d63487353127a896

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
406
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		384 B
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=1df2b376-0fb7-4fe8-9222-2d4225c714df&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&slots=1&rand=0.23944124718041682
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d68581261ad3a07db6603185fd5aee983bf76b5fa710d49ba6e562935eaf65b7

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
384
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		386 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=01157cab-bc74-41b6-9ad1-e4d9ee23edb5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&slots=1&rand=0.5781534896697753
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
52afdd0537a16b3f5706ead2732920a5839854c1f2a1a9f31cfb196fbe4d43da

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
386
expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		37 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=277566&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2225e078b13059b15%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%3Fpagetype%3Dhomepage%26sec1%3Dhome%26sec2%3D%26sec3%3D%26env%3D%26adl%3Dfalse%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.13.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22265ad886e8d0372%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A1800%2C%22h%22%3A1000%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%221800x1000%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%7D%7D%2C%7B%22id%22%3A%2229bd5feab331f6b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%7D%7D%2C%7B%22id%22%3A%22319d9bdb52fbe33%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22320697%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%7D%7D%2C%7B%22id%22%3A%2232d355918eef358%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22320695%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
268ac228a84f1ccb4f3b8087ab40a9f70a68478219b9371ef609e5f524d23d7d

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2Bn8RULEMfUohLISUYXgPhbreW5DCbOJy4cGQlKnLbeRYe4gBn7S8CYZRUZSHrJFLCwp%2FGsGOhmUjSIaDG79iQb9rwwYQ62VThU6P593VHCH4gGKIPkZm1BtJV6v4SDUI%2BTsW%2BdI"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
779bfb676f7ca961-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=22931046223
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 03:09:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.211.97 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-211-97.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 03:09:43 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.211.97 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-211-97.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Thu, 15 Dec 2022 03:09:43 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame 8F3D 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-80.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
2251
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 15 Dec 2022 02:32:13 GMT
ETag
W/"748ca6666533691c2a9fad2f102bc379"
Last-Modified
Mon, 21 Mar 2022 03:18:39 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 76976a7cabf47f716d4b531bdb04c906.cloudfront.net (CloudFront)
X-Amz-Cf-Id
TEHmAlwfzrXwidOBQZ5Su15zEjkoVmGJaLb-v-BERlg0LpvhQ1k4gw==
X-Amz-Cf-Pop
SIN52-P1
X-Cache
Hit from cloudfront
lookuplist
au.audience.newscgp.com/ 		108 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=aa91b0105669b333242cb2dd528166b0&&bust=16710737827640.9855544749676173&errors-in-body=1
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
31a2d92184892d9c1792d9c45df7c5a9b082f065072ebd08b22db8110e8e241f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:43 GMT
via
1.1 446026fb3dafe55d3602866eda0c744a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
108
x-amz-cf-id
XWyc7KQtCabOjFCRgeB6WFDY_u16UQ2UjSwyzxqmGXlUVFDUvWtQjw==
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.193.153 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-193-153.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
64bef2d8024ff0095b597adc6b85c3ea22a68bc266e7bd22d49d90e7abdefa82

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
o4WHKo6MX2y.6aPGAnmLcU3LE.8_U3Hj
date
Thu, 15 Dec 2022 03:09:43 GMT
last-modified
Wed, 07 Dec 2022 22:44:24 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
"4a5e4a11bf4a74aeb574379e169fa679"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=365
accept-ranges
bytes
content-length
18049
x-amz-cf-id
_fRpZ6SHxLfhjoYE1VaiYtt_rCfphK9oFWIW70n8U3x_zG6uwl9OUQ==
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 626D 		44 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=2v1nmaazabtftnwqbg0lhaxze3ugv1671073782&c16=sdkv,bj.6.0.0&uoo=&fp_id=a2ilr0fdrf5ww5ng9i7mnnnaogkvh1671073782&fp_cr_tm=1671073782639&fp_acc_tm=1671073782639&fp_emm_tm=1671073782639&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.175.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-175-196.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:43 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
2v1nmaazabtftnwqbg0lhaxze3ugv1671073782.nuid.imrworldwide.com/ Frame 626D 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2v1nmaazabtftnwqbg0lhaxze3ugv1671073782.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-93.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 05:09:29 GMT
via
1.1 b854b2dbed0b7eb7e4e055e04c5ae48a.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
79214
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
bU65II7SA_a9v1PvqZRXcmFhVpabTsvxiv98-TdCBtet9pO4lXkj7w==
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=Microdata&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1671073782938&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22meta%3Adescription%22%3A%22News%20and%20Breaking%20News%20-%20Headlines%20Online%20including%20Latest%20News%20from%20Australia%20and%20the%20World.%20Read%20more%20News%20Headlines%20and%20Breaking%20News%20Stories%20at%20Herald%20Sun%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Herald%20Sun%22%2C%22%40id%22%3A%22heraldsun.com.au%22%7D%2C%22isAccessibleForFree%22%3A%22True%22%2C%22isPartOf%22%3A%7B%22%40type%22%3A%5B%22CreativeWork%22%2C%22Product%22%5D%2C%22name%22%3A%22Herald%20Sun%22%2C%22productID%22%3A%22heraldsun.com.au%3Adigital%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.2.1671073782432.1005616423&it=1671073781721&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 15 Dec 2022 03:09:44 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
dest5.html
newscorpau.demdex.net/ Frame ACB6 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.229.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-229-14.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-2-v041-0c345fe98.edge-usw2.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
PonxGe41TgU=
content-encoding
gzip
date
Thu, 15 Dec 2022 03:09:43 GMT
last-modified
Fri, 28 Oct 2022 11:23:00 GMT
vary
accept-encoding
id
metrics.heraldsun.com.au/ 		48 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=12337878221359103911713469521552611165&ts=1671073783068
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-179.data.adobedc.net
Software
jag /
Resource Hash
5313f527622c6c4dbd291030c8cb593f6f192dec11c37abc9554176661431bd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 15 Dec 2022 03:09:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y5qP_QAAAFzkuQNW
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=12316709697606325571715865101471925831
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5qP_QAAAFzkuQNW
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5qP_QAAAFzkuQNW
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.214.51.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-51-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-069fbb7ed.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
szE5u74ESk0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5qP_QAAAFzkuQNW
Date
Thu, 15 Dec 2022 03:09:45 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
b1a0eaade87e6b0fdba8439d8c708e324b8930b83d2c3a14245945c5e2dcfbde
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 15 Dec 2022 03:09:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		34 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
5c7b80c0d2eac000558cbcaa19ed5f73abbd45709890b5799a3bda8e21ec47a4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 15 Dec 2022 03:09:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
34
vary
Origin
content-type
application/json
iu3
s.amazon-adsystem.com/ Frame 511C
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
283
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 15 Dec 2022 03:09:44 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
FXERPTHPK25SDPX8SG9D

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 03:09:44 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
WKJ87B90QNWFGNX1EJYZ
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.211.97 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-211-97.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Thu, 15 Dec 2022 03:09:43 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.211.97 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-211-97.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 03:09:43 GMT
Server
nginx
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=12337878221359103911713469521552611165&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%01aa91b0105669b333242cb2dd528166b0%011&ts=1671073783893
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.51.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-51-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
8d7aba7173352460004be923ca4d8f2d723b439fa44049a519c09921063f4f4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-2-v041-0849bb3c3.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
Xw5wofd4TiU=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1561
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Serving
bs.serving-sys.com/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=4431533233176479622&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D5192899899023794361$$&ns=0&rnd=8243069222018387&uinadv=%7B%7D
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.213.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-213-242.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
44e579007c6bbfe5eab935a6e4faf2ef0fb58ffe28e8fad827627b9bea4454e7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:45 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
2308
expires
Sun, 05-Jun-2005 22:00:00 GMT
ibs:dpid=358&dpuuid=2866451666043766535
dpm.demdex.net/ Frame ACB6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=2866451666043766535
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=2866451666043766535
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.214.51.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-51-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0a800209a.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
jjnH0FNdSMI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:44 GMT
AN-X-Request-Uuid
76fd8099-39da-475e-a0f1-bb407b673d28
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=2866451666043766535
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
s99572262091438
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/s99572262091438?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=15%2F11%2F2022%203%3A9%3A44%204%200&cid.&newsnkidcookie.&id=aa91b0105669b333242cb2dd528166b0&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=aa91b0105669b333242cb2dd528166b0&mid=12337878221359103911713469521552611165&aamlh=9&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPreviousValue=3.0&getPercentPageViewed=5.0.1&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D89&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=2%3A09%20PM%7CThursday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=89&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cnsw%7Csydney%7C-33.88%7C151.22%7Cgmt%2B10%7Cunknown&v79=au&v80=aa91b0105669b333242cb2dd528166b0-00000000000000000000000000000000-1671073781119-101974&v110=2022-12-15%2003%3A09%3A35&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-179.data.adobedc.net
Software
jag /
Resource Hash
d37c6844355db530b6cf47460ee5fdf20b2e0ba5ee299dea5a19a1783ad2987b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-aam-tid
JvJ0Z+ycR6g=
date
Thu, 15 Dec 2022 03:09:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
4969
x-xss-protection
1; mode=block
dcs
dcs-prod-usw2-1-v041-058193107.edge-usw2.demdex.com 4 ms
pragma
no-cache
last-modified
Fri, 16 Dec 2022 03:09:44 GMT
server
jag
etag
3588603626468933632-4619873580468835761
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 14 Dec 2022 03:09:44 GMT
ibs:dpid=470&dpuuid=7596305536165464863
dpm.demdex.net/ Frame ACB6
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=7596305536165464863
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7596305536165464863
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.214.51.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-51-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0f8c8c501.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ztKvTWaZQZ4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7596305536165464863
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ibs:dpid=481&dpuuid=LBOI6NG8-I-M375
dpm.demdex.net/ Frame ACB6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=6404&puid=12316709697606325571715865101471925831&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LBOI6NG8-I-M375?gdpr=0
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=481&dpuuid=LBOI6NG8-I-M375?gdpr=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.214.51.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-51-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0313e8da9.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
01Zy+9xqTIg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=481&dpuuid=LBOI6NG8-I-M375?gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
701.json
id5-sync.com/g/v2/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
95bef38a9994b4f393a39601168b36cf4a64a430c67192ab80d295c016254a30
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 03:09:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
ibs:dpid=771&dpuuid=CAESEDl2SJoIy_TI3kBp0MPYlKw&google_cver=1
dpm.demdex.net/ Frame ACB6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTIzMTY3MDk2OTc2MDYzMjU1NzE3MTU4NjUxMDE0NzE5MjU4MzE=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDl2SJoIy_TI3kBp0MPYlKw&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDl2SJoIy_TI3kBp0MPYlKw&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.214.51.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-51-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0dbc6c16a.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
KH7jPaFkQfo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDl2SJoIy_TI3kBp0MPYlKw&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=903&dpuuid=3407f6ba-8900-454e-8d7c-437e273b12f1
dpm.demdex.net/ Frame ACB6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=3407f6ba-8900-454e-8d7c-437e273b12f1
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=3407f6ba-8900-454e-8d7c-437e273b12f1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.214.51.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-51-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-007d5d85f.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
IFlbFgjARsI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=3407f6ba-8900-454e-8d7c-437e273b12f1
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
189
pub
pixel.adsafeprotected.com/services/ 		775 B
1013 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.90%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600,160.600,120.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=1634c0f9-e665-62ee-1757-2a24fdb00a29&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ad3e1f23fedcd23186a2c8856ab6989f833cdbf4da13b45c5602f77922c156dd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:45 GMT
server
nginx
x-server-name
app03.sg.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=a2ilr0fdrf5ww5ng9i7mnnnaogkvh1671073782&fp_cr_tm=1671073782639&fp_acc_tm=1671073782639&fp_emm_tm=1671073782639&ve_id=&sessionId=2v1nmaazabtftnwqbg0lhaxze3ugv1671073782&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,4styao8n53qx40dubjjzipddlxx3n1671073782&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16710737826355300&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1671073781162&c3=st,c&c64=starttm,1671073784&adid=1671073781162&c58=isLive,false&c59=sesid,&c61=createtm,1671073783&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&sdd=&c62=sendTime,1671073783&rnd=88167
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.175.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-175-196.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:44 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame ACB6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 16 Dec 2022 03:09:45 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		180 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3292788586016607&correlator=575980031347907&hxva=1&scor=592481645117301&eid=31071094%2C31071150%2C31068366&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C300x600%7C160x600%7C120x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ifi=1&adks=1798527053%2C1263259910%2C1415436295%2C1982096792%2C3785065344%2C3544675803&sfv=1-0-40&ists=1&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refreshed%3Dfalse%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D1&eri=1&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3Daa91b0105669b333242cb2dd528166b0%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26pid%3Dnone%26adl%3Dfalse%26snol%3Dd%26abtest%3Da%26pvid%3Daa91b0105669b333242cb2dd528166b0-00000000000000000000000000000000-1671073781119-101974&sc=1&cookie_enabled=1&abxe=1&dt=1671073784694&lmt=1671073784&dlt=1671073778220&idt=4336&adxs=436%2C1123%2C1124%2C0%2C176%2C0&adys=28%2C462%2C10218%2C11086%2C4028%2C11807&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=20&vis=1&psz=1600x134%7C300x276%7C300x250%7C1600x720%7C1248x0%7C1600x11825&msz=728x133%7C300x276%7C300x250%7C1600x0%7C1248x0%7C1600x0&fws=512%2C512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1079201468.1671073785&ga_sid=1671073785&ga_hid=587735811&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
02937b2f5649841ee04fba91787b51d6170fe88a206652c84aceba8fa8dea70e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32409
x-xss-protection
0
google-lineitem-id
6111071016,-1,5275743052,-2,5275743052,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138405557671,-1,138347631278,-2,138347631275,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3149 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:09:45 GMT
expires
Fri, 15 Dec 2023 03:09:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ibs:dpid=23728&dpuuid=Y5qP.Y9gwtF.MOeIsu.A9QAA%265314
dpm.demdex.net/ Frame ACB6
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5qP.Y9gwtF.MOeIsu.A9QAA%265314
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5qP.Y9gwtF.MOeIsu.A9QAA%265314
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.214.51.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-51-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0884cae41.edge-usw2.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ReDVuGbESbc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZwNMD4cEQo46dsBkw8vHtCi4o4X33MQWua5OmAv39ex30iXKI3FFveNgRke1IPd4CRj2otzvv5yfNbr624vZ8TVshNw6ySHNfxHSrX4FZ63POzFbR4LwaDvXvAgaPXPutHWwQt3"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5qP.Y9gwtF.MOeIsu.A9QAA%265314
cache-control
no-cache
cf-ray
779bfb7698c45509-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
hit.gif
au-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1671073784760&pvs=1&pvid=243f6a58-9f1e-41ec-aa7c-d940f2d3461a&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-7.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:44 GMT
dotmetrics-hit-status
01 OK
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
wHg_lDILnicJ4JzbqYo9-DWN1t8tVRI8kW5x1hpbGlvYu8WBJuaE1Q==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1671073784760&pvs=1&pvid=243f6a58-9f1e-41ec-aa7c-d940f2d3461a&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-116.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 00:42:07 GMT
via
1.1 574ab88ff85f4ad30dd2d3a36c2bab20.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 10:59:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
8859
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
Vmn9RHahwwH7FXC5c9bKUzYb4mi7SrkUtAnh1-OrxcC8_tAnxKCp8A==
interact
edge.adobedc.net/ee/v1/ 		725 B
830 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=c1c9df6d-935d-4966-b905-42233bef1ec5
Requested by
Host: cdn1.adoberesources.net
URL: https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-117.data.adobedc.net
Software
jag /
Resource Hash
bc200d6bd022a9edfff201827101285a92b8188ae2af8b8fdf368cda42f30d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 03:09:45 GMT
content-encoding
deflate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-rate-limit-remaining
599
x-adobe-edge
OR2;9
x-xss-protection
1; mode=block
x-request-id
c1c9df6d-935d-4966-b905-42233bef1ec5
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-konductor
22.11.2:836cd9b5
ibs:dpid=30432&dpuuid=CI-f59c0b20a6cf374159db6c82588493ca
dpm.demdex.net/ Frame ACB6
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=12316709697606325571715865101471925831&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-f59c0b20a6cf374159db6c82588493ca
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-f59c0b20a6cf374159db6c82588493ca
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.214.51.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-51-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-023624cbc.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
d8Mmic1SQkE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-f59c0b20a6cf374159db6c82588493ca
Date
Thu, 15 Dec 2022 03:09:45 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
script.js
au-script.dotmetrics.net/Scripts/ 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=218
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13062
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-7.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
9f20d92c37155a1281d057f626e58292ab336661e3586ddafeb6da1bb8f85e42

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:45 GMT
content-encoding
br
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
last-modified
Tue, 29 Nov 2022 15:20:21 GMT
server
Kestrel
x-amz-cf-pop
SIN2-C1
etag
"1d90406186815f7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
Hbn6S6lMxgdqTM-790RNGMI-_MuR9Tdkxr7QWxi-OU_6_fZRdP57iw==
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame ACB6
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=12316709697606325571715865101471925831&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=12316709697606325571715865101471925831&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.214.51.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-51-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-058193107.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Q/Iy0gGYSKs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Thu, 15 Dec 2022 03:09:45 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
pr
s.amazon-adsystem.com/v3/ Frame 3109 		951 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a36f079973122f757fec90fc321d48ca19234434ce6ff5e5444cdb035f71f360
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
951
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 15 Dec 2022 03:09:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
WMK8NVSE9JDM28VEWB4Q
usermatch.gif
beacon.krxd.net/ Frame ACB6
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=12316709697606325571715865101471925831
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=12316709697606325571715865101471925831
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=12316709697606325571715865101471925831
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
54.68.250.34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-250-34.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
beacon-n011-pdx-prod.krxd.net
date
Thu, 15 Dec 2022 03:09:46 GMT
cache-control
private, no-cache, no-store
x-request-time
D=123 t=1671073786
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=12316709697606325571715865101471925831
date
Thu, 15 Dec 2022 03:09:45 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a020-ash-prod.krxd.net
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
sffe /
Resource Hash
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6458
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 19:15:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:26:59 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:18:06 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame C5FD
Redirect Chain
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
  • https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
25 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
ESF /
Resource Hash
75894af688d6666620c532c1658557e02cbb99a73482a625d60b501b5a62a672
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-hYqfFaXBs_bE8q2jCEgLGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-hYqfFaXBs_bE8q2jCEgLGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy
same-site
date
Thu, 15 Dec 2022 03:09:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
script-src 'report-sample' 'nonce-pNzvMmqh8n_Vaep4jGYcVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
application/binary
cross-origin-opener-policy-report-only
unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy
same-site
date
Thu, 15 Dec 2022 03:09:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
entitlements
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/ 		2 B
927 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="SubscribewithgoogleClientHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
report-to
{"group":"SubscribewithgoogleClientHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientHttp/external"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame ACB6
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=12316709697606325571715865101471925831&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.214.51.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-51-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-039afd681.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
pniPv3JLSgY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Thu, 15 Dec 2022 03:09:46 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pixel
cm.g.doubleclick.net/ Frame ACB6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVxUF9RQUVGWkh0dGdBRg==&_test=Y5qP_QAEFZHttgAF
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVxUF9RQUVGWkh0dGdBRg==&_test=Y5qP_QAEFZHttgAF
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-syd10172-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671073786.873537,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVxUF9RQUVGWkh0dGdBRg==&_test=Y5qP_QAEFZHttgAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usermatch
ssum-sec.casalemedia.com/ Frame 8AE3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce5c312cf2f5fa1388339aefb0d24c851ff95e811f32828965f2ef8d917f92d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
779bfb77d8b3aacb-SYD
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 03:09:45 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jepE9ckIqwBg2bG48sF9P8ly924c1vGTuwrqrmQ%2BB5MRDEPZxeT%2FtL5oMamEkvB%2Fej1qIjJSoUvNYGXJK61L7TFtjvm5gOvl4lhqc8Kxms%2FCgkdhLqVRsfzEGt7SIoR7dQu6DXnP2Xojtg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 659E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.13.140.73 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-13-140-73.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 03:09:46 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5DCE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=72513
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 03:09:45 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 23:18:18 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tap.php
pixel.rubiconproject.com/ Frame ACB6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y5qP_QAADtHGEAAe
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5qP_QAADtHGEAAe&expires=90&_test=Y5qP_QAADtHGEAAe
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5qP_QAADtHGEAAe&expires=90&_test=Y5qP_QAADtHGEAAe
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-syd10172-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671073786.850446,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5qP_QAADtHGEAAe&expires=90&_test=Y5qP_QAADtHGEAAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMwNjIsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS8iLCJydXJsIjoiIiwicHZpZCI6IjI0M2Y2YTU4LTlmMWUtNDFlYy1hYTdjLWQ5NDBmMmQzNDYxYSIsInR6T2Zmc2V0IjowLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1671073785372
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-7.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
1c6591c006824f39e3010d230b56c939b12c0e95623e34e8ba07824529badad5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:45 GMT
content-encoding
br
via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
ChjuXkQAMFxru3L99jXyLE1P74VsURup44KJ8rYWaiD4R5iJOqcCTg==
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
260J6AZZMYN6X6SK
age
3075
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
779bfb777f8aaae7-SYD
x-amz-id-2
jmUcuILeGI5dQvotmAsa0jf959OngVE/RZvrt9LVnFZZ8L6EbGR5cBLNJFax6kxqodiicImlkDCBq/J3K8FkzQ==
view
securepubads.g.doubleclick.net/pcs/ Frame BA84 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNp25iq3ELzzBfJEZ4TfME0Ek8nLVBj3B0kAqfWcRWfYJLozMrvQ9Eu8dtEpRDWJrJASpkyFAcZjA2KMG71a_ysG-CgzBv_sfZ1ayCh2NGXRoGHTwsU3QJtg2sIHVtf32AChupiCPa7qsGwk6VXeWCuNpFhJd-WuAkOaBIAR25_3XS6HC5YoPwGzez-Vh8UHUQ1lhGyeqB50FroDQGacRd0CuX9q5NddzymoxI1IB6lFSNvbEho_9NW5Vkg0VRlp3Hxfp-SyGjI8XgVPtLMaMZmOooOeAP8RYSzYUAuIAsMAkjXFRT7If-H0PQjgNG6A&sai=AMfl-YSq-Xa2vrTZ77bdk0YR7NdzpRaGmEqaywEkMDI4yFGQM0Pt69Cz93AZQX__x76vpja4LMdgrjdjgAB8njDfdZ4ZkRnJ8q3FOtBBTvP4jo5S3e7FUOjWZBgkbVtg1myh&sig=Cg0ArKJSzMnRe1jawrRgEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame BA84 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 23:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
12227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 23:45:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame BA84 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 03:02:03 GMT
l
www.google.com/ads/measurement/ Frame BA84 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSX8g6UN0Rc7_egZY_l5iivD-AjFiPo5-qfdfI-yJscg7IiCQE0Y-JV2xjOr5fnn6DgMSh8HvqCkr09JVV39LSUYsmK0Q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BA84 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:09:46 GMT
7979997958664949003
tpc.googlesyndication.com/simgad/ Frame BA84 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7979997958664949003
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
2aadece8a877cb80d5b846f5f165f2e4c97cb56e01babff8d55aac659c62c57e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:51 GMT
x-content-type-options
nosniff
age
534
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17013
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 00:20:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Dec 2023 03:00:51 GMT
container.html
eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F7C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:09:45 GMT
expires
Fri, 15 Dec 2023 03:09:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 73FB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2SzEhisMrC0KeFtImOCExorekHzdixq4288fXzVkx4BwrqSHd1Cq0kmIFu8KgusT_3WaQISGRbE5gX68sW3ic_N37wGZ3HqJ060ZJ0icvdSFMx2WwW8T_8gGC5JXc1T3o6nq58KD60LxjaOr2MTEHICBmnai3T0cyyOxkdPJJ23SKSSUk5PsWyIaRthAQWXe-bxV0DgvmMJwzyNOdIWTPhHsvGPN1G1Vz12cqY4K2MUNCRR4HB8ToNQ1m__oJI29fUQm9UkDUM04O3hIgItdE1y4vwn32WAATbb-r-FRAu4jymMVFoeIJMk4MWzSs3Q&sai=AMfl-YRSzMglZ4tTzxJ519kV4tG_gBCEAjxoJhWBxwi9wy8-UQ0rpQ9257k9ZcLku5XlkOHbeUt5Cqc3kTgGd-lAbsJIgYmJVmyTvl61ANzULN7mJa_vQMy8p4fet-h1-7do&sig=Cg0ArKJSzJ1Z7yLlkh1TEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 73FB 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 23:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
12227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 23:45:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 73FB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 03:02:03 GMT
l
www.google.com/ads/measurement/ Frame 73FB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTj71h1wDyT16U7PzsB3iIdENb75CqrSVBqSWmfbnHEupnGcfktUjOdqZgEx4ALnBjov5JnhUyIm-1__e6Suqjl4Lb0sw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 73FB 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:09:46 GMT
7558156507438909762
tpc.googlesyndication.com/simgad/ Frame 73FB 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7558156507438909762
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
d055023e6f324f857331e15baf7f3bf35bf6323ce6edde2501d873f1031bba6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 20:51:26 GMT
x-content-type-options
nosniff
age
22699
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17278
x-xss-protection
0
last-modified
Tue, 27 Apr 2021 10:18:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Dec 2023 20:51:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A369 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxJVZdh541lkJDNwY-6T1m0lAn66K2wc2fGDhTYYu4IpqQEnQE4QJAKfPXmWGraVynVmXyjBdRrJ0-gp5BhPXqE9kB4j08XMfCLrd1d8ME9euwXfavOQD0XJb4qxgwUAP0TGLtYPbqSfyr0Qkr-QEeYvFWso2hH6oKLhZ_87WHcRtKlEJ96HTzwBCwrK6scXw4Nxd8J530SQbnHKo8O6drM0X2E4v-TTF2s1nPgogloOqBlBt0exAHAk_W8w9srUd5dG9p2jlHK_DFZUIR0qmh0lyCOCFQQKGX-nSrMcMYJ8KuLdARqyOkPVi1I57uJw&sai=AMfl-YQlkOA5fhT4cdQDk8NzoSxloUt7E7ZDs4-11c0FJW0CugZ-saHJ84bRVFSg8n5e-SAuINdDXpCFcvQVb1hmUaAgj4Q3nNwR0ez_OiwnSPK4d2KtxnEsdNcNdKmtIXUH&sig=Cg0ArKJSzLLau6mk_l2AEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame A369 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 23:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
12227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 23:45:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A369 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 03:02:03 GMT
l
www.google.com/ads/measurement/ Frame A369 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuFsL-udy7bEVsBpX7aT9pNevlCZXRG14NDOh9Qz9ebYLbINywNMe9b6mzo6Z4Gu4kuCuR_o5mgCvJKl9IWt37DZxgzQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A369 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:09:46 GMT
13148952536986812586
tpc.googlesyndication.com/simgad/ Frame A369 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13148952536986812586
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
fbdf12aa1eb94ab45dd826b6349c4fd915ab7a585cbe8d4c68d46a68caa37043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 05:59:24 GMT
x-content-type-options
nosniff
age
162621
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15618
x-xss-protection
0
last-modified
Tue, 27 Apr 2021 10:18:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Dec 2023 05:59:24 GMT
rum
dsum-sec.casalemedia.com/ Frame ACB6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5qP_QAEC08CCgAZ
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5qP_QAEC08CCgAZ&_test=Y5qP_QAEC08CCgAZ
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5qP_QAEC08CCgAZ&_test=Y5qP_QAEC08CCgAZ
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-syd10172-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671073786.909395,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5qP_QAEC08CCgAZ&_test=Y5qP_QAEC08CCgAZ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 5DCE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=7141713&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3c49d119318946cd6fe858a177c78d67ed10cd91f0a308c05cb9da4a170262ea

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 15 Dec 2022 03:09:46 GMT
content-length
1672
content-type
text/html; charset=UTF-8
increment
id5-sync.com/api/esp/ 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 15 Dec 2022 03:09:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
setuid
ib.adnxs.com/ Frame ACB6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Y5qP_QAAAkH1QwAo
  • https://ib.adnxs.com/setuid?entity=158&code=Y5qP_QAAAkH1QwAo&_test=Y5qP_QAAAkH1QwAo
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=Y5qP_QAAAkH1QwAo&_test=Y5qP_QAAAkH1QwAo
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:46 GMT
AN-X-Request-Uuid
06109659-8b57-4bf9-92b0-a57ccadee0fb
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-syd10172-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671073786.019136,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=Y5qP_QAAAkH1QwAo&_test=Y5qP_QAAAkH1QwAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
13726
check.analytics.rlcdn.com/check/ 		25 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-112.sin2.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
via
1.1 446026fb3dafe55d3602866eda0c744a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
x-amzn-trace-id
Root=1-639a8ffa-79f4292d19669ddd396642d5
x-amzn-requestid
91f11efe-398a-4e33-945e-461db96db975
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
dKtvIE16joEFngg=
content-length
25
x-amz-cf-id
ALrJw2DTosNINhhTBC0_ci2iwET4NzbXMKUEkUKtf0tRWCtxRY_TAw==
up_loader.1.1.0.js
js.adsrvr.org/ Frame F43F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 17:08:11 GMT
Content-Encoding
gzip
Via
1.1 934dd0fb722aa582f1b4a3cdae35b12c.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
36096
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
OGM_KS5RdfOXsW1lfIRXjalV4seXkBxLWvZtMr1ioGKEG3lwoG5Dkg==
uwt.js
static.ads-twitter.com/ Frame 67E1 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.44.157 Singapore, Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 15:55:14 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100040-IAD, cache-qpg1255-QPG
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 68B7 		1017 B
709 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-160.pacnet.net
Software
/
Resource Hash
4baf1f8d152b97458890b22fef3b1a965a8fbd9f2207d4b8c51fc6e1e5d401d3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
834
date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 19:04:50 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
5
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=57383
accept-ranges
bytes
content-length
490
js
www.googletagmanager.com/gtag/ Frame 4BDC 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
082324f55e6dd10eff6dbd749f7d9bd2576d809eaf5739832c83b55812824554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
53006
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 03:09:46 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 580B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 17:08:11 GMT
Content-Encoding
gzip
Via
1.1 ac187c6f8a07d8e2befb08fa6809bc08.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
36096
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
7hV7XXkwvySmHiBOhDka-Au2AQCLbwRD0T5CHok7EuznN2rRKJvizg==
pixie.js
acdn.adnxs.com/dmp/up/ Frame 251C 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.183 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-183.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Unused62
8096267
Date
Thu, 15 Dec 2022 03:09:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.13.10
ETag
"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
3340
Expires
Fri, 16 Dec 2022 03:09:49 GMT
activityi;dc_pre=CKPzsPvS-vsCFa4etwAdJAECMQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5401263708949.222
8228261.fls.doubleclick.net/ Frame 863F
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5401263708949.222?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CKPzsPvS-vsCFa4etwAdJAECMQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=540126370894...
402 B
293 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CKPzsPvS-vsCFa4etwAdJAECMQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5401263708949.222?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
cafe /
Resource Hash
d0279de3d330f6103a9cb724874dbdedae33b44cdebbdca46fb907cf3219e122
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
224
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:09:46 GMT
expires
Thu, 15 Dec 2022 03:09:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:09:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CKPzsPvS-vsCFa4etwAdJAECMQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5401263708949.222?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CITqsPvS-vsCFcPmcwEdPKsNXQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587840093593.782
8228261.fls.doubleclick.net/ Frame AB36
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587840093593.782?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CITqsPvS-vsCFcPmcwEdPKsNXQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=158784009359...
402 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CITqsPvS-vsCFcPmcwEdPKsNXQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587840093593.782?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
cafe /
Resource Hash
e097e0f4d5290725d3f9da40c2719f622a8e579ffff890a9a7dd7d2632ec2f8c
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
225
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:09:46 GMT
expires
Thu, 15 Dec 2022 03:09:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:09:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CITqsPvS-vsCFcPmcwEdPKsNXQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587840093593.782?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame 7A6E 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
05816d52fa2870bc59ee6cd704b62968a49bca08b4ceb6cdd0eba29b0fccb7bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
52984
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 03:09:46 GMT
conversion.js
www.googleadservices.com/pagead/ Frame EEAC 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
1e598350485430106ce15a2db0eefa83278a3ec8470a540711321e527c420188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16824
x-xss-protection
0
server
cafe
etag
9000569688538989929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Dec 2022 03:09:46 GMT
sync
ups.analytics.yahoo.com/ups/55953/ Frame 8DEB
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3407f6ba-8900-454e-8d7c-437e273b12f1&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3407f6ba-8900-454e-8d7c-437e273b12f1&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-Q54eIX9E2uLCXlIrKf6DvSCb26h0mOI-~A&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3407f6ba-8900-454e-8d7c-437e273b12f1&_origin=0&gdpr=0&gdpr_consent=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=3407f6ba-8900-454e-8d7c-437e273b12f1&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=3407f6ba-8900-454e-8d7c-437e273b12f1&_origin=0&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
267
px
secure.adnxs.com/ 		0
947 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:46 GMT
AN-X-Request-Uuid
f8040eb2-b155-4eb6-9ffc-45e86cf6d396
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
947 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:47 GMT
AN-X-Request-Uuid
ae3228ef-0232-43f1-b800-abe40938f8b6
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8AE3 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SCYAE8CPP6KQJ5XDP7YH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8AE3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3407f6ba-8900-454e-8d7c-437e273b12f1&expiration=1673665785&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3407f6ba-8900-454e-8d7c-437e273b12f1&expiration=1673665785&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3407f6ba-8900-454e-8d7c-437e273b12f1&expiration=1673665785&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 8AE3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5qP.Y9gwtF.MOeIsu.A9QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_h9Eg3zps7C_2Zb7zQUUs&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_h9Eg3zps7C_2Zb7zQUUs&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_h9Eg3zps7C_2Zb7zQUUs&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8AE3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAWcBd_oTAv0JTa1xARKYdg&google_cver=1
43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAWcBd_oTAv0JTa1xARKYdg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1WIz9ETxv%2F4SFVXLAcJ8xHVqwjKN7arDg8lib914NZD%2BW%2BZCWqgGzub9XB30o2Or4p0uVozvI7xqgrDx0DNiHXbpVOmR2fBXoAc%2BDPk4OG1Zn1h5Ok1l08O1bjOf3kVStbKvxwH7kq3zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
779bfb7b8ec7a932-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAWcBd_oTAv0JTa1xARKYdg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=23728&dpuuid=Y5qP.Y9gwtF.MOeIsu.A9QAA%265314
dpm.demdex.net/ Frame 8AE3 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5qP.Y9gwtF.MOeIsu.A9QAA%265314?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.51.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-51-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0dbc6c16a.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
wrDKa2y3Reo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum-sec.casalemedia.com/ Frame 8AE3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5qP_QAADtHGEAAe
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5qP_QAADtHGEAAe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-syd10172-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671073786.859503,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5qP_QAADtHGEAAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 8AE3
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030001_639a8ffadcaf7&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_639a8ffadcaf7
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_639a8ffadcaf7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

date
Thu, 15 Dec 2022 03:09:47 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_639a8ffadcaf7
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame 8AE3
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date
Thu, 15 Dec 2022 03:09:46 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 8AE3 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K8JWYKBBP44180EX6QXG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame ACB6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5qP_QAADtHGEAAe
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5qP_QAADtHGEAAe
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-syd10172-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671073786.845629,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5qP_QAADtHGEAAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame ACB6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qP_QAEC08CCgAZ
1 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qP_QAEC08CCgAZ
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 03:09:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-syd10172-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671073786.950125,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qP_QAEC08CCgAZ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame C5FD 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R2_hrwxEuuOOtg-02UaT3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-R2_hrwxEuuOOtg-02UaT3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ Frame C5FD 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
sffe /
Resource Hash
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6458
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 19:15:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:26:59 GMT
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABX... Frame C5FD 		178 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
4f5258b77094e2764ed3cbaccfa9a241723c11ed8f813f857eb176e5f9a19bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64157
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 03:53:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 17:47:14 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 16 Dec 2022 03:09:46 GMT
partner
sync.search.spotxchange.com/ Frame ACB6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5qP_QAAAkH1QwAo&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5qP_QAAAkH1QwAo&img=1&__user_check__=1&sync_id=ee46f7e6-7c25-11ed-889d-1a5700cb0407
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5qP_QAAAkH1QwAo&img=1&__user_check__=1&sync_id=ee46f7e6-7c25-11ed-889d-1a5700cb0407
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
103.71.26.126 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 03:09:47 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
84
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 15 Dec 2022 03:09:47 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=6409&uid=Y5qP_QAAAkH1QwAo&img=1&__user_check__=1&sync_id=ee46f7e6-7c25-11ed-889d-1a5700cb0407
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
64
Connection
keep-alive
Content-Length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame F7C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cfa6a-I-aY763NMjJmsMP4q6ewAjdleW3XPb-j45XwI23ARABIABgpYCAgJABggEXY2EtcHViLTkxNzI3MDA1ODcxNzUzMzLIAQngAgCoAwGqBOcBT9B38Eq3q2ht40YXhR3zMwEjMKq10rU_sqVeNpuRU0GePJFGin2qPBAh0_KSqGnU3wi7cgSLmaC0NetP3TZ6bCRJB84_8SniPcpnGPtdAKscf98YuxSGWhW890Z8qTOavleqSo4Rpm3mJCYr5BPWeAWFuWczGqLUWzw-tKAeUXSVCRy1LYFkEykhKfbSWP9mDHZSWcyJd0hU1okjPcwIEp6redbRo4zM5trRvyL4OfG4txW6l2CkBitbjnL7ZdKLXkzW34YMQMVU5FSipdIVChKIfN9uLXuN21fiClkOqs9nDBUhSflX4AQBgAaxsfe-n9TEy3OgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MTcyNzAwNTg3MTc1MzMyGNfPEg&sigh=4Y-p3apEGHM&uach_m=[UACH]&cid=CAQSOwDq26N9Rh1yM4suTNv5kdULJW3DMrKD55qUCENh3cqgkg1tAO5EbWF_P4n6sPM3dlSQSJQLbL9GvwKmGAEgEw
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=aa91b0105669b333242cb2dd528166b0-1671073775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
ca
choices.truste.com/ Frame F7C9 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=on4yymv_rd1wgn9_u18zi3kh&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-96.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
58c6ed298adc79144173b43526af24a8625f756a9ca8fa31e1aa093a58d802ee
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 01:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 0f2b81f417aa397d9ed9b32b2017aaca.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
SIN52-P1
cross-origin-embedder-policy
unsafe-none
age
5674
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
LucafSLV_bdiYGmSHBgM4J8TTURUfjfYo8RI2JN_8blWUp48qCIRfA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
google
hk3-bid.adsrvr.org/bid/feedback/ Frame F7C9 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk3-bid.adsrvr.org/bid/feedback/google?t=1&iid=ec7a1a6d-2918-4e14-b076-63249069287f&crid=u18zi3kh&wp=Y5qP-AANG74CZqTIAAeXYos8KWbosr2xXhWBQw&aid=1&wpc=USD&sfe=15d20ff8&puid=CAESEP5H3hgIABnodoNcqroZNP0&tdid=&pid=9a7i05c&ag=rd1wgn9&adv=szu2kkt&sig=1aqybSpNCBpc2qb-jRs9StPu-xBYofn32HpLTp8O08VE.&bp=2.15915213180287&cf=4207013&fq=0&td_s=www.heraldsun.com.au&rcats=&mste=www.heraldsun.com.au&mfld=2&mssi=&mfsi=&uhow=110&agsa=&rgz=2015&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=pub-9172700587175332&did=&rcxt=Other&lat=-33.910000&lon=151.200000&tmpc=22.75&daid=&vp=0&osi=&osv=&bffi=41&mk=Google&mdl=Chrome%20-%20Windows&c=CglBdXN0cmFsaWESL05ldyBTb3V0aCBXYWxlcyAtIFN5ZG5leSAtIENpdHkgQW5kIElubmVyIFNvdXRoGgAiDEJlYWNvbnNmaWVsZDgBUAF4AIABAIgBAZABAbABALoBBAgMGAQ.&dur=CjgKHmNoYXJnZS1hbGxHcmFwZXNob3RCcmFuZFNhZmV0eSIWCPb__________wESCWdyYXBlc2hvdApECiljaGFyZ2UtYWxsRGlzcGxheVZpZXdhYmlsaXR5QmlkQWRqdXN0bWVudCIXCJr__________wESCnEtYWxsaWFuY2UKMAoMY2hhcmdlLWFsbC0xIiAI____________ARITdHRkX2RhdGFfZXhjbHVzaW9ucwpICiFjaGFyZ2UtYWxsTW9hdFZpZXdhYmlsaXR5VHJhY2tpbmciIwil__________8BEg5tb2F0LXJlcG9ydGluZyoGCKCNBhgM&durs=bgpsHS&crrelr=&fpa=296&pcm=3&said=Hbja4VNhXxLjIIy5RIc2tQ%3D%3D&auct=1&im=1&mc=33ba9a5a-e988-47ff-86ff-3191711189a2&tail=1
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
47.242.65.123 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type
image/gif
cache-control
must-revalidate, no-cache
x-connection
close
u18zi3kh_300x250.jpg
ad.adsrvr.org/9a7i05c/szu2kkt/ Frame F7C9 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.adsrvr.org/9a7i05c/szu2kkt/u18zi3kh_300x250.jpg?cb=840391
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd56fe5b6b1263cdb2ece23a6854ebde16cbd1179cc0e9ff628876f8c4416c1a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:01:56 GMT
via
1.1 9c77410e22dc74e7bd4296ee24a7bbce.cloudfront.net (CloudFront)
last-modified
Sun, 13 Nov 2022 23:01:18 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
83271
x-amz-server-side-encryption
AES256
etag
"e6d0d206934be351bb64bf8001c640a0"
x-cache
Hit from cloudfront
content-type
image/jpg
accept-ranges
bytes
content-length
86582
x-amz-cf-id
m2Viz6PIaFC3ctAkWC8xGhABHPx9FcEJH0f3y7WN9RVnX0tsaWI7HQ==
moatad.js
z.moatads.com/thetradedeskv275874568748/ Frame F7C9 		335 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/thetradedeskv275874568748/moatad.js
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
28aca0f1123fc56312b262449c8967227f5a477aa29bc53b52031c184da1d375

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 17:34:03 GMT
server
AmazonS3
x-amz-request-id
X6QMBFX8GQA5DM04
etag
"23e9862785189a1f163584929a8a800c"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=61725
accept-ranges
bytes
content-length
116810
x-amz-id-2
j4GPLsTMcRaABXC9QsVVgFBIi+DD0Zulrs2UjprjsmtBBVVoaUP71b9xNvjFka4j3BoRiLRcSYM=
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F7C9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 03:02:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F7C9 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 13:16:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
50007
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 13:16:19 GMT
l
www.google.com/ads/measurement/ Frame F7C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlpLBZD86rh-T144KooQh_F9dDAS0gbGAu3sdouZ5kl057LYuktOJdyBHAUY1bJ8C5EPQlINv24YsGcOhkJQbR184sNw
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F7C9 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 14:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
44854
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Dec 2023 14:42:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F7C9 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:09:46 GMT
truncated
/ Frame BA84 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ec3bc86b3068c897765fd1b8a794ecbc905b8ba9169fedf6fe8e220945bc8a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
b.php
www.facebook.com/fr/ Frame ACB6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5qP_QAAAkH1QwAo&t=2592000&o=0
43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5qP_QAAAkH1QwAo&t=2592000&o=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:09:46 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
4KF4MAqf04rEgl5fy+027sIHdSB7lbO0+qU5eaVJa3M9cjtSEQVKx46BBTKsaNjqvFMIsTxFu2bsmfBcLzhfHQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
cache-control
public, max-age=0
priority
u=3,i
expires
Wed, 14 Dec 2022 19:09:46 PST

Redirect headers

x-served-by
cache-syd10172-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671073786.153801,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5qP_QAAAkH1QwAo&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
truncated
/ Frame A369 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7e81547491c16035ad8bfef7ccd5d58241ee34b682ea28e09d2b05c1c1bdb34

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C5FD 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 18:07:17 GMT
x-content-type-options
nosniff
age
550949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 18:07:17 GMT
ibs:dpid=147592
dpm.demdex.net/ Frame ACB6
Redirect Chain
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.214.51.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-51-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0ad808d7b.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
O9c7YsHVTQU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-vcl-time-ms
94
date
Thu, 15 Dec 2022 03:09:46 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1671073786.261438,VS0,VE94
x-cache
MISS
location
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10151-SYD
truncated
/ Frame 73FB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafe0256f6066f49e799fcaa56acdc553048ee5707e69aa278025ff95fde69

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 659E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.13.140.73 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-13-140-73.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c0be42a419e69918d547e0509026832bf520142fcc19747cd632be523c01fb45

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 03:09:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Dec 2022 08:27:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19077
Connection
keep-alive
Content-Length
10065
Expires
Thu, 15 Dec 2022 08:27:43 GMT
0
sync.1rx.io/usersync/adobe/ Frame ACB6 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.44 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
jload
pixel.adsafeprotected.com/ Frame 39E9 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|1&pubId=36557831&chanId=171638111&placementId=6111071016&pubCreative=138405557671&pubOrder=3082546051&cb=525558173&custom=homepage&custom3=168400391&adsafe_par&impId=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
edf89ad38d60352113b897011f2a8bcfad3ae02cd5abca770dac96015e085067

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame EEAC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1671073786456&cv=9&fst=1671073786456&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
00d877cf8ab56b0e41021ca56386a1740f9cb7fa03d6e41920f5a470b0c81209
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
908
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BA84 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8jRJThRL189sUIIldUpT8NNHAC5HSpVyOqpM18txKoysGAHm4ovWBsIQGZVfJK3jmYnGy-v7UscjSuW-9cFE0vir_yXXkknpt9mFZDt6AKldHY4U4gmbRUlI1CHZ-Jqv_huAnMlJYbBpDgg20anxCOTOLSOtW2niY7hLmtA5SdASrN1GD7s99Mx7i1-LImSZuS3uW15jPMKLbBFDBtTHMaq6bxv8a0i7TT6ygK-Zk_7YXexQDDwshhR7vKhkwbAH1T-3FZtus9vjEZNonrGjRZSATVHjl-O1lD8_VILHvcRrYA2QsUOtx4qFUnMSmKrzS&sai=AMfl-YRMWY6BDCqL3MPCeOIGI_JlvcEzttxqTbF2UxqfQqyXQJJkgjRhFpmkUhZ-7a1a14TsiU91LNhP_DsJdUBiMWVqcmV25h4IegBAihetkujIsB0ItDA-EOrxD7GPcfe7&sig=Cg0ArKJSzM59Zx-U8LDwEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 03:09:46 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EE31
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:caa7639a-8ff9-4200-8b5b-209efb5c023f&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:caa7639a-8ff9-4200-8b5b-209efb5c023f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:09:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 15 Dec 2022 03:09:46 GMT
Expires
Thu, 15 Dec 2022 03:09:45 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master nrt-pixel-x14 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:caa7639a-8ff9-4200-8b5b-209efb5c023f&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 2F77 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID2BB2C270-1275-4EE1-B10B-096D74BFC1C7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Dec 2022 03:09:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
S1ZM7AKKVCV0B8HR274V
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5DCE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K7LCcBJ1TuGxCwltdL_Bxw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=72512
accept-ranges
bytes
content-length
5549
expires
Thu, 15 Dec 2022 23:18:18 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 5DCE
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=2BB2C270-1275-4EE1-B10B-096D74BFC1C7
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=2BB2C270-1275-4EE1-B10B-096D74BFC1C7
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1f37e46b-e5b2-40b6-b147-cbbc088b6407%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3407f6ba-8900-454e-8d7c-437e273b12f1&ttd_puid=1f37e46b-e5b2-40b6-b147-cbbc088b6407%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3407f6ba-8900-454e-8d7c-437e273b12f1&ttd_puid=1f37e46b-e5b2-40b6-b147-cbbc088b6407%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:47 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3407f6ba-8900-454e-8d7c-437e273b12f1&ttd_puid=1f37e46b-e5b2-40b6-b147-cbbc088b6407%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
qmap
sync.crwdcntrl.net/ Frame 5DCE
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2BB2C270-1275-4EE1-B10B-096D74BFC1C7&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2BB2C270-1275-4EE1-B10B-096D74BFC1C7&gdpr=0&gdpr_consent=&ct=y
49 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2BB2C270-1275-4EE1-B10B-096D74BFC1C7&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
18.140.183.49 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-183-49.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.9.40
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2BB2C270-1275-4EE1-B10B-096D74BFC1C7&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.14.17
content-length
0
expires
0
info
uipglob.semasio.net/pubmatic/1/ Frame 5DCE 		42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2BB2C270-1275-4EE1-B10B-096D74BFC1C7&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

uip-response-status
FallbackResponse
date
Thu, 15 Dec 2022 03:10:05 GMT
frontend-id
0
content-length
42
routing-server-id
1
content-type
image/gif
Pug
image2.pubmatic.com/AdServer/ Frame 5DCE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkJCMkMyNzAtMTI3NS00RUUxLUIxMEItMDk2RDc0QkZDMUM3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:09:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5DCE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMrQjJirehml1hEPAdobVSQ&google_cver=1
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMrQjJirehml1hEPAdobVSQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:09:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMrQjJirehml1hEPAdobVSQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5DCE
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:903013B2202C4A24905F0F26C6F8A8E6
42 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:903013B2202C4A24905F0F26C6F8A8E6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:09:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 15 Dec 2022 03:09:47 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:903013B2202C4A24905F0F26C6F8A8E6
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 14 Dec 2022 03:09:47 GMT
2BB2C270-1275-4EE1-B10B-096D74BFC1C7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5DCE 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2BB2C270-1275-4EE1-B10B-096D74BFC1C7?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.22.85 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-22-85.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 5DCE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=
42 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:09:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
adsct
t.co/i/ Frame 67E1 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=7b6525df-d00c-488c-b2da-2a2da533a7ff&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a4e20622-a281-41c2-a91e-e1440762e0f3&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time
146
date
Thu, 15 Dec 2022 03:09:46 GMT
strict-transport-security
max-age=0
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
0ded1b0b9a9e4c40
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
65898d99c897bcc1749f08ed0ea736a5d56a03f450b364d985b5b2a340611180
content-length
43
adsct
analytics.twitter.com/i/ Frame 67E1 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=7b6525df-d00c-488c-b2da-2a2da533a7ff&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a4e20622-a281-41c2-a91e-e1440762e0f3&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time
154
date
Thu, 15 Dec 2022 03:09:46 GMT
strict-transport-security
max-age=631138519
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
31c11c289d817d03
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
e0d1e1edf94b9841a6efcacb7f02ca210bcbda90afb311f7be5f15b175a3d076
content-length
43
ecm3
s.amazon-adsystem.com/ Frame 659E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LBOI6NG8-I-M375
  • https://s.amazon-adsystem.com/ecm3?id=LBOI6NG8-I-M375&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LBOI6NG8-I-M375&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
17GRV5Q8G84JPRS6E1XT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LBOI6NG8-I-M375&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires
0
insight.old.min.js
snap.licdn.com/li.lms-analytics/ Frame 68B7 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-160.pacnet.net
Software
/
Resource Hash
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 16:10:50 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=38973
accept-ranges
bytes
content-length
4581
view
securepubads.g.doubleclick.net/pcs/ Frame A369 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvAeQpBwo7HqbOilFQmGjctF73xpvOFaI1eOyKZPIS7jTa0xANth1wCk7xrYbvHc0CJq3q3jp8H4DymNQ7i9vnFik3_qLEBpQGxrxp3r6xI6UmxwW3h1mDRY_8t44n3dwBOJ7pafEICX1Mx2OkMXoBL5WbHHmGMGGg8Q1_2H7kN0xQlN7fRHsBjl-xLQHQy2Re8LA3CC-0XjcidJ0qDX2kDKGaSnIL66ssLKNxzG7qY4HfHzbI4ID3XkUVOC99yHb6eVubaB858hRd_ChbQw4QeaxxHTOVQj57zKYT-1A6TjEji07AZzM6bBWhMjFv_NZL&sai=AMfl-YRqxEUJI5t--n6kb2t64-mgRe5bPjFDXscxbzqR9N5Pmh-un0ryvMluSZ5XTliqIF_DKmj2z7KXDanQ06cnyF95t3AYcOyx0JFoMsuq1dTEuLnsKpK_8neTzu7J0xtc&sig=Cg0ArKJSzLsY8_mzyYt-EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 03:09:46 GMT
jload
pixel.adsafeprotected.com/ Frame 2FBD 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138347631275&pubOrder=2553375348&cb=1800766216&custom=homepage&custom3=168400391&adsafe_par&impId=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
d5782b9d5673c486506c93f060e962736615fce7928e530212c3538b3fd85593

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 73FB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstr8-IieAhgj_IwQFafQjTRp6zF8URKIubdFQlDcVMb1spAnk_lZFe6UX-yGUN8OV5vlfeN4wWFh6yIRwvwta8F7aeGmD8t_TXBqGn7XmU_1viXUxDAjE4XR5CHtq8sjK8Sx1iIt83DzKqoKt843Ov6R8dMaVZWZzdLLGbg82q6SGYFMLnInlwFQrvexqqnD5WFE1WqhhiFg956iwE4p9KYXC6BK8ja32jG06MJEWrjBlv9odBWh_eMNhQJg826X-rALFNmYFRBnLnENH2UKzAGlXayBWUJkMBZVkQr_3i5pslHY5mU0_pW-vdftzzTXubM&sai=AMfl-YRuqDRR8bX7WIbODglBKcbMZFW_dDENex70wmAay5Z_RcQYQaJuqmVD_CZqlGbq8JcY3VhT69arlUad1NPEjfQoDNZFKfD_IfQGs6LabDo-2eRLQfn2Jm6iVMQXrKxq&sig=Cg0ArKJSzGXGnsFj_84EEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 03:09:46 GMT
jload
pixel.adsafeprotected.com/ Frame 6E50 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138347631278&pubOrder=2553375348&cb=1607437252&custom=homepage&custom3=168400391&adsafe_par&impId=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
f7e88dfec8eb11687d47b060cac765d657ca6207d50bd9d3d92ead924ec4d1f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.251.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-251-57.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 15 Dec 2022 03:09:47 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.251.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-251-57.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 15 Dec 2022 03:09:47 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
ixmatch.html
js-sec.indexww.com/um/ Frame 26CF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
326
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
779bfb80de8caae9-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 03:09:47 GMT
expires
Thu, 15 Dec 2022 07:09:47 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3DC6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.183 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 15 Dec 2022 03:09:47 GMT
ETag
"623de86a-cf34"
Expires
Fri, 16 Dec 2022 03:09:49 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 9513 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3373bf0e9c20d05a7cc15a719073afccfac16280d0052945a325913d9950ad56

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
779bfb7f8bd4a932-SYD
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 03:09:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytGGucqJPwms2r1qKB8YCp50OcuexlGmJI%2BLA6RF69DWFQs758MIELB2SnkPktqhb3a9cPjEqwx0CxOfI8nAxEJe50%2FRRYeqH7lbeiwo%2F8b2l5UAitmMji1DNxVncB1vHhPFzpP7%2F%2BqWYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0606 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.13.140.73 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-13-140-73.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 03:09:46 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9903 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=72512
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 03:09:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 23:18:18 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=2866451666043766535
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=2866451666043766535
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:47 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
7c44fe3e-004a-4645-9e1c-5db5de916119

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:46 GMT
AN-X-Request-Uuid
fb85136e-c9e6-4f28-a1eb-b97bbd361a8f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.playground.xyz/usersync?partner=appnexus&uid=2866451666043766535
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
up
insight.adsrvr.org/track/ Frame EC29 		989 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
06dc65c0c36784dc999236b2d2798dbc941d132b0d8ddec0734c8074bd2a3038

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 03:09:46 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
up
insight.adsrvr.org/track/ Frame 28F0 		989 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e08f58109945c5c8ecfe19db0b5df560d74e90699f61db79f75ad9fb7ce27bd6

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 03:09:46 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
tap.php
pixel.rubiconproject.com/ Frame 659E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
dcm
aax-eu.amazon-adsystem.com/s/ Frame 659E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CDFD275BQANM2JXMV56C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 659E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmNhYTlkNTg5NmYxNzY4MDNjMDdhZjcwYTk2YWVkMTRkY2ZmNmFlZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmNhYTlkNTg5NmYxNzY4MDNjMDdhZjcwYTk2YWVkMTRkY2ZmNmFlZg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmNhYTlkNTg5NmYxNzY4MDNjMDdhZjcwYTk2YWVkMTRkY2ZmNmFlZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 659E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_0aSJEfLSKOwBp23z9pn1g&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_0aSJEfLSKOwBp23z9pn1g
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_0aSJEfLSKOwBp23z9pn1g
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TSZE6JENTVF5T25JBNVC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_0aSJEfLSKOwBp23z9pn1g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 659E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJPSTZORzgtSS1NMzc1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJPSTZORzgtSS1NMzc1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJPSTZORzgtSS1NMzc1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 659E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJmz23i2q928mp2CVlig6LI&google_cver=1
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJmz23i2q928mp2CVlig6LI&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJmz23i2q928mp2CVlig6LI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 659E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBOI6NG8-I-M375
0
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBOI6NG8-I-M375
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:47 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: A82B488538B944F0913A70C5577951D0 Ref B: SYD03EDGE1405 Ref C: 2022-12-15T03:09:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXv1S9//WH+o4xSWhgu7Q==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBOI6NG8-I-M375
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 659E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/d5YJmIdh2r8iInK4G9Bj_w?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Agd7saxE2oI4WTgFxxbKN76EwvA2KOcrYxObtQ--~A
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Agd7saxE2oI4WTgFxxbKN76EwvA2KOcrYxObtQ--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 15 Dec 2022 03:09:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Agd7saxE2oI4WTgFxxbKN76EwvA2KOcrYxObtQ--~A
content-length
0
/
www.google.com/pagead/1p-user-list/859754747/ Frame EEAC 		42 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1671073786456&cv=9&fst=1671073200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=744561112&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/859754747/ Frame EEAC 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/859754747/?random=1671073786456&cv=9&fst=1671073200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=744561112&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CITqsPvS-vsCFcPmcwEdPKsNXQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587840093593.782
adservice.google.com/ddm/fls/z/ Frame AB36 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CITqsPvS-vsCFcPmcwEdPKsNXQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587840093593.782
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CITqsPvS-vsCFcPmcwEdPKsNXQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587840093593.782?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CKPzsPvS-vsCFa4etwAdJAECMQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5401263708949.222
adservice.google.com/ddm/fls/z/ Frame 863F 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKPzsPvS-vsCFa4etwAdJAECMQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5401263708949.222
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CKPzsPvS-vsCFa4etwAdJAECMQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5401263708949.222?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame EC29 		487 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 19:22:46 GMT
Via
1.1 ac187c6f8a07d8e2befb08fa6809bc08.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
28021
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
wLaZjER1PkaxI1af3hosWQoHPKW5rSCyn_FtEsigL9I8xqkGrwtASg==
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 28F0 		487 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 19:22:46 GMT
Via
1.1 934dd0fb722aa582f1b4a3cdae35b12c.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
28021
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
PEidM6y1mOu4h8M8kx4ilBXS5ZsugpublhA4mgH-d-95c-KyY3qj7g==
token
cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-116.sin2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
age
22444
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 14 Dec 2022 20:55:43 GMT
via
1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-id
adL5zEM4DZjYrLfgBZrWnPPSoLYjp_ZIht6aWbajSZ_6-OIZWnqPjA==
x-amz-cf-pop
SIN2-P1
x-cache
Hit from cloudfront
token
cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/ Frame 68B7 		36 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-116.sin2.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 00:56:34 GMT
content-encoding
gzip
via
1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
7993
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=17408
x-amz-cf-id
DhEYJOEAXl86YUbLcTzX2RI1PyjVZN1Hx-AsMAZgFSmRlGKMZJaidg==
/
p.adsymptotic.com/d/px/ Frame 68B7
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671073786922&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671073786922&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1671073786922%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671073786922&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true&liSync=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9091c847-0c1b-4e2b-aa4a-51c2ddb355ed
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9091c847-0c1b-4e2b-aa4a-51c2ddb355ed&_expected_cookie=a138050acbcbcc52f4f2f09d...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9091c847-0c1b-4e2b-aa4a-51c2ddb355ed&_expected_cookie=a138050acbcbcc52f4f2f09d07ee5dd7
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Thu, 15 Dec 2022 03:09:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
779bfb8c5ac75569-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9091c847-0c1b-4e2b-aa4a-51c2ddb355ed&_expected_cookie=a138050acbcbcc52f4f2f09d07ee5dd7
date
Thu, 15 Dec 2022 03:09:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
779bfb8b19b35569-SYD
content-length
0
m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L... Frame C5FD 		133 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L.B1.O/am=OgwAEA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71F2Ap3hCO5aPqzf9cEl2BJ7hlqA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
9ff79f831706ee98020c617518d4dea792976313b1ce1ab3d07d12f4639bcece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:47:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45910
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 23:55:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 17:47:55 GMT
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.8.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-8-30.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9513 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.22.85 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-22-85.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 9513
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2866451666043766535
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2866451666043766535
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:47 GMT
AN-X-Request-Uuid
f268c9fc-3b26-4b35-8ef8-579ab20e09dc
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2866451666043766535
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9513
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Server
18.140.22.85 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-22-85.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB
date
Thu, 15 Dec 2022 03:09:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 9513
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7596305536165464863
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7596305536165464863
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7596305536165464863
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ibs:dpid=23728&dpuuid=Y5qP.Y9gwtF.MOeIsu.A9QAA%265314
dpm.demdex.net/ Frame 9513 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5qP.Y9gwtF.MOeIsu.A9QAA%265314?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.51.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-51-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-00ca13cbf.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
mVheCuUBRgw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 9513
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=phJgZ9CNY63qZooyBV6V&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD24DIJJTVU...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=phJgZ9CNY63qZooyBV6V
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=phJgZ9CNY63qZooyBV6V
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:49 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=phJgZ9CNY63qZooyBV6V
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9513
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=16f53cf7-7c29-4f78-a59c-40dbfed353d2&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=16f53cf7-7c29-4f78-a59c-40dbfed353d2&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=16f53cf7-7c29-4f78-a59c-40dbfed353d2&us_privacy=null&gdpr_consent=null&gdpr=null
date
Thu, 15 Dec 2022 03:09:48 GMT
server
_
content-length
0
tp_out
d.adroll.com/cm/index/ Frame 9513 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.254.84 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-254-84.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:47 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
i.gif
mfad.inskinad.com/udb/9874/sync/ Frame 9513 		43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=Y5qP.Y9gwtF.MOeIsu.A9QAA%265314
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.166.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-166-22.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
undefined
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
43
x-served-by
bifrost-production-shard001-us-east-1b-i-00714f3e0194e5f2d
usync.js
eus.rubiconproject.com/ Frame 0606 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.13.140.73 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-13-140-73.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c0be42a419e69918d547e0509026832bf520142fcc19747cd632be523c01fb45

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 03:09:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Dec 2022 08:27:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19076
Connection
keep-alive
Content-Length
10065
Expires
Thu, 15 Dec 2022 08:27:43 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 4BDC 		2 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1671073787185&cv=11&fst=1671073787185&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&auid=2112665395.1671073787&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
316148663fb541638ab8110da16a88bd42a6845eef56f07bec7cce1d82b8e590
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
858
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame CAC7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fab98dd589aef77e51e7bc23d3ee8fca2ae741341e9b905063110ffbe7e97850

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
779bfb827fd1a932-SYD
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 03:09:47 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qw54SgqG3%2FaDI6VNyIcMea1sskQhShaY1%2BCd0owSpBeg5i1X44htmPB8Ab9LAA2sWaYtFN%2FzbW4aSWHIWPz9n9wtqY9qBo%2FRb1Rg4mW6%2BNHg7l%2BGyRHgNf0G%2B5ntblSBTjsKKvFN%2FkFsdg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame 659D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MzQwN2Y2YmEtODkwMC00NTRlLThkN2MtNDM3ZTI3M2IxMmYx&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e2...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e273b12f1&google_gid=CAESEP5H3hgIABnodoNcqroZNP0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzQwN2Y2YmEtODkwMC00NTRlLThkN2MtNDM3ZTI3M2IxMmYx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e273b12f1
170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzQwN2Y2YmEtODkwMC00NTRlLThkN2MtNDM3ZTI3M2IxMmYx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e273b12f1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:09:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
423
content-type
text/html
date
Thu, 15 Dec 2022 03:09:47 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzQwN2Y2YmEtODkwMC00NTRlLThkN2MtNDM3ZTI3M2IxMmYx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e273b12f1
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
tap.php
pixel.rubiconproject.com/ Frame DE14
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30
42 B
690 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
c80248407eff6cf595ce43a76c04e23f
content-length
42

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
289
content-type
text/html
date
Thu, 15 Dec 2022 03:09:47 GMT
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
match
s.pubmine.com/ Frame F454
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=3407f6ba-8900-454e-8d7c-437e273b12f1&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=3407f6ba-8900-454e-8d7c-437e273b12f1&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=d13c19b7-0716-405b-af08-35d2ae2f9b21&ssp_data=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
43 B
286 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=d13c19b7-0716-405b-af08-35d2ae2f9b21&ssp_data=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.53.57.143 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-53-57-143.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
image/gif
Date
Thu, 15 Dec 2022 03:09:48 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 03:09:47 GMT
Location
//s.pubmine.com/match?bidder_id=1&external_user_id=d13c19b7-0716-405b-af08-35d2ae2f9b21&ssp_data=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
Server
nginx
tap.php
pixel.rubiconproject.com/ Frame F6B9
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30
42 B
690 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
content-length
42

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
289
content-type
text/html
date
Thu, 15 Dec 2022 03:09:47 GMT
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3407f6ba-8900-454e-8d7c-437e273b12f1&gdpr=0&gdpr_consent=&expires=30
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
pixel
cm.g.doubleclick.net/ Frame 0D4E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MzQwN2Y2YmEtODkwMC00NTRlLThkN2MtNDM3ZTI3M2IxMmYx&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e2...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e273b12f1&google_gid=CAESEP5H3hgIABnodoNcqroZNP0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzQwN2Y2YmEtODkwMC00NTRlLThkN2MtNDM3ZTI3M2IxMmYx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e273b12f1
170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzQwN2Y2YmEtODkwMC00NTRlLThkN2MtNDM3ZTI3M2IxMmYx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e273b12f1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:09:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
423
content-type
text/html
date
Thu, 15 Dec 2022 03:09:47 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzQwN2Y2YmEtODkwMC00NTRlLThkN2MtNDM3ZTI3M2IxMmYx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3407f6ba-8900-454e-8d7c-437e273b12f1
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
pixelCt.tpmn
ad.tpmn.co.kr/ Frame 8B13
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=3407f6ba-8900-454e-8d7c-437e273b12f1&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=3407f6ba-8900-454e-8d7c-437e273b12f1&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=0a82396ba36695c8904cb4078bac8b1f&tpmn_buid=d13c19b7-0716-405b-af08-35d2ae2f9b21
170 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=0a82396ba36695c8904cb4078bac8b1f&tpmn_buid=d13c19b7-0716-405b-af08-35d2ae2f9b21
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.166.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.166.102.34.bc.googleusercontent.com
Software
/
Resource Hash
071d0a5d172af491aedca9041f20e830d25fd4d339a1006bca3bed949069aa30

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
image/png;charset=utf-8
date
Thu, 15 Dec 2022 03:09:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
vary
accept-encoding
via
1.1 google

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 03:09:47 GMT
Location
//ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=0a82396ba36695c8904cb4078bac8b1f&tpmn_buid=d13c19b7-0716-405b-af08-35d2ae2f9b21
Server
nginx
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.8.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-8-30.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame 7A6E 		2 KB
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1671073787267&cv=11&fst=1671073787267&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&auid=2112665395.1671073787&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
c58757892378c5f299a012046e3d89dff57b0a39a774d901d1a0280dce2ef73b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
854
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.19.8.374.js
static.adsafeprotected.com/ Frame 39E9 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.374.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|1&pubId=36557831&chanId=171638111&placementId=6111071016&pubCreative=138405557671&pubOrder=3082546051&cb=525558173&custom=homepage&custom3=168400391&adsafe_par&impId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.210.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-210-105.lax50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 15:11:23 GMT
x-amz-version-id
B6ItnKfrk41R4i5Fj.qLTSTH8PHoK8yK
content-encoding
gzip
via
1.1 0931eacdfabebfd9816e3573b4bf15b4.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX50-C1
age
647904
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Dec 2022 14:12:43 GMT
server
AmazonS3
etag
W/"cc9d7366a4ecc29e6661ec3cb0566f3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
TDoMFEyVhuTfBhIZ1ixnG6tWD4P93YvO45so-tuP54gozn2spasjOg==
async_usersync
ib.adnxs.com/ Frame 3DC6 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:47 GMT
AN-X-Request-Uuid
e33f0334-096f-445e-92bc-ea0f67ab1243
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
main.19.8.374.js
static.adsafeprotected.com/ Frame 2FBD 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.374.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138347631275&pubOrder=2553375348&cb=1800766216&custom=homepage&custom3=168400391&adsafe_par&impId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.210.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-210-105.lax50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 15:11:23 GMT
x-amz-version-id
B6ItnKfrk41R4i5Fj.qLTSTH8PHoK8yK
content-encoding
gzip
via
1.1 0931eacdfabebfd9816e3573b4bf15b4.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX50-C1
age
647904
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Dec 2022 14:12:43 GMT
server
AmazonS3
etag
W/"cc9d7366a4ecc29e6661ec3cb0566f3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
3xWGimU74-phGQM8fJjCmO21qHIz4OCMJ7kuXm52Sk0u0XBgwWpucw==
pixie
ib.adnxs.com/ Frame 251C 		42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1671073787359&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1671073787358&et=1671073787359&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 03:09:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
ca
choices.trustarc.com/ Frame F7C9 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=on4yymv_rd1wgn9_u18zi3kh&w=300&h=250&c=tradedesk01cont1&js=pmw1&base=te-clr1-dfebc971-dd2b-436a-8811-f84ebe8d3c3f&sid=0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=on4yymv_rd1wgn9_u18zi3kh&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-56.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
4659eb111944262ea882a8fe8cf2befc95a3e27d658c95124bbac231d28b2cb9
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
SIN2-P2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2477
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
9_s5u38BhslpdnXDh3vyRSBjqiFlCCjsGXbEuDe5y8rsGQiYeCTFyw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame F7C9 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=on4yymv_rd1wgn9_u18zi3kh&w=300&h=250&c=tradedesk01cont1&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=on4yymv_rd1wgn9_u18zi3kh&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-56.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
SIN2-P2
cross-origin-embedder-policy
unsafe-none
age
83270
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
bhRpRIy0gCOGPQfF9KdxnkYaELl6nHnPuoa0XDS1QrOr1UV_wg0c4Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame F7C9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=on4yymv_rd1wgn9_u18zi3kh&w=300&h=250&c=cb5f
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-56.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
_BFAP3y3rolhfsL5Q27EZ1pPqu3zFjCCsUOZN2TuUVBtY0le3eFKRg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
main.19.8.374.js
static.adsafeprotected.com/ Frame 6E50 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.374.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138347631278&pubOrder=2553375348&cb=1607437252&custom=homepage&custom3=168400391&adsafe_par&impId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.210.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-210-105.lax50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 15:11:23 GMT
x-amz-version-id
B6ItnKfrk41R4i5Fj.qLTSTH8PHoK8yK
content-encoding
gzip
via
1.1 0931eacdfabebfd9816e3573b4bf15b4.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX50-C1
age
647904
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Dec 2022 14:12:43 GMT
server
AmazonS3
etag
W/"cc9d7366a4ecc29e6661ec3cb0566f3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
GlogybgBnlE6AxX8EfKDWn-fKn1xCRwVuIgzWJVZKsI6yA1KxInYxA==
Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CAC7 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.22.85 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-22-85.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame CAC7
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2866451666043766535
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2866451666043766535
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:47 GMT
AN-X-Request-Uuid
0b1696e3-6029-47a2-b7c3-8932a19cf61f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2866451666043766535
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CAC7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
18.140.22.85 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-22-85.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5qP-Y9gwtF-MOeIsu-A9QAAFMIAAAIB
date
Thu, 15 Dec 2022 03:09:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame CAC7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=caa7639a-8ff9-4200-8b5b-209efb5c023f
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=caa7639a-8ff9-4200-8b5b-209efb5c023f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 15 Dec 2022 03:09:47 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x3 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=caa7639a-8ff9-4200-8b5b-209efb5c023f
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 03:09:46 GMT
crum
dsum-sec.casalemedia.com/ Frame CAC7
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=903013B2202C4A24905F0F26C6F8A8E6
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=903013B2202C4A24905F0F26C6F8A8E6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Thu, 15 Dec 2022 03:09:47 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=903013B2202C4A24905F0F26C6F8A8E6
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 14 Dec 2022 03:09:47 GMT
crum
dsum-sec.casalemedia.com/ Frame CAC7
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686798587&external_user_id=bab05e2e-514b-4026-b3e4-af56a214c416
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686798587&external_user_id=bab05e2e-514b-4026-b3e4-af56a214c416
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Thu, 15 Dec 2022 03:09:47 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686798587&external_user_id=bab05e2e-514b-4026-b3e4-af56a214c416
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame CAC7
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date
Thu, 15 Dec 2022 03:09:47 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame CAC7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=MpJ_N3Z2xmjJTPxGI_7C&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TLQJJPU4...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=MpJ_N3Z2xmjJTPxGI_7C
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=MpJ_N3Z2xmjJTPxGI_7C
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:49 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=MpJ_N3Z2xmjJTPxGI_7C
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame CAC7 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5qP.Y9gwtF.MOeIsu.A9QAA%265314
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:47 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
16802
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
779bfb857b66556f-SYD
content-length
43
expires
Fri, 16 Dec 2022 03:09:47 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BA84 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSxk3nnreAiNdt2gcAhxMlPFccFi2U6cyHPBQjZD6GkvN8dM-JxwO4rap58Mg4BOd5chQx0tUrRLI_7xQ2TJsw-rWA8UrxMQtd7Kv3_oh69wnMOaVL&sig=Cg0ArKJSzOOp-VvT1STVEAE&id=lidar2&mcvt=1000&p=28,436,118,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1798527053&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671073785470&rpt=1010&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/707564276/ Frame 4BDC 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1671073787185&cv=11&fst=1671073200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3675465933&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/707564276/ Frame 4BDC 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/707564276/?random=1671073787185&cv=11&fst=1671073200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3675465933&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L... Frame C5FD 		1 KB
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71F2Ap3hCO5aPqzf9cEl2BJ7hlqA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
9a16ace082ee5d4603c6b28a3aac56154bf72ff307fbc72269270c3f3acea61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:47:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
719
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 23:55:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 17:47:55 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame C5FD 		586 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-6237507545531428240&bl=boq_subscribewithgoogleclientserver_20221213.07_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=11388&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
ESF /
Resource Hash
6a781e9e5e64a18c4ce90814dd47e327bbf73130cb3aa0b3c12f48ca06ea5a19
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 03:09:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/820018408/ Frame 7A6E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820018408/?random=1671073787267&cv=11&fst=1671073200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=56770084&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/820018408/ Frame 7A6E 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/820018408/?random=1671073787267&cv=11&fst=1671073200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=56770084&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
n.js
geo.moatads.com/ Frame F7C9 		98 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=1807671245&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VnfZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRADEDESKV3&hp=1&ra=1&pxm=10&sgs=3&vb=-1&cm=4&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.heraldsun.com.au&lp=https%3A%2F%2Fwww.heraldsun.com.au&t=1671073787642&de=63668153242&m=0&ar=67fa5e2a4e8-clean&iw=2711444&q=2&cb=0&ym=0&cu=1671073787642&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=9a7i05c%3Aszu2kkt%3Aon4yymv%3Ard1wgn9&zMoatJS=-&zMoatCachebuster=297155&zMoatCreative=u18zi3kh&zMoatDealID=-&zMoatDomain=heraldsun.com.au&zMoatImpressionId=ec7a1a6d-2918-4e14-b076-63249069287f&zMoatPartnerID=9a7i05c&zMoatSite=www.heraldsun.com.au&zMoatSubdomain=heraldsun.com.au&zMoatSupplyVendor=google&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD1lYzdhMWE2ZC0yOTE4LTRlMTQtYjA3Ni02MzI0OTA2OTI4N2YmY3JpZD11MTh6aTNraCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNWQyMGZmOCZwdWlkPUNBRVNFUDVIM2hnSUFCbm9kb05jcXJvWk5QMCZwaWQ9OWE3aTA1YyZhZz1yZDF3Z245JmFkdj1zenUya2t0JmJwPTIuMTU5MTUyMTMxODAyODcmY2Y9NDIwNzAxMyZmcT0wJnRkX3M9d3d3LmhlcmFsZHN1bi5jb20uYXUmcmNhdHM9Jm1zdGU9d3d3LmhlcmFsZHN1bi5jb20uYXUmbWZsZD0yJm1zc2k9Jm1mc2k9JnVob3c9MTEwJmFnc2E9JnJnej0yMDE1JnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPSZzdnBpZD1wdWItOTE3MjcwMDU4NzE3NTMzMiZkaWQ9JnJjeHQ9T3RoZXImbGF0PS0zMy45MTAwMDAmbG9uPTE1MS4yMDAwMDAmdG1wYz0yMi43NSZkYWlkPSZ2cD0wJm9zaT0mb3N2PSZiZmZpPTQxJm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2xCZFhOMGNtRnNhV0VTTDA1bGR5QlRiM1YwYUNCWFlXeGxjeUF0SUZONVpHNWxlU0F0SUVOcGRIa2dRVzVrSUVsdWJtVnlJRk52ZFhSb0dnQWlERUpsWVdOdmJuTm1hV1ZzWkRnQlVBRjRBSUFCQUlnQkFaQUJBYkFCQUxvQkJBZ01HQVEuJmR1cj1DamdLSG1Ob1lYSm5aUzFoYkd4SGNtRndaWE5vYjNSQ2NtRnVaRk5oWm1WMGVTSVdDUGJfX19fX19fX19fd0VTQ1dkeVlYQmxjMmh2ZEFwRUNpbGphR0Z5WjJVdFlXeHNSR2x6Y0d4aGVWWnBaWGRoWW1sc2FYUjVRbWxrUVdScWRYTjBiV1Z1ZENJWENKcl9fX19fX19fX193RVNDbkV0WVd4c2FXRnVZMlVLTUFvTVkyaGhjbWRsTFdGc2JDMHhJaUFJX19fX19fX19fX19fQVJJVGRIUmtYMlJoZEdGZlpYaGpiSFZ6YVc5dWN3cElDaUZqYUdGeVoyVXRZV3hzVFc5aGRGWnBaWGRoWW1sc2FYUjVWSEpoWTJ0cGJtY2lJd2lsX19fX19fX19fXzhCRWc1dGIyRjBMWEpsY0c5eWRHbHVaeW9HQ0tDTkJoZ00mY3JyZWxyPSZmcGE9Mjk2JnBjbT0zJnNhaWQ9SGJqYTRWTmhYeExqSUl5NVJJYzJ0USUzRCUzRCZhdWN0PTEmaW09MSZtYz0zM2JhOWE1YS1lOTg4LTQ3ZmYtODZmZi0zMTkxNzExMTg5YTImdGFpbD0xJnN2PWdvb2dsZSZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=pub-9172700587175332&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=0&ii=3&bd=www.heraldsun.com.au&zMoatOrigSlicer1=www.heraldsun.com.au&zMoatOrigSlicer2=N%2FA&gw=thetradedeskv275874568748&fd=1&it=500&ti=0&ih=2&pe=0%3A1134%3A1134%3A0%3A0&jk=-1&jm=-1&fs=201243&na=2108524884&cs=0&ord=1671073787642&jv=1144609177&callback=DOMlessLLDcallback_83314277
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/thetradedeskv275874568748/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.217.106 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-217-106.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
cf71f77ca65d84fcd2e82b9176f32b618f136297883ec4e0d46f9a4e2bcb1b11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:48 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"1777523e587a84b1c2e2cac755b4b6dde3d9b328"
content-length
98
content-type
text/html; charset=UTF-8
v2
mb.moatads.com/s/ Frame F7C9 		143 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/s/v2?url=https%3A%2F%2Fwww.heraldsun.com.au%2F&pcode=thetradedeskv275874568748&ord=1671073787642&jv=1109373721&callback=BrandSafetyNadoscallback_83314277
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/thetradedeskv275874568748/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.0.212.186 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-212-186.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
0d9b171003cd9f7f4b99731a056ba9764b87d0e0a6188e380519b31c6e57e32b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:48 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"07ef9a309a8acb15d44fc29060420777b6f8c83f"
content-length
143
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame F7C9 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRADEDESKV3&hp=1&ra=1&pxm=10&sgs=3&vb=-1&cm=4&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.heraldsun.com.au&lp=https%3A%2F%2Fwww.heraldsun.com.au&t=1671073787642&de=63668153242&m=0&ar=67fa5e2a4e8-clean&iw=2711444&q=3&cb=0&ym=0&cu=1671073787642&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=9a7i05c%3Aszu2kkt%3Aon4yymv%3Ard1wgn9&zMoatJS=-&zMoatCachebuster=297155&zMoatCreative=u18zi3kh&zMoatDealID=-&zMoatDomain=heraldsun.com.au&zMoatImpressionId=ec7a1a6d-2918-4e14-b076-63249069287f&zMoatPartnerID=9a7i05c&zMoatSite=www.heraldsun.com.au&zMoatSubdomain=heraldsun.com.au&zMoatSupplyVendor=google&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD1lYzdhMWE2ZC0yOTE4LTRlMTQtYjA3Ni02MzI0OTA2OTI4N2YmY3JpZD11MTh6aTNraCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNWQyMGZmOCZwdWlkPUNBRVNFUDVIM2hnSUFCbm9kb05jcXJvWk5QMCZwaWQ9OWE3aTA1YyZhZz1yZDF3Z245JmFkdj1zenUya2t0JmJwPTIuMTU5MTUyMTMxODAyODcmY2Y9NDIwNzAxMyZmcT0wJnRkX3M9d3d3LmhlcmFsZHN1bi5jb20uYXUmcmNhdHM9Jm1zdGU9d3d3LmhlcmFsZHN1bi5jb20uYXUmbWZsZD0yJm1zc2k9Jm1mc2k9JnVob3c9MTEwJmFnc2E9JnJnej0yMDE1JnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPSZzdnBpZD1wdWItOTE3MjcwMDU4NzE3NTMzMiZkaWQ9JnJjeHQ9T3RoZXImbGF0PS0zMy45MTAwMDAmbG9uPTE1MS4yMDAwMDAmdG1wYz0yMi43NSZkYWlkPSZ2cD0wJm9zaT0mb3N2PSZiZmZpPTQxJm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2xCZFhOMGNtRnNhV0VTTDA1bGR5QlRiM1YwYUNCWFlXeGxjeUF0SUZONVpHNWxlU0F0SUVOcGRIa2dRVzVrSUVsdWJtVnlJRk52ZFhSb0dnQWlERUpsWVdOdmJuTm1hV1ZzWkRnQlVBRjRBSUFCQUlnQkFaQUJBYkFCQUxvQkJBZ01HQVEuJmR1cj1DamdLSG1Ob1lYSm5aUzFoYkd4SGNtRndaWE5vYjNSQ2NtRnVaRk5oWm1WMGVTSVdDUGJfX19fX19fX19fd0VTQ1dkeVlYQmxjMmh2ZEFwRUNpbGphR0Z5WjJVdFlXeHNSR2x6Y0d4aGVWWnBaWGRoWW1sc2FYUjVRbWxrUVdScWRYTjBiV1Z1ZENJWENKcl9fX19fX19fX193RVNDbkV0WVd4c2FXRnVZMlVLTUFvTVkyaGhjbWRsTFdGc2JDMHhJaUFJX19fX19fX19fX19fQVJJVGRIUmtYMlJoZEdGZlpYaGpiSFZ6YVc5dWN3cElDaUZqYUdGeVoyVXRZV3hzVFc5aGRGWnBaWGRoWW1sc2FYUjVWSEpoWTJ0cGJtY2lJd2lsX19fX19fX19fXzhCRWc1dGIyRjBMWEpsY0c5eWRHbHVaeW9HQ0tDTkJoZ00mY3JyZWxyPSZmcGE9Mjk2JnBjbT0zJnNhaWQ9SGJqYTRWTmhYeExqSUl5NVJJYzJ0USUzRCUzRCZhdWN0PTEmaW09MSZtYz0zM2JhOWE1YS1lOTg4LTQ3ZmYtODZmZi0zMTkxNzExMTg5YTImdGFpbD0xJnN2PWdvb2dsZSZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=pub-9172700587175332&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=0&ii=3&bd=www.heraldsun.com.au&zMoatOrigSlicer1=www.heraldsun.com.au&zMoatOrigSlicer2=N%2FA&gw=thetradedeskv275874568748&fd=1&it=500&ti=0&ih=2&pe=0%3A1134%3A1134%3A0%3A0&jk=-1&jm=-1&fs=201243&na=1710159834&cs=0
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 03:09:47 GMT
/
insight.adsrvr.org/enduser/pie/ Frame F7C9 		807 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/pie/?pie=20&vet=0&rtb=dD0xJmlpZD1lYzdhMWE2ZC0yOTE4LTRlMTQtYjA3Ni02MzI0OTA2OTI4N2YmY3JpZD11MTh6aTNraCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNWQyMGZmOCZwdWlkPUNBRVNFUDVIM2hnSUFCbm9kb05jcXJvWk5QMCZwaWQ9OWE3aTA1YyZhZz1yZDF3Z245JmFkdj1zenUya2t0JmJwPTIuMTU5MTUyMTMxODAyODcmY2Y9NDIwNzAxMyZmcT0wJnRkX3M9d3d3LmhlcmFsZHN1bi5jb20uYXUmcmNhdHM9Jm1zdGU9d3d3LmhlcmFsZHN1bi5jb20uYXUmbWZsZD0yJm1zc2k9Jm1mc2k9JnVob3c9MTEwJmFnc2E9JnJnej0yMDE1JnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPSZzdnBpZD1wdWItOTE3MjcwMDU4NzE3NTMzMiZkaWQ9JnJjeHQ9T3RoZXImbGF0PS0zMy45MTAwMDAmbG9uPTE1MS4yMDAwMDAmdG1wYz0yMi43NSZkYWlkPSZ2cD0wJm9zaT0mb3N2PSZiZmZpPTQxJm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2xCZFhOMGNtRnNhV0VTTDA1bGR5QlRiM1YwYUNCWFlXeGxjeUF0SUZONVpHNWxlU0F0SUVOcGRIa2dRVzVrSUVsdWJtVnlJRk52ZFhSb0dnQWlERUpsWVdOdmJuTm1hV1ZzWkRnQlVBRjRBSUFCQUlnQkFaQUJBYkFCQUxvQkJBZ01HQVEuJmR1cj1DamdLSG1Ob1lYSm5aUzFoYkd4SGNtRndaWE5vYjNSQ2NtRnVaRk5oWm1WMGVTSVdDUGJfX19fX19fX19fd0VTQ1dkeVlYQmxjMmh2ZEFwRUNpbGphR0Z5WjJVdFlXeHNSR2x6Y0d4aGVWWnBaWGRoWW1sc2FYUjVRbWxrUVdScWRYTjBiV1Z1ZENJWENKcl9fX19fX19fX193RVNDbkV0WVd4c2FXRnVZMlVLTUFvTVkyaGhjbWRsTFdGc2JDMHhJaUFJX19fX19fX19fX19fQVJJVGRIUmtYMlJoZEdGZlpYaGpiSFZ6YVc5dWN3cElDaUZqYUdGeVoyVXRZV3hzVFc5aGRGWnBaWGRoWW1sc2FYUjVWSEpoWTJ0cGJtY2lJd2lsX19fX19fX19fXzhCRWc1dGIyRjBMWEpsY0c5eWRHbHVaeW9HQ0tDTkJoZ00mY3JyZWxyPSZmcGE9Mjk2JnBjbT0zJnNhaWQ9SGJqYTRWTmhYeExqSUl5NVJJYzJ0USUzRCUzRCZhdWN0PTEmaW09MSZtYz0zM2JhOWE1YS1lOTg4LTQ3ZmYtODZmZi0zMTkxNzExMTg5YTImdGFpbD0xJnN2PWdvb2dsZSZ0YWlsPTE.
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:47 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E2A6 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
25371
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 20:06:57 GMT
etag
48472445140208031
expires
Thu, 15 Dec 2022 20:06:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F7C9 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a6a8741402081a0481dd9ca52d005627203d868f9b21b3650c71d2b839ad0b6

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
/
insight.adsrvr.org/enduser/moat/ Frame F7C9 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/moat/?e=60&o=dD0xJmlpZD1lYzdhMWE2ZC0yOTE4LTRlMTQtYjA3Ni02MzI0OTA2OTI4N2YmY3JpZD11MTh6aTNraCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNWQyMGZmOCZwdWlkPUNBRVNFUDVIM2hnSUFCbm9kb05jcXJvWk5QMCZwaWQ9OWE3aTA1YyZhZz1yZDF3Z245JmFkdj1zenUya2t0JmJwPTIuMTU5MTUyMTMxODAyODcmY2Y9NDIwNzAxMyZmcT0wJnRkX3M9d3d3LmhlcmFsZHN1bi5jb20uYXUmcmNhdHM9Jm1zdGU9d3d3LmhlcmFsZHN1bi5jb20uYXUmbWZsZD0yJm1zc2k9Jm1mc2k9JnVob3c9MTEwJmFnc2E9JnJnej0yMDE1JnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPSZzdnBpZD1wdWItOTE3MjcwMDU4NzE3NTMzMiZkaWQ9JnJjeHQ9T3RoZXImbGF0PS0zMy45MTAwMDAmbG9uPTE1MS4yMDAwMDAmdG1wYz0yMi43NSZkYWlkPSZ2cD0wJm9zaT0mb3N2PSZiZmZpPTQxJm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2xCZFhOMGNtRnNhV0VTTDA1bGR5QlRiM1YwYUNCWFlXeGxjeUF0SUZONVpHNWxlU0F0SUVOcGRIa2dRVzVrSUVsdWJtVnlJRk52ZFhSb0dnQWlERUpsWVdOdmJuTm1hV1ZzWkRnQlVBRjRBSUFCQUlnQkFaQUJBYkFCQUxvQkJBZ01HQVEuJmR1cj1DamdLSG1Ob1lYSm5aUzFoYkd4SGNtRndaWE5vYjNSQ2NtRnVaRk5oWm1WMGVTSVdDUGJfX19fX19fX19fd0VTQ1dkeVlYQmxjMmh2ZEFwRUNpbGphR0Z5WjJVdFlXeHNSR2x6Y0d4aGVWWnBaWGRoWW1sc2FYUjVRbWxrUVdScWRYTjBiV1Z1ZENJWENKcl9fX19fX19fX193RVNDbkV0WVd4c2FXRnVZMlVLTUFvTVkyaGhjbWRsTFdGc2JDMHhJaUFJX19fX19fX19fX19fQVJJVGRIUmtYMlJoZEdGZlpYaGpiSFZ6YVc5dWN3cElDaUZqYUdGeVoyVXRZV3hzVFc5aGRGWnBaWGRoWW1sc2FYUjVWSEpoWTJ0cGJtY2lJd2lsX19fX19fX19fXzhCRWc1dGIyRjBMWEpsY0c5eWRHbHVaeW9HQ0tDTkJoZ00mY3JyZWxyPSZmcGE9Mjk2JnBjbT0zJnNhaWQ9SGJqYTRWTmhYeExqSUl5NVJJYzJ0USUzRCUzRCZhdWN0PTEmaW09MSZtYz0zM2JhOWE1YS1lOTg4LTQ3ZmYtODZmZi0zMTkxNzExMTg5YTImdGFpbD0xJnN2PWdvb2dsZSZ0YWlsPTE.
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:47 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
log
play.google.com/ Frame C5FD 		131 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 03:09:48 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 03:09:48 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 03:09:48 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame C5FD 		131 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 03:09:48 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 03:09:48 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 03:09:48 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame C5FD 		131 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 03:09:48 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 03:09:48 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 03:09:48 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame C5FD 		131 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 03:09:48 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 03:09:48 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 03:09:48 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L... Frame C5FD 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71F2Ap3hCO5aPqzf9cEl2BJ7hlqA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
2b6a59cd150d86a347f70844bc75b8caa0fba4d62156efce7e94df8d8e41fc9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:47:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7322
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 23:55:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 17:47:55 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 7C34 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.210.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-210-105.lax50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:51:30 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 0931eacdfabebfd9816e3573b4bf15b4.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX50-C1
age
1171099
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
5-e3kNiUppkr2YcFZwFl950qUOuxYE6MR6RvIhRt2uJMgenIk2W3Jw==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=728x90|1&pubId=36557831&chanId=171638111&placementId=6111071016&pubCreative=138405557671&pubOrder=3082546051&cb=525558173&custom=homepage&custom3=168400391&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:48e79998-46b2-aa66-c18c-ff7543aa6492,c:wPAGKB,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-744bf54998-qlrhr,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:595,mot:0,app:0,maw:0,fm:tq3djmH+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b1%7C1c1%7C1d1%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1j13%7C1k%7C1l1%7C1m1%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s%7C1t,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:622,oid:ee2501aa-7c25-11ed-b205-06aad4d67614,v:19.8.374,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:48 GMT
server
nginx
x-server-name
app03.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=48e79998-46b2-aa66-c18c-ff7543aa6492&tv=%7Bc:wPAGKW,pingTime:0,time:643,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:644,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:621,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~100%5D,as:%5B45~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq3djmH+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b1%7C1c1%7C1d1%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1j13%7C1k%7C1l1%7C1m1%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:623%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.77.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-77-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:48 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=48e79998-46b2-aa66-c18c-ff7543aa6492&tv=%7Bc:wPAGLf,pingTime:-2,time:662,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:846,beZ:847,mfA:1441,cmA:1442,inA:1442,inZ:1447,prA:1447,prZ:1460,si:1468,poA:1468,poZ:1484,cmZ:1484,mfZ:1484,loA:1499,loZ:1502,ltA:1507,ltZ:1507,mdA:848,mdZ:1386%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:662,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:621,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B63~100%5D,as:%5B63~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq3djmH+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b1%7C1c1%7C1d1%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1j13%7C1k%7C1l1%7C1m1%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s%7C1t,idMap:1a*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:623,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1%5D,sinceFw:38,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.77.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-77-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:48 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=48e79998-46b2-aa66-c18c-ff7543aa6492&tv=%7Bc:wPAGLL,time:694,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:694,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:621,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B95~100%5D,as:%5B95~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq3djmH+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b1%7C1c1%7C1d1%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1j13%7C1k%7C1l1%7C1m1%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:623%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.77.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-77-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:48 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
px.moatads.com/ Frame F7C9 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fad.adsrvr.org%2F9a7i05c%2Fszu2kkt%2Fu18zi3kh_300x250.jpg%3Fcb%3D840391&i=TRADEDESKV3&ol=1807671245&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VnfZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=0&ii=3&cm=4&f=1&j=https%3A%2F%2Fwww.heraldsun.com.au&lp=https%3A%2F%2Fwww.heraldsun.com.au&t=1671073787642&de=63668153242&cu=1671073787642&m=87&ar=67fa5e2a4e8-clean&iw=2711444&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A1134%3A1134%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=60&cd=0&ah=60&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=9a7i05c%3Aszu2kkt%3Aon4yymv%3Ard1wgn9&bd=www.heraldsun.com.au&gw=thetradedeskv275874568748&zMoatOrigSlicer1=www.heraldsun.com.au&zMoatOrigSlicer2=N%2FA&zMoatDomain=heraldsun.com.au&zMoatSubdomain=heraldsun.com.au&zMoatJS=3%3A-&zMoatCachebuster=297155&zMoatCreative=u18zi3kh&zMoatDealID=-&zMoatImpressionId=ec7a1a6d-2918-4e14-b076-63249069287f&zMoatPartnerID=9a7i05c&zMoatSite=www.heraldsun.com.au&zMoatSupplyVendor=google&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD1lYzdhMWE2ZC0yOTE4LTRlMTQtYjA3Ni02MzI0OTA2OTI4N2YmY3JpZD11MTh6aTNraCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNWQyMGZmOCZwdWlkPUNBRVNFUDVIM2hnSUFCbm9kb05jcXJvWk5QMCZwaWQ9OWE3aTA1YyZhZz1yZDF3Z245JmFkdj1zenUya2t0JmJwPTIuMTU5MTUyMTMxODAyODcmY2Y9NDIwNzAxMyZmcT0wJnRkX3M9d3d3LmhlcmFsZHN1bi5jb20uYXUmcmNhdHM9Jm1zdGU9d3d3LmhlcmFsZHN1bi5jb20uYXUmbWZsZD0yJm1zc2k9Jm1mc2k9JnVob3c9MTEwJmFnc2E9JnJnej0yMDE1JnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPSZzdnBpZD1wdWItOTE3MjcwMDU4NzE3NTMzMiZkaWQ9JnJjeHQ9T3RoZXImbGF0PS0zMy45MTAwMDAmbG9uPTE1MS4yMDAwMDAmdG1wYz0yMi43NSZkYWlkPSZ2cD0wJm9zaT0mb3N2PSZiZmZpPTQxJm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2xCZFhOMGNtRnNhV0VTTDA1bGR5QlRiM1YwYUNCWFlXeGxjeUF0SUZONVpHNWxlU0F0SUVOcGRIa2dRVzVrSUVsdWJtVnlJRk52ZFhSb0dnQWlERUpsWVdOdmJuTm1hV1ZzWkRnQlVBRjRBSUFCQUlnQkFaQUJBYkFCQUxvQkJBZ01HQVEuJmR1cj1DamdLSG1Ob1lYSm5aUzFoYkd4SGNtRndaWE5vYjNSQ2NtRnVaRk5oWm1WMGVTSVdDUGJfX19fX19fX19fd0VTQ1dkeVlYQmxjMmh2ZEFwRUNpbGphR0Z5WjJVdFlXeHNSR2x6Y0d4aGVWWnBaWGRoWW1sc2FYUjVRbWxrUVdScWRYTjBiV1Z1ZENJWENKcl9fX19fX19fX193RVNDbkV0WVd4c2FXRnVZMlVLTUFvTVkyaGhjbWRsTFdGc2JDMHhJaUFJX19fX19fX19fX19fQVJJVGRIUmtYMlJoZEdGZlpYaGpiSFZ6YVc5dWN3cElDaUZqYUdGeVoyVXRZV3hzVFc5aGRGWnBaWGRoWW1sc2FYUjVWSEpoWTJ0cGJtY2lJd2lsX19fX19fX19fXzhCRWc1dGIyRjBMWEpsY0c5eWRHbHVaeW9HQ0tDTkJoZ00mY3JyZWxyPSZmcGE9Mjk2JnBjbT0zJnNhaWQ9SGJqYTRWTmhYeExqSUl5NVJJYzJ0USUzRCUzRCZhdWN0PTEmaW09MSZtYz0zM2JhOWE1YS1lOTg4LTQ3ZmYtODZmZi0zMTkxNzExMTg5YTImdGFpbD0xJnN2PWdvb2dsZSZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=pub-9172700587175332&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&ti=0&ih=2&jk=-1&jm=1&tc=0&fs=201243&na=522440444&cs=0
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 03:09:48 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame C575 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.210.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-210-105.lax50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:51:30 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 0931eacdfabebfd9816e3573b4bf15b4.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX50-C1
age
1171099
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
3_7oCrs3SjPMuj70vjRhZ_iEvmbnwJGkCI56EJfuaWfB_DIKSBplJA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=728x90|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138347631275&pubOrder=2553375348&cb=1800766216&custom=homepage&custom3=168400391&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:d8b5e618-03ec-b919-b43e-f5b34d3d6291,c:wPAGN8,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-744bf54998-mzcbh,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:436.4028.728.90,am:i,cc:436.4028.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:755,mot:0,app:0,maw:0,fm:tq3djmV+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1c1%7C1d*.10507%7C1d1%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1j13%7C1k%7C1l1%7C1m1%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s%7C1t,idMap:1d*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:766,oid:ee252842-7c25-11ed-ae44-fa917aaa81b3,v:19.8.374,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:48 GMT
server
nginx
x-server-name
app04.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=d8b5e618-03ec-b919-b43e-f5b34d3d6291&tv=%7Bc:wPAGNv,pingTime:-2,time:788,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:616,beZ:617,mfA:1371,cmA:1372,inA:1372,inZ:1373,prA:1373,prZ:1378,si:1381,poA:1382,poZ:1391,cmZ:1391,mfZ:1391,loA:1397,loZ:1398,ltA:1404,ltZ:1404,mdA:617,mdZ:1365%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:765%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:788,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:765,wc:0.0.1600.1200,ac:436.4028.728.90,am:i,cc:436.4028.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq3djmV+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1c1%7C1d*.10507%7C1d1%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1j13%7C1k%7C1l1%7C1m1%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s%7C1t,idMap:1d*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:766,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-728x90-2,newscorpau_ads-168%5D,sinceFw:22,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.77.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-77-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:48 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
m=RqjULd
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L... Frame C5FD 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71F2Ap3hCO5aPqzf9cEl2BJ7hlqA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
eb5f4383f425774d9d1870b942fce87d7cb799dc5116385ad8b1bf2098cb6a1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:47:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33713
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4053
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 23:55:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 17:47:55 GMT
log
play.google.com/ Frame C5FD 		131 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 03:09:48 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 03:09:48 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=d8b5e618-03ec-b919-b43e-f5b34d3d6291&tv=%7Bc:wPAGO7,time:826,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:826,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:765,wc:0.0.1600.1200,ac:436.4028.728.90,am:i,cc:436.4028.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B70~0%5D,as:%5B70~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq3djmV+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1c1%7C1d*.10507%7C1d1%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1j13%7C1k%7C1l1%7C1m1%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s%7C1t,idMap:1d*,rmeas:1,rend:1,renddet:IMG.qs,siq:766%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.77.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-77-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:48 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 87C9 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.210.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-210-105.lax50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:51:30 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 0931eacdfabebfd9816e3573b4bf15b4.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX50-C1
age
1171099
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
4s3DLnGSbuTlDaMBeCR_TqG0OO4_JPXg3p16FyQMWrg98PoythHXCw==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138347631278&pubOrder=2553375348&cb=1607437252&custom=homepage&custom3=168400391&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:ade9cd64-9b50-15c9-512a-eb6772000bab,c:wPAGPa,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-744bf54998-ddxtj,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1124.10308.300.250,am:i,cc:1124.10308.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:747,mot:0,app:0,maw:0,fm:tq3djp6+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1c*.10507%7C1c1%7C1d1%7C1d2%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1j13%7C1k%7C1l1%7C1m1%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s%7C1t,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:757,oid:ee25281b-7c25-11ed-87e4-f60932d05173,v:19.8.374,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:48 GMT
server
nginx
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ade9cd64-9b50-15c9-512a-eb6772000bab&tv=%7Bc:wPAGPz,pingTime:-2,time:781,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:717,beZ:719,mfA:1464,cmA:1465,inA:1465,inZ:1466,prA:1466,prZ:1471,si:1474,poA:1475,poZ:1484,cmZ:1484,mfZ:1484,loA:1494,loZ:1495,ltA:1498,ltZ:1498,mdA:719,mdZ:1446%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:756%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:781,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:756,wc:0.0.1600.1200,ac:1124.10308.300.250,am:i,cc:1124.10308.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq3djp6+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1c*.10507%7C1c1%7C1d1%7C1d2%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1j13%7C1k%7C1l1%7C1m1%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s%7C1t,idMap:1c*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:757,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_2,google_ads_iframe_/5129/ndm.hwt/home_2__container__,ad-block-300x250-2,newscorpau_ads-19,group_3_col-22%5D,sinceFw:24,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.77.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-77-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:48 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
get
choices.trustarc.com/ Frame F7C9 		0
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ade9cd64-9b50-15c9-512a-eb6772000bab&tv=%7Bc:wPAGQe,time:822,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:822,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:756,wc:0.0.1600.1200,ac:1124.10308.300.250,am:i,cc:1124.10308.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B74~0%5D,as:%5B74~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq3djp6+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1c*.10507%7C1c1%7C1d1%7C1d2%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1j13%7C1k%7C1l1%7C1m1%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s%7C1t,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:757%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.77.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-77-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:48 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel
cm.g.doubleclick.net/ Frame E2A6
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEAFNOmKGNDofKOweG9eYTR8&google_cver=1&google_push=AavPq0MBb1UA4wC-BII4v1Oldt-jfaPEFpPTKRbK92q9ZLE25WhlcEY4spjPIDXa-Tbd02pNfjKPOOJW53...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEAFNOmKGNDofKOweG9eYTR8&google_cver=1&google_push=AavPq0MBb1UA4wC-BII4v1Oldt-jfaPEFpPTKRbK92q9ZLE25WhlcEY4spjPIDXa-Tbd02pNfjKPOOJW53...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AavPq0MBb1UA4wC-BII4v1Oldt-jfaPEFpPTKRbK92q9ZLE25WhlcEY4spjPIDXa-Tbd02pNfjKPOOJW538uknK-eAxBfhaRPrPMTA&google_hm=MDcwMzAwMDFfNjM5Y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AavPq0MBb1UA4wC-BII4v1Oldt-jfaPEFpPTKRbK92q9ZLE25WhlcEY4spjPIDXa-Tbd02pNfjKPOOJW538uknK-eAxBfhaRPrPMTA&google_hm=MDcwMzAwMDFfNjM5YThmZmFkY2FmNw%3D%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 15 Dec 2022 03:09:49 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AavPq0MBb1UA4wC-BII4v1Oldt-jfaPEFpPTKRbK92q9ZLE25WhlcEY4spjPIDXa-Tbd02pNfjKPOOJW538uknK-eAxBfhaRPrPMTA&google_hm=MDcwMzAwMDFfNjM5YThmZmFkY2FmNw%3D%3D
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
pixel
cm.g.doubleclick.net/ Frame E2A6
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEBnEVBfB36vb0evWi_7noB0&google_cver=1&google_push=AavPq0Nz57ioj3eedluoSdQyQCOAvXIg-t2JYh1ayE1WIo7qPTIMamLLm0nqPBxmKRTkbabSq66i7Fvy-OABMwhkdEHTrta_LuV40g
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AavPq0Nz57ioj3eedluoSdQyQCOAvXIg-t2JYh1ayE1WIo7qPTIMamLLm0nqPBxmKRTkbabSq66i7Fvy-OABMwhkdEHTrta_LuV40g&google_hm=NTF4MzluMDBuQkRBWTAwO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AavPq0Nz57ioj3eedluoSdQyQCOAvXIg-t2JYh1ayE1WIo7qPTIMamLLm0nqPBxmKRTkbabSq66i7Fvy-OABMwhkdEHTrta_LuV40g&google_hm=NTF4MzluMDBuQkRBWTAwOG1yZEY
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Thu, 15 Dec 2022 03:09:49 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AavPq0Nz57ioj3eedluoSdQyQCOAvXIg-t2JYh1ayE1WIo7qPTIMamLLm0nqPBxmKRTkbabSq66i7Fvy-OABMwhkdEHTrta_LuV40g&google_hm=NTF4MzluMDBuQkRBWTAwOG1yZEY
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pixel
cm.g.doubleclick.net/ Frame E2A6
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMYYhI9dbUqCvpGYlxcPlgM&google_cver=1&google_push=AavPq0N1dvhlvdtV1ObCOLoIUmBVqgSFLV_tCgNfGmpGe9eOFNDK5QLsd8a_w-lEKJbO0CQxeN6dyW5M_0tD...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0N1dvhlvdtV1ObCOLoIUmBVqgSFLV_tCgNfGmpGe9eOFNDK5QLsd8a_w-lEKJbO0CQxeN6dyW5M_0tDuta7sudrqaBX0P2qUQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0N1dvhlvdtV1ObCOLoIUmBVqgSFLV_tCgNfGmpGe9eOFNDK5QLsd8a_w-lEKJbO0CQxeN6dyW5M_0tDuta7sudrqaBX0P2qUQ
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0N1dvhlvdtV1ObCOLoIUmBVqgSFLV_tCgNfGmpGe9eOFNDK5QLsd8a_w-lEKJbO0CQxeN6dyW5M_0tDuta7sudrqaBX0P2qUQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame E2A6 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEEB05jNi_voXCX9ko9FQSvE&google_cver=1&google_push=AavPq0MOEwcWxePa3nTjGCQEThHXy06xm8Ct-rwWTYdNLk1yMmO6I4rLBEs--sdPch8wEVlCJUjRAYmM9YUvBr3VHWZMKS0sxe-LOA
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 03:09:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E2A6
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEL_Nr1TgyE52yf99gr2o2NY&google_cver=1&google_push=AavPq0OzQJr37NYqpx_FfHkb_4L7RQq7inVFELg0cyGPsaihMasEjdlQz...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AavPq0OzQJr37NYqpx_FfHkb_4L7RQq7inVFELg0cyGPsaihMasEjdlQzihQPcb4TZYzlJagshNY-Uyna0lTofXN-EdQyUwPeu9ihBA&google_hm=QlMuMDkzOS1jYWV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AavPq0OzQJr37NYqpx_FfHkb_4L7RQq7inVFELg0cyGPsaihMasEjdlQzihQPcb4TZYzlJagshNY-Uyna0lTofXN-EdQyUwPeu9ihBA&google_hm=QlMuMDkzOS1jYWVhLTRiYzgtODAwMA==
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AavPq0OzQJr37NYqpx_FfHkb_4L7RQq7inVFELg0cyGPsaihMasEjdlQzihQPcb4TZYzlJagshNY-Uyna0lTofXN-EdQyUwPeu9ihBA&google_hm=QlMuMDkzOS1jYWVhLTRiYzgtODAwMA==
Date
Thu, 15 Dec 2022 03:09:49 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
/
onetag-sys.com/match/ Frame E2A6
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMYYhI9dbUqCvpGYlxcPlgM&google_cver=1&google_push=AavPq0NGAVALYwmyh5nprP_8nGTZqrym2o8uYp4OfUTnBB1FaUn1-73Zb5FGDDNnRUzSpzHIQdorq5S6-GP...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NGAVALYwmyh5nprP_8nGTZqrym2o8uYp4OfUTnBB1FaUn1-73Zb5FGDDNnRUzSpzHIQdorq5S6-GPouMK1AP0pSWAFwIDeMzQ
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E2A6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEN-5P5c-IJy7PLva4Kgw95w&google_cver=1&google_push=AavPq0O_c8tQFh-cpXVM9LczLXXheARBxulFF5HvB9iVYoqqXxxVZ6lHnveOdAB8czgGNw7iP_gv6...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEN-5P5c-IJy7PLva4Kgw95w&google_push=AavPq0O_c8tQFh-cpXVM9LczLXXheARBxulFF5HvB9iVYoqqXxxVZ6lHnveOdAB8czgGNw7iP_gv6...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0O_c8tQFh-cpXVM9LczLXXheARBxulFF5HvB9iVYoqqXxxVZ6lHnveOdAB8czgGNw7iP_gv6ppcbD4GJoCJCBjyEx8FCjKig3A&google_hm=NVV1c0FzanVBa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0O_c8tQFh-cpXVM9LczLXXheARBxulFF5HvB9iVYoqqXxxVZ6lHnveOdAB8czgGNw7iP_gv6ppcbD4GJoCJCBjyEx8FCjKig3A&google_hm=NVV1c0FzanVBam0wLWhoLU9VUnQ=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:48 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0O_c8tQFh-cpXVM9LczLXXheARBxulFF5HvB9iVYoqqXxxVZ6lHnveOdAB8czgGNw7iP_gv6ppcbD4GJoCJCBjyEx8FCjKig3A&google_hm=NVV1c0FzanVBam0wLWhoLU9VUnQ=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
243
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E2A6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6-nXPwURPolrvU6E-3HGx2JKFMYKZsRYLxKeUEZ-HRtWbHG5EgNS5TSauhH2iweNRETWPbWJ0
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,Z5uLle,xQtZb,QIhFr,hc6Ubd,SpsfSb,MdUzUe,zbML3c
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L... Frame C5FD 		137 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,RqjULd,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71F2Ap3hCO5aPqzf9cEl2BJ7hlqA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,Z5uLle,xQtZb,QIhFr,hc6Ubd,SpsfSb,MdUzUe,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
598e6fdbdcea0672e5b866da5737a51487f88b7f360c901cf48cbed1c3f6caee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:47:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33713
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44105
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 23:55:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 17:47:55 GMT
async_usersync
ib.adnxs.com/ Frame 3DC6 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:09:48 GMT
AN-X-Request-Uuid
6d524d9e-53de-435e-a3d4-3f98d926272c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
px.moatads.com/ Frame F7C9 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRADEDESKV3&ol=1807671245&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VnfZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=0&ii=3&cm=4&f=1&j=https%3A%2F%2Fwww.heraldsun.com.au&lp=https%3A%2F%2Fwww.heraldsun.com.au&t=1671073787642&de=63668153242&cu=1671073787642&m=214&ar=67fa5e2a4e8-clean&iw=2711444&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lh=37&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1134%3A1134%3A0%3A2330&aa=0&ad=68&cn=0&gk=68&gl=0&ik=68&ic=68&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=60&cd=60&ah=60&am=60&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=9a7i05c%3Aszu2kkt%3Aon4yymv%3Ard1wgn9&bd=www.heraldsun.com.au&gw=thetradedeskv275874568748&zMoatOrigSlicer1=www.heraldsun.com.au&zMoatOrigSlicer2=N%2FA&zMoatDomain=heraldsun.com.au&zMoatSubdomain=heraldsun.com.au&zMoatJS=3%3A-&zMoatCachebuster=297155&zMoatCreative=u18zi3kh&zMoatDealID=-&zMoatImpressionId=ec7a1a6d-2918-4e14-b076-63249069287f&zMoatPartnerID=9a7i05c&zMoatSite=www.heraldsun.com.au&zMoatSupplyVendor=google&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD1lYzdhMWE2ZC0yOTE4LTRlMTQtYjA3Ni02MzI0OTA2OTI4N2YmY3JpZD11MTh6aTNraCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNWQyMGZmOCZwdWlkPUNBRVNFUDVIM2hnSUFCbm9kb05jcXJvWk5QMCZwaWQ9OWE3aTA1YyZhZz1yZDF3Z245JmFkdj1zenUya2t0JmJwPTIuMTU5MTUyMTMxODAyODcmY2Y9NDIwNzAxMyZmcT0wJnRkX3M9d3d3LmhlcmFsZHN1bi5jb20uYXUmcmNhdHM9Jm1zdGU9d3d3LmhlcmFsZHN1bi5jb20uYXUmbWZsZD0yJm1zc2k9Jm1mc2k9JnVob3c9MTEwJmFnc2E9JnJnej0yMDE1JnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPSZzdnBpZD1wdWItOTE3MjcwMDU4NzE3NTMzMiZkaWQ9JnJjeHQ9T3RoZXImbGF0PS0zMy45MTAwMDAmbG9uPTE1MS4yMDAwMDAmdG1wYz0yMi43NSZkYWlkPSZ2cD0wJm9zaT0mb3N2PSZiZmZpPTQxJm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2xCZFhOMGNtRnNhV0VTTDA1bGR5QlRiM1YwYUNCWFlXeGxjeUF0SUZONVpHNWxlU0F0SUVOcGRIa2dRVzVrSUVsdWJtVnlJRk52ZFhSb0dnQWlERUpsWVdOdmJuTm1hV1ZzWkRnQlVBRjRBSUFCQUlnQkFaQUJBYkFCQUxvQkJBZ01HQVEuJmR1cj1DamdLSG1Ob1lYSm5aUzFoYkd4SGNtRndaWE5vYjNSQ2NtRnVaRk5oWm1WMGVTSVdDUGJfX19fX19fX19fd0VTQ1dkeVlYQmxjMmh2ZEFwRUNpbGphR0Z5WjJVdFlXeHNSR2x6Y0d4aGVWWnBaWGRoWW1sc2FYUjVRbWxrUVdScWRYTjBiV1Z1ZENJWENKcl9fX19fX19fX193RVNDbkV0WVd4c2FXRnVZMlVLTUFvTVkyaGhjbWRsTFdGc2JDMHhJaUFJX19fX19fX19fX19fQVJJVGRIUmtYMlJoZEdGZlpYaGpiSFZ6YVc5dWN3cElDaUZqYUdGeVoyVXRZV3hzVFc5aGRGWnBaWGRoWW1sc2FYUjVWSEpoWTJ0cGJtY2lJd2lsX19fX19fX19fXzhCRWc1dGIyRjBMWEpsY0c5eWRHbHVaeW9HQ0tDTkJoZ00mY3JyZWxyPSZmcGE9Mjk2JnBjbT0zJnNhaWQ9SGJqYTRWTmhYeExqSUl5NVJJYzJ0USUzRCUzRCZhdWN0PTEmaW09MSZtYz0zM2JhOWE1YS1lOTg4LTQ3ZmYtODZmZi0zMTkxNzExMTg5YTImdGFpbD0xJnN2PWdvb2dsZSZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=pub-9172700587175332&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=1&tc=0&fs=201243&na=2153995&cs=0
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 03:09:48 GMT
get
choices.trustarc.com/ Frame E13B 		287 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=on4yymv_rd1wgn9_u18zi3kh&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-56.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
public
date
Thu, 01 Dec 2022 13:19:25 GMT
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-P2
age
1173023
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
R7gyU6crNdEsNxB62ka6-GXRLtvIrlLt_GtmTTlU3adwdjS12yqK6Q==
expires
Sat, 31 Dec 2022 13:19:25 GMT
get
choices.trustarc.com/ Frame E13B 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
URL: https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-56.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
public
date
Wed, 16 Nov 2022 06:32:56 GMT
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-P2
age
2493412
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
7E70NTpsC9F5nv6MxUPjmj7heudcsEUUv0jsIkfXQSa-tByBEX5hfA==
expires
Fri, 16 Dec 2022 06:32:56 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 5DCE 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=48e79998-46b2-aa66-c18c-ff7543aa6492&tv=%7Bc:wPAGVY,pingTime:-10,time:1327,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS45OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671073788610%7C%7C978342327e9adfecedad705977bc07cb%7C%7C0de43d4db49fea79bddae584752a1e87%7C%7Cf362207700b4782c3969d3948da91d81%7C%7Cacef0f966fa4b771886a6fdade0b0467%7C%7Ceb2ccd0a05a1e262c5ab7cdae516cde4%7C%7C07a3c18a01ee8558ab90016456f21016%7C%7Cfb772fb2c31652733815f5f508f0f1ee%7C%7C1663701684%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.77.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-77-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:48 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ade9cd64-9b50-15c9-512a-eb6772000bab&tv=%7Bc:wPAGXJ,pingTime:-10,time:1287,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS45OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671073788610%7C%7C978342327e9adfecedad705977bc07cb%7C%7C0de43d4db49fea79bddae584752a1e87%7C%7Cf362207700b4782c3969d3948da91d81%7C%7Cacef0f966fa4b771886a6fdade0b0467%7C%7Ceb2ccd0a05a1e262c5ab7cdae516cde4%7C%7C07a3c18a01ee8558ab90016456f21016%7C%7Cfb772fb2c31652733815f5f508f0f1ee%7C%7C1663701684,sca:%7Bspg:48e79998-46b2-aa66-c18c-ff7543aa6492%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.77.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-77-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:48 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame F7C9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2c6XGz6Tj1pZfnZFIzqdwIia3ihucx4vb5irJzTxdYa5Zbd8bwjudtb68J6KgMQB7G90RXnxzWKCW26xqDuHAja8&sig=Cg0ArKJSzEGlFaywWu_BEAE&cid=CAASFeRozjXxZl5DUFIvEJiYh-8NYKIBtg&id=lidar2&mcvt=1000&p=462,1123,712,1423&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1263259910&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671073785505&rpt=2277&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame F7C9 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRADEDESKV3&ol=1807671245&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VnfZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=0&ii=3&cm=4&f=1&j=https%3A%2F%2Fwww.heraldsun.com.au&lp=https%3A%2F%2Fwww.heraldsun.com.au&t=1671073787642&de=63668153242&cu=1671073787642&m=1246&ar=67fa5e2a4e8-clean&iw=2711444&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=629&lg=1&lh=37&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1134%3A1134%3A3118%3A2330&aa=1&ad=1100&cn=68&gn=1&gk=1100&gl=68&ik=1100&ic=1100&ez=1&co=1100&cp=1027&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1027&cd=60&ah=1027&am=60&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=9a7i05c%3Aszu2kkt%3Aon4yymv%3Ard1wgn9&bd=www.heraldsun.com.au&gw=thetradedeskv275874568748&zMoatOrigSlicer1=www.heraldsun.com.au&zMoatOrigSlicer2=N%2FA&zMoatDomain=heraldsun.com.au&zMoatSubdomain=heraldsun.com.au&zMoatJS=3%3A-&zMoatCachebuster=297155&zMoatCreative=u18zi3kh&zMoatDealID=-&zMoatImpressionId=ec7a1a6d-2918-4e14-b076-63249069287f&zMoatPartnerID=9a7i05c&zMoatSite=www.heraldsun.com.au&zMoatSupplyVendor=google&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD1lYzdhMWE2ZC0yOTE4LTRlMTQtYjA3Ni02MzI0OTA2OTI4N2YmY3JpZD11MTh6aTNraCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNWQyMGZmOCZwdWlkPUNBRVNFUDVIM2hnSUFCbm9kb05jcXJvWk5QMCZwaWQ9OWE3aTA1YyZhZz1yZDF3Z245JmFkdj1zenUya2t0JmJwPTIuMTU5MTUyMTMxODAyODcmY2Y9NDIwNzAxMyZmcT0wJnRkX3M9d3d3LmhlcmFsZHN1bi5jb20uYXUmcmNhdHM9Jm1zdGU9d3d3LmhlcmFsZHN1bi5jb20uYXUmbWZsZD0yJm1zc2k9Jm1mc2k9JnVob3c9MTEwJmFnc2E9JnJnej0yMDE1JnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPSZzdnBpZD1wdWItOTE3MjcwMDU4NzE3NTMzMiZkaWQ9JnJjeHQ9T3RoZXImbGF0PS0zMy45MTAwMDAmbG9uPTE1MS4yMDAwMDAmdG1wYz0yMi43NSZkYWlkPSZ2cD0wJm9zaT0mb3N2PSZiZmZpPTQxJm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2xCZFhOMGNtRnNhV0VTTDA1bGR5QlRiM1YwYUNCWFlXeGxjeUF0SUZONVpHNWxlU0F0SUVOcGRIa2dRVzVrSUVsdWJtVnlJRk52ZFhSb0dnQWlERUpsWVdOdmJuTm1hV1ZzWkRnQlVBRjRBSUFCQUlnQkFaQUJBYkFCQUxvQkJBZ01HQVEuJmR1cj1DamdLSG1Ob1lYSm5aUzFoYkd4SGNtRndaWE5vYjNSQ2NtRnVaRk5oWm1WMGVTSVdDUGJfX19fX19fX19fd0VTQ1dkeVlYQmxjMmh2ZEFwRUNpbGphR0Z5WjJVdFlXeHNSR2x6Y0d4aGVWWnBaWGRoWW1sc2FYUjVRbWxrUVdScWRYTjBiV1Z1ZENJWENKcl9fX19fX19fX193RVNDbkV0WVd4c2FXRnVZMlVLTUFvTVkyaGhjbWRsTFdGc2JDMHhJaUFJX19fX19fX19fX19fQVJJVGRIUmtYMlJoZEdGZlpYaGpiSFZ6YVc5dWN3cElDaUZqYUdGeVoyVXRZV3hzVFc5aGRGWnBaWGRoWW1sc2FYUjVWSEpoWTJ0cGJtY2lJd2lsX19fX19fX19fXzhCRWc1dGIyRjBMWEpsY0c5eWRHbHVaeW9HQ0tDTkJoZ00mY3JyZWxyPSZmcGE9Mjk2JnBjbT0zJnNhaWQ9SGJqYTRWTmhYeExqSUl5NVJJYzJ0USUzRCUzRCZhdWN0PTEmaW09MSZtYz0zM2JhOWE1YS1lOTg4LTQ3ZmYtODZmZi0zMTkxNzExMTg5YTImdGFpbD0xJnN2PWdvb2dsZSZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=pub-9172700587175332&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=2&tc=0&fs=201243&na=600901127&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 03:09:48 GMT
/
insight.adsrvr.org/enduser/pie/ Frame F7C9 		807 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/pie/?pie=20&vet=1&rtb=dD0xJmlpZD1lYzdhMWE2ZC0yOTE4LTRlMTQtYjA3Ni02MzI0OTA2OTI4N2YmY3JpZD11MTh6aTNraCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNWQyMGZmOCZwdWlkPUNBRVNFUDVIM2hnSUFCbm9kb05jcXJvWk5QMCZwaWQ9OWE3aTA1YyZhZz1yZDF3Z245JmFkdj1zenUya2t0JmJwPTIuMTU5MTUyMTMxODAyODcmY2Y9NDIwNzAxMyZmcT0wJnRkX3M9d3d3LmhlcmFsZHN1bi5jb20uYXUmcmNhdHM9Jm1zdGU9d3d3LmhlcmFsZHN1bi5jb20uYXUmbWZsZD0yJm1zc2k9Jm1mc2k9JnVob3c9MTEwJmFnc2E9JnJnej0yMDE1JnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPSZzdnBpZD1wdWItOTE3MjcwMDU4NzE3NTMzMiZkaWQ9JnJjeHQ9T3RoZXImbGF0PS0zMy45MTAwMDAmbG9uPTE1MS4yMDAwMDAmdG1wYz0yMi43NSZkYWlkPSZ2cD0wJm9zaT0mb3N2PSZiZmZpPTQxJm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2xCZFhOMGNtRnNhV0VTTDA1bGR5QlRiM1YwYUNCWFlXeGxjeUF0SUZONVpHNWxlU0F0SUVOcGRIa2dRVzVrSUVsdWJtVnlJRk52ZFhSb0dnQWlERUpsWVdOdmJuTm1hV1ZzWkRnQlVBRjRBSUFCQUlnQkFaQUJBYkFCQUxvQkJBZ01HQVEuJmR1cj1DamdLSG1Ob1lYSm5aUzFoYkd4SGNtRndaWE5vYjNSQ2NtRnVaRk5oWm1WMGVTSVdDUGJfX19fX19fX19fd0VTQ1dkeVlYQmxjMmh2ZEFwRUNpbGphR0Z5WjJVdFlXeHNSR2x6Y0d4aGVWWnBaWGRoWW1sc2FYUjVRbWxrUVdScWRYTjBiV1Z1ZENJWENKcl9fX19fX19fX193RVNDbkV0WVd4c2FXRnVZMlVLTUFvTVkyaGhjbWRsTFdGc2JDMHhJaUFJX19fX19fX19fX19fQVJJVGRIUmtYMlJoZEdGZlpYaGpiSFZ6YVc5dWN3cElDaUZqYUdGeVoyVXRZV3hzVFc5aGRGWnBaWGRoWW1sc2FYUjVWSEpoWTJ0cGJtY2lJd2lsX19fX19fX19fXzhCRWc1dGIyRjBMWEpsY0c5eWRHbHVaeW9HQ0tDTkJoZ00mY3JyZWxyPSZmcGE9Mjk2JnBjbT0zJnNhaWQ9SGJqYTRWTmhYeExqSUl5NVJJYzJ0USUzRCUzRCZhdWN0PTEmaW09MSZtYz0zM2JhOWE1YS1lOTg4LTQ3ZmYtODZmZi0zMTkxNzExMTg5YTImdGFpbD0xJnN2PWdvb2dsZSZ0YWlsPTE.
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:48 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
perf
sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
382 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/perf?route=HK%3ASG%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:49 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=48e79998-46b2-aa66-c18c-ff7543aa6492&tv=%7Bc:wPAH16,pingTime:1,time:1645,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1645,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:621,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1046~100%5D,as:%5B1046~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:763,fm:tq3djmH+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b1%7C1c.10507%7C1c1%7C1d.10507%7C1d1%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1j13%7C1k%7C1l1%7C1m1%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:623,sis:847%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.77.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-77-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:49 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=48e79998-46b2-aa66-c18c-ff7543aa6492&tv=%7Bc:wPAH16,pingTime:1,time:1645,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1645,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:621,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1046~100%5D,as:%5B1046~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:763,fm:tq3djmH+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b1%7C1c.10507%7C1c1%7C1d.10507%7C1d1%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1j13%7C1k%7C1l1%7C1m1%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:623,sis:847%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.77.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-77-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:49 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=48e79998-46b2-aa66-c18c-ff7543aa6492&tv=%7Bc:wPAH17,pingTime:1,time:1646,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1646,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:621,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1047~100%5D,as:%5B1047~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:763,fm:tq3djmH+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b1%7C1c.10507%7C1c1%7C1d.10507%7C1d1%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1j13%7C1k%7C1l1%7C1m1%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:623,sis:847,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.77.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-77-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:49 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=48e79998-46b2-aa66-c18c-ff7543aa6492&tv=%7Bc:wPAH17,pingTime:1,time:1646,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1646,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:621,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1047~100%5D,as:%5B1047~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:763,fm:tq3djmH+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b1%7C1c.10507%7C1c1%7C1d.10507%7C1d1%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1j13%7C1k%7C1l1%7C1m1%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:623,sis:847,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.77.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-77-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:49 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=d8b5e618-03ec-b919-b43e-f5b34d3d6291&tv=%7Bc:wPAH1P,pingTime:-10,time:1676,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS45OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671073788610%7C%7C978342327e9adfecedad705977bc07cb%7C%7C0de43d4db49fea79bddae584752a1e87%7C%7Cf362207700b4782c3969d3948da91d81%7C%7Cacef0f966fa4b771886a6fdade0b0467%7C%7Ceb2ccd0a05a1e262c5ab7cdae516cde4%7C%7C07a3c18a01ee8558ab90016456f21016%7C%7Cfb772fb2c31652733815f5f508f0f1ee%7C%7C1663701684,sca:%7Bspg:48e79998-46b2-aa66-c18c-ff7543aa6492%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.77.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-77-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:49 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
px.moatads.com/ Frame F7C9 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRADEDESKV3&ol=1807671245&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VnfZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=0&ii=3&cm=4&f=1&j=https%3A%2F%2Fwww.heraldsun.com.au&lp=https%3A%2F%2Fwww.heraldsun.com.au&t=1671073787642&de=63668153242&cu=1671073787642&m=1247&ar=67fa5e2a4e8-clean&iw=2711444&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=629&lg=1&lh=37&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1134%3A1134%3A3118%3A2330&aa=1&ad=1100&cn=1100&gn=1&gk=1100&gl=1100&ik=1100&ic=1100&ez=1&co=1100&cp=1027&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1027&cd=1027&ah=1027&am=1027&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=9a7i05c%3Aszu2kkt%3Aon4yymv%3Ard1wgn9&bd=www.heraldsun.com.au&gw=thetradedeskv275874568748&zMoatOrigSlicer1=www.heraldsun.com.au&zMoatOrigSlicer2=N%2FA&zMoatDomain=heraldsun.com.au&zMoatSubdomain=heraldsun.com.au&zMoatJS=3%3A-&zMoatCachebuster=297155&zMoatCreative=u18zi3kh&zMoatDealID=-&zMoatImpressionId=ec7a1a6d-2918-4e14-b076-63249069287f&zMoatPartnerID=9a7i05c&zMoatSite=www.heraldsun.com.au&zMoatSupplyVendor=google&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD1lYzdhMWE2ZC0yOTE4LTRlMTQtYjA3Ni02MzI0OTA2OTI4N2YmY3JpZD11MTh6aTNraCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNWQyMGZmOCZwdWlkPUNBRVNFUDVIM2hnSUFCbm9kb05jcXJvWk5QMCZwaWQ9OWE3aTA1YyZhZz1yZDF3Z245JmFkdj1zenUya2t0JmJwPTIuMTU5MTUyMTMxODAyODcmY2Y9NDIwNzAxMyZmcT0wJnRkX3M9d3d3LmhlcmFsZHN1bi5jb20uYXUmcmNhdHM9Jm1zdGU9d3d3LmhlcmFsZHN1bi5jb20uYXUmbWZsZD0yJm1zc2k9Jm1mc2k9JnVob3c9MTEwJmFnc2E9JnJnej0yMDE1JnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPSZzdnBpZD1wdWItOTE3MjcwMDU4NzE3NTMzMiZkaWQ9JnJjeHQ9T3RoZXImbGF0PS0zMy45MTAwMDAmbG9uPTE1MS4yMDAwMDAmdG1wYz0yMi43NSZkYWlkPSZ2cD0wJm9zaT0mb3N2PSZiZmZpPTQxJm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2xCZFhOMGNtRnNhV0VTTDA1bGR5QlRiM1YwYUNCWFlXeGxjeUF0SUZONVpHNWxlU0F0SUVOcGRIa2dRVzVrSUVsdWJtVnlJRk52ZFhSb0dnQWlERUpsWVdOdmJuTm1hV1ZzWkRnQlVBRjRBSUFCQUlnQkFaQUJBYkFCQUxvQkJBZ01HQVEuJmR1cj1DamdLSG1Ob1lYSm5aUzFoYkd4SGNtRndaWE5vYjNSQ2NtRnVaRk5oWm1WMGVTSVdDUGJfX19fX19fX19fd0VTQ1dkeVlYQmxjMmh2ZEFwRUNpbGphR0Z5WjJVdFlXeHNSR2x6Y0d4aGVWWnBaWGRoWW1sc2FYUjVRbWxrUVdScWRYTjBiV1Z1ZENJWENKcl9fX19fX19fX193RVNDbkV0WVd4c2FXRnVZMlVLTUFvTVkyaGhjbWRsTFdGc2JDMHhJaUFJX19fX19fX19fX19fQVJJVGRIUmtYMlJoZEdGZlpYaGpiSFZ6YVc5dWN3cElDaUZqYUdGeVoyVXRZV3hzVFc5aGRGWnBaWGRoWW1sc2FYUjVWSEpoWTJ0cGJtY2lJd2lsX19fX19fX19fXzhCRWc1dGIyRjBMWEpsY0c5eWRHbHVaeW9HQ0tDTkJoZ00mY3JyZWxyPSZmcGE9Mjk2JnBjbT0zJnNhaWQ9SGJqYTRWTmhYeExqSUl5NVJJYzJ0USUzRCUzRCZhdWN0PTEmaW09MSZtYz0zM2JhOWE1YS1lOTg4LTQ3ZmYtODZmZi0zMTkxNzExMTg5YTImdGFpbD0xJnN2PWdvb2dsZSZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=pub-9172700587175332&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=2&tc=0&fs=201243&na=189415667&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 03:09:49 GMT
pixel.gif
px.moatads.com/ Frame F7C9 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRADEDESKV3&ol=1807671245&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VnfZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=0&ii=3&cm=4&f=1&j=https%3A%2F%2Fwww.heraldsun.com.au&lp=https%3A%2F%2Fwww.heraldsun.com.au&t=1671073787642&de=63668153242&cu=1671073787642&m=1248&ar=67fa5e2a4e8-clean&iw=2711444&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=629&lg=1&lh=37&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1134%3A1134%3A3118%3A2330&aa=1&ad=1100&cn=1100&gn=1&gk=1100&gl=1100&ik=1100&ic=1100&ez=1&co=1100&cp=1027&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1027&cd=1027&ah=1027&am=1027&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=9a7i05c%3Aszu2kkt%3Aon4yymv%3Ard1wgn9&bd=www.heraldsun.com.au&gw=thetradedeskv275874568748&zMoatOrigSlicer1=www.heraldsun.com.au&zMoatOrigSlicer2=N%2FA&zMoatDomain=heraldsun.com.au&zMoatSubdomain=heraldsun.com.au&zMoatJS=3%3A-&zMoatCachebuster=297155&zMoatCreative=u18zi3kh&zMoatDealID=-&zMoatImpressionId=ec7a1a6d-2918-4e14-b076-63249069287f&zMoatPartnerID=9a7i05c&zMoatSite=www.heraldsun.com.au&zMoatSupplyVendor=google&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD1lYzdhMWE2ZC0yOTE4LTRlMTQtYjA3Ni02MzI0OTA2OTI4N2YmY3JpZD11MTh6aTNraCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNWQyMGZmOCZwdWlkPUNBRVNFUDVIM2hnSUFCbm9kb05jcXJvWk5QMCZwaWQ9OWE3aTA1YyZhZz1yZDF3Z245JmFkdj1zenUya2t0JmJwPTIuMTU5MTUyMTMxODAyODcmY2Y9NDIwNzAxMyZmcT0wJnRkX3M9d3d3LmhlcmFsZHN1bi5jb20uYXUmcmNhdHM9Jm1zdGU9d3d3LmhlcmFsZHN1bi5jb20uYXUmbWZsZD0yJm1zc2k9Jm1mc2k9JnVob3c9MTEwJmFnc2E9JnJnej0yMDE1JnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPSZzdnBpZD1wdWItOTE3MjcwMDU4NzE3NTMzMiZkaWQ9JnJjeHQ9T3RoZXImbGF0PS0zMy45MTAwMDAmbG9uPTE1MS4yMDAwMDAmdG1wYz0yMi43NSZkYWlkPSZ2cD0wJm9zaT0mb3N2PSZiZmZpPTQxJm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2xCZFhOMGNtRnNhV0VTTDA1bGR5QlRiM1YwYUNCWFlXeGxjeUF0SUZONVpHNWxlU0F0SUVOcGRIa2dRVzVrSUVsdWJtVnlJRk52ZFhSb0dnQWlERUpsWVdOdmJuTm1hV1ZzWkRnQlVBRjRBSUFCQUlnQkFaQUJBYkFCQUxvQkJBZ01HQVEuJmR1cj1DamdLSG1Ob1lYSm5aUzFoYkd4SGNtRndaWE5vYjNSQ2NtRnVaRk5oWm1WMGVTSVdDUGJfX19fX19fX19fd0VTQ1dkeVlYQmxjMmh2ZEFwRUNpbGphR0Z5WjJVdFlXeHNSR2x6Y0d4aGVWWnBaWGRoWW1sc2FYUjVRbWxrUVdScWRYTjBiV1Z1ZENJWENKcl9fX19fX19fX193RVNDbkV0WVd4c2FXRnVZMlVLTUFvTVkyaGhjbWRsTFdGc2JDMHhJaUFJX19fX19fX19fX19fQVJJVGRIUmtYMlJoZEdGZlpYaGpiSFZ6YVc5dWN3cElDaUZqYUdGeVoyVXRZV3hzVFc5aGRGWnBaWGRoWW1sc2FYUjVWSEpoWTJ0cGJtY2lJd2lsX19fX19fX19fXzhCRWc1dGIyRjBMWEpsY0c5eWRHbHVaeW9HQ0tDTkJoZ00mY3JyZWxyPSZmcGE9Mjk2JnBjbT0zJnNhaWQ9SGJqYTRWTmhYeExqSUl5NVJJYzJ0USUzRCUzRCZhdWN0PTEmaW09MSZtYz0zM2JhOWE1YS1lOTg4LTQ3ZmYtODZmZi0zMTkxNzExMTg5YTImdGFpbD0xJnN2PWdvb2dsZSZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=pub-9172700587175332&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=2&tc=0&fs=201243&na=867093996&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 03:09:49 GMT
generic1667795052595.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		488 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1667795052595.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84745e85a96d262b5058cbbc464e4aadc0d6d236c8a842f41a38183f26262912
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
jCGTQi4_RFbdnA8OewUtWZX0YOSF.4hd
content-encoding
gzip
via
1.1 varnish
date
Thu, 15 Dec 2022 03:09:50 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
FXZ1RF8RBE8ZAY78
x-cache
HIT
content-length
87773
x-amz-id-2
+bdNMokYQM7Z5lM99eQR8hNT6ycg17weoWj1Z0nSQfq3CnP+x/2zLqG/PGgU9+rGtl9gXIdGPNs=
x-served-by
cache-syd10145-SYD
last-modified
Mon, 07 Nov 2022 04:24:13 GMT
server
AmazonS3
x-timer
S1671073790.187272,VS0,VE0
etag
"dc42a6bc14439dd64332b6ca8f523136"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
454687
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
72c47e4ae419dc20b6542b6867a309bf67aae467efcdf67ca8cc19bc4f692992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10989
x-xss-protection
0
syncframe
gum.criteo.com/ Frame D569 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:09:49 GMT
server
Kestrel
server-processing-duration-in-ticks
965465
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 9903 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65527893&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4d88116e98897c38a320d85c485b9a29855c170fed2fde9585cff3ea5b7a2d6c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 03:09:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ecb30c434e336ed2f6c630566c28f69b
content.api.news/v3/images/bin/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ecb30c434e336ed2f6c630566c28f69b?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
bf64ad094e8e22f7ab25e14f742f77c820ce94e92df25f66b9d3536be324d5f0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:50 GMT
last-modified
Thu, 15 Dec 2022 01:59:41 GMT
server
Akamai Image Manager
etag
87c8e7197dd384a06f12e9abc57a484d-ecb30c434e336ed2f6c630566c28f69b-320
edge-cache-tag
ecb30c434e336ed2f6c630566c28f69b
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5179813
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
7809
expires
Mon, 13 Feb 2023 02:00:03 GMT
b1c53ab10a873ab949446ba89ea00172
content.api.news/v3/images/bin/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b1c53ab10a873ab949446ba89ea00172?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
5cfc7ff45e6c0030f629b9e0efb2d9f8a624b34b59da4b0534396ba8f4f21f39

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:50 GMT
last-modified
Thu, 15 Dec 2022 02:20:42 GMT
server
Akamai Image Manager
etag
17c216d9001a1b874c3b779e2c68e8e7-b1c53ab10a873ab949446ba89ea00172-320
edge-cache-tag
b1c53ab10a873ab949446ba89ea00172
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5181150
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
19117
expires
Mon, 13 Feb 2023 02:22:20 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:09:50 GMT
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuOTggU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIkhlcmFsZCBTdW4gfCBCcmVha2luZyBOZXdzIGFuZCBIZWFkbGluZXMgZnJvbSBNZWxib3VybmUgYW5kIFZpY3RvcmlhIHwgSGVyYWxkIFN1biIsInBhZ2VfdXJsIjogImh0dHBzOi8vd3d3LmhlcmFsZHN1bi5jb20uYXUvIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NzEwNzM3OTA0MTMiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NTEzYzI3OWMyYmNlLTA5YzdmNzIyY2I3MDMyLTFiM2IzYTc1LTFkNGMwMC0xODUxM2MyNzljM2ZkNCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC1zeWQxIiwiYWNjb3VudElkIjogMTMyMjIyLCJ1cmwiOiAiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS8iLCJ3ZWJzaXRlSWQiOiAxMzIyMjQsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjMzYjAtOTdiOC1kMDBkLWEwN2YtNWNkZS0xOTgzLTgwMzItMGExNiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjcxMDczNzkwNDA5Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDM2MTMsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQ4LjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQ4LjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NzEwNzM3OTA0MTMsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-mtmc
date
Thu, 15 Dec 2022 03:09:50 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
df3c64d2cd220b246e2cac9e0ad52f90
content.api.news/v3/images/bin/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/df3c64d2cd220b246e2cac9e0ad52f90?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ced8f40659bf37ca569e6a55eb74fb618846d08867cc7589a45d6b24ce6ad25a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:50 GMT
x-check-cacheable
YES
edge-cache-tag
df3c64d2cd220b246e2cac9e0ad52f90
content-length
10522
last-modified
Wed, 14 Dec 2022 09:21:59 GMT
server
Akamai Image Manager
x-serial
1244
etag
be19b1f54dba690fea232cc9edc860c6-df3c64d2cd220b246e2cac9e0ad52f90-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5119864
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 12 Feb 2023 09:20:54 GMT
match
c1.adform.net/serving/cookie/ Frame D56D 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=2BB2C270-1275-4EE1-B10B-096D74BFC1C7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 15 Dec 2022 03:09:50 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame D20E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qP_QAAAkH1QwAo&gdpr=0&gdpr_consent=
1 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qP_QAAAkH1QwAo&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 03:09:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 15 Dec 2022 03:09:50 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qP_QAAAkH1QwAo&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-syd10172-SYD
x-timer
S1671073791.573539,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 4239
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2866451666043766535&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2866451666043766535&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:09:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
8a48132a-66a8-4cee-8259-7c91728d2ff6
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 03:09:50 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2866451666043766535&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1838
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6wqwedab3h
1 B
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6wqwedab3h
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 03:09:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Thu, 15 Dec 2022 03:09:53 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6wqwedab3h
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
1
Pug
image2.pubmatic.com/AdServer/ Frame 5201
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KJCJvCbF1rszk4XlJ5Kd6CbGh-8zkYXuKMJskrJn
42 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KJCJvCbF1rszk4XlJ5Kd6CbGh-8zkYXuKMJskrJn
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:09:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 15 Dec 2022 03:09:51 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KJCJvCbF1rszk4XlJ5Kd6CbGh-8zkYXuKMJskrJn
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 682C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:09:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:09:50 GMT
expires
Thu, 15 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1620339
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame CED5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wlQuUioJQix7laNARw8VX6310UA
42 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wlQuUioJQix7laNARw8VX6310UA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:09:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 03:09:51 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wlQuUioJQix7laNARw8VX6310UA
SPug
image4.pubmatic.com/AdServer/ Frame 9903
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=caa7639a-8ff9-4200-8b5b-209efb5c023f
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=caa7639a-8ff9-4200-8b5b-209efb5c023f
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 15 Dec 2022 03:09:50 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x3 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=caa7639a-8ff9-4200-8b5b-209efb5c023f
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 03:09:49 GMT
458249.gif
idsync.rlcdn.com/ Frame 9903
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=2BB2C270-1275-4EE1-B10B-096D74BFC1C7
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDJCQjJDMjcwLTEyNzUtNEVFMS1CMTBCLTA5NkQ3NEJGQzFDNxAAGg0I_p_qnAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=2e0417b5f123f614e9ea8036d681e61bcf5d7d6e6f971c0888c907ec9aff0ed7791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyZTA0MTdiNWYxMjNmNjE0ZTllYTgwMzZkNjgxZTYxYmNmNWQ3ZDZlNmY5NzFjMDg4OGM5MDdlYzlhZmYwZWQ3NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyZTA0MTdiNWYxMjNmNjE0ZTllYTgwMzZkNjgxZTYxYmNmNWQ3ZDZlNmY5NzFjMDg4OGM5MDdlYzlhZmYwZWQ3NzkxNDI2YjU0MTdkY2UyMRAAGgwI_5_qnAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=1106de63-b9b8-488e-a715-5eb00aafe1a0
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=1106de63-b9b8-488e-a715-5eb00aafe1a0
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:53 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=1106de63-b9b8-488e-a715-5eb00aafe1a0
date
Thu, 15 Dec 2022 03:09:52 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 9903
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2BB2C270-1275-4EE1-B10B-096D74BFC1C7&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HiKHPldE2uX7la24RyYdD_d4WyshCAU-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HiKHPldE2uX7la24RyYdD_d4WyshCAU-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HiKHPldE2uX7la24RyYdD_d4WyshCAU-~A&gdpr=0&gdpr_consent=
date
Thu, 15 Dec 2022 03:09:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 9903
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d13c19b7-0716-405b-af08-35d2ae2f9b21&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522730902714800831&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=1f37e46b-e5b2-40b6-b147-cbbc088b6407&ssp=pubmatic&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522730902714800831&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=207480804366001304235&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10522730902714800831&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d13c19b7-0716-405b-af08-35d2ae2f9b21&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d13c19b7-0716-405b-af08-35d2ae2f9b21&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 03:09:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d13c19b7-0716-405b-af08-35d2ae2f9b21&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Thu, 15 Dec 2022 03:09:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9903
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5719384269748548482
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5719384269748548482
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:09:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5719384269748548482
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 9903
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7596305536165464863&gdpr=0&gdpr_consent=&us_privacy=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7596305536165464863&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 03:09:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7596305536165464863&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:50 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
json
gum.criteo.com/sid/ Frame D569 		443 B
563 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=heraldsun.com.au&sn=ChromeSyncframe&so=0&topUrl=www.heraldsun.com.au&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
a042caa66ccb570b206c362aef8f8917fcd6a1c271ad29af0152ad00c7e75cf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
881404
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 34B1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
423492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 05:31:38 GMT
expires
Sun, 10 Dec 2023 05:31:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A64A 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
GSE /
Resource Hash
22a475851d6b425b419a22ce7935499b777fe9a44b3371fe92ab2a699b0b5918
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_TKZungfPesRXIVyqP_5Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-_TKZungfPesRXIVyqP_5Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:09:50 GMT
expires
Thu, 15 Dec 2022 03:09:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame A64A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=3292788586016607&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 34B1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 21:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 21:35:25 GMT
generate_204
tpc.googlesyndication.com/ Frame 34B1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FvU1Kg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=3292788586016607&bg=!w8ClwITNAAYgquz3AKo7ACkAdvg8WmognNExXRLHDX-veoFht0CgjqugB7riM3IYzy3OfAYeg45-fAIAAABbUgAAAARoAQcKAINrirIJ6I30N2JPCHYVR04NJ0_jVmdoRfrwGDcDLPXzCzGkmhHD4p4dFQiP7t7-f7STA2JZnwpNVW3EAhknbu0tk3I3gGHEXJK_O6e7obhVbmb-ZpnhYZa2_iBI_uZ43hrqVo45HcIkHxuDeq5BBQ4tSdeq6Q4M_qQyl62khNK5puk5NpkC5saHmVU68wy2Br-WdjlZgOX4Y7QsJONBG2xJZgueKB_f8jp00kHGTsZhJfCmHNcjZP8HzuaIHNiyoGBk2iqhIHDOL9T7Pasnu3RiV-RMc63W-rtOgldJh02bisxGlS-OKN71m3oe7zjBKMCbdJFfvBraLa-S2TRW9rGMQSFVU_agjDgg3ysdwZY5HdotWK60PNWr8b87Jyy7OBmt-8_Y7hwOCZnO8fcCoL6HWB5wt6XsyzOtaNf9ygF1g4GFQ6Q7t3CKjdX1IQiI1WLuATJsejDV_GF8c9jIvJNoqlENFdQEu_07VwGX41rtTlAgUYsLogc-qlGCzP14SssSkhnvpvqWnejVLQraFCKR8K1KsnBY548a_VGQobyqti_N_jR6bKH2LN94bg7WvV1zD641mtCSgAbpwbZfSUUEZSd2UL4p9Vd_RKlwpsg3_xhiqAxX5nj2k3KCp8oZJoe5tGgjAdddEDzaOfpSHAiymE-yKN9squZ3woGljFN-MXGJyaPt-C-h0PoR02IbnziRjyAgXoKOjYvGTre-xegbdBZGPuS4pIXdgnHg5YyuV8Bm0AWDs7RGRqBVlP1opZcMs_zzI_Lc20DfnzOhnfCQlbRNrCl8DobNLUTsnX0rWOoIe6-tXlAYsVzvNEUFfmcCfhmYYoWN6RDGjnndkzqC75fJGXMkfQJsaIOEFp2GZDbHNjr0I5RMRiiHhDV4JoQ0BxaR6DvUoc0DrwavlNxi2EXNB5cqGKD5_klxzE9zlDyO4BZmK75LpVVdxzw072hx7CGFYfwOWlOWR45jbHrR8ETNxFj436K-kdw2Iq0h_91S8LRlPbplfBtwPcoS2jEV9TpN8xO1ZUzEHTffg6S3_WUt_lUnTlPTqFIYIMBhGmLAMUNuVZge1Gn1PztYFuyH8M7ti3EXS26ONQJTzBs1CbnMnSQXqWYpmf7MfOt8tAf5dzV6JkiMJE6q8t6MSyM6RAjqmfTo-aMVTe0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame 9903 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel.gif
px.moatads.com/ Frame F7C9 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRADEDESKV3&ol=1807671245&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VnfZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=0&ii=3&cm=4&f=1&j=https%3A%2F%2Fwww.heraldsun.com.au&lp=https%3A%2F%2Fwww.heraldsun.com.au&t=1671073787642&de=63668153242&cu=1671073787642&m=5264&ar=67fa5e2a4e8-clean&iw=2711444&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=629&lg=1&lh=37&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1134%3A1134%3A3118%3A2330&aa=1&ad=5118&cn=1100&gn=1&gk=5118&gl=1100&ik=5118&ic=5118&ez=1&co=1100&cp=1027&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5044&cd=1027&ah=5044&am=1027&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=9a7i05c%3Aszu2kkt%3Aon4yymv%3Ard1wgn9&bd=www.heraldsun.com.au&gw=thetradedeskv275874568748&zMoatOrigSlicer1=www.heraldsun.com.au&zMoatOrigSlicer2=N%2FA&zMoatDomain=heraldsun.com.au&zMoatSubdomain=heraldsun.com.au&zMoatJS=3%3A-&zMoatCachebuster=297155&zMoatCreative=u18zi3kh&zMoatDealID=-&zMoatImpressionId=ec7a1a6d-2918-4e14-b076-63249069287f&zMoatPartnerID=9a7i05c&zMoatSite=www.heraldsun.com.au&zMoatSupplyVendor=google&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD1lYzdhMWE2ZC0yOTE4LTRlMTQtYjA3Ni02MzI0OTA2OTI4N2YmY3JpZD11MTh6aTNraCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNWQyMGZmOCZwdWlkPUNBRVNFUDVIM2hnSUFCbm9kb05jcXJvWk5QMCZwaWQ9OWE3aTA1YyZhZz1yZDF3Z245JmFkdj1zenUya2t0JmJwPTIuMTU5MTUyMTMxODAyODcmY2Y9NDIwNzAxMyZmcT0wJnRkX3M9d3d3LmhlcmFsZHN1bi5jb20uYXUmcmNhdHM9Jm1zdGU9d3d3LmhlcmFsZHN1bi5jb20uYXUmbWZsZD0yJm1zc2k9Jm1mc2k9JnVob3c9MTEwJmFnc2E9JnJnej0yMDE1JnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPSZzdnBpZD1wdWItOTE3MjcwMDU4NzE3NTMzMiZkaWQ9JnJjeHQ9T3RoZXImbGF0PS0zMy45MTAwMDAmbG9uPTE1MS4yMDAwMDAmdG1wYz0yMi43NSZkYWlkPSZ2cD0wJm9zaT0mb3N2PSZiZmZpPTQxJm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2xCZFhOMGNtRnNhV0VTTDA1bGR5QlRiM1YwYUNCWFlXeGxjeUF0SUZONVpHNWxlU0F0SUVOcGRIa2dRVzVrSUVsdWJtVnlJRk52ZFhSb0dnQWlERUpsWVdOdmJuTm1hV1ZzWkRnQlVBRjRBSUFCQUlnQkFaQUJBYkFCQUxvQkJBZ01HQVEuJmR1cj1DamdLSG1Ob1lYSm5aUzFoYkd4SGNtRndaWE5vYjNSQ2NtRnVaRk5oWm1WMGVTSVdDUGJfX19fX19fX19fd0VTQ1dkeVlYQmxjMmh2ZEFwRUNpbGphR0Z5WjJVdFlXeHNSR2x6Y0d4aGVWWnBaWGRoWW1sc2FYUjVRbWxrUVdScWRYTjBiV1Z1ZENJWENKcl9fX19fX19fX193RVNDbkV0WVd4c2FXRnVZMlVLTUFvTVkyaGhjbWRsTFdGc2JDMHhJaUFJX19fX19fX19fX19fQVJJVGRIUmtYMlJoZEdGZlpYaGpiSFZ6YVc5dWN3cElDaUZqYUdGeVoyVXRZV3hzVFc5aGRGWnBaWGRoWW1sc2FYUjVWSEpoWTJ0cGJtY2lJd2lsX19fX19fX19fXzhCRWc1dGIyRjBMWEpsY0c5eWRHbHVaeW9HQ0tDTkJoZ00mY3JyZWxyPSZmcGE9Mjk2JnBjbT0zJnNhaWQ9SGJqYTRWTmhYeExqSUl5NVJJYzJ0USUzRCUzRCZhdWN0PTEmaW09MSZtYz0zM2JhOWE1YS1lOTg4LTQ3ZmYtODZmZi0zMTkxNzExMTg5YTImdGFpbD0xJnN2PWdvb2dsZSZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=pub-9172700587175332&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=3&tc=0&fs=201243&na=1835869734&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:53 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 03:09:53 GMT
/
insight.adsrvr.org/enduser/moat/ Frame F7C9 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/moat/?e=61&o=dD0xJmlpZD1lYzdhMWE2ZC0yOTE4LTRlMTQtYjA3Ni02MzI0OTA2OTI4N2YmY3JpZD11MTh6aTNraCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNWQyMGZmOCZwdWlkPUNBRVNFUDVIM2hnSUFCbm9kb05jcXJvWk5QMCZwaWQ9OWE3aTA1YyZhZz1yZDF3Z245JmFkdj1zenUya2t0JmJwPTIuMTU5MTUyMTMxODAyODcmY2Y9NDIwNzAxMyZmcT0wJnRkX3M9d3d3LmhlcmFsZHN1bi5jb20uYXUmcmNhdHM9Jm1zdGU9d3d3LmhlcmFsZHN1bi5jb20uYXUmbWZsZD0yJm1zc2k9Jm1mc2k9JnVob3c9MTEwJmFnc2E9JnJnej0yMDE1JnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPSZzdnBpZD1wdWItOTE3MjcwMDU4NzE3NTMzMiZkaWQ9JnJjeHQ9T3RoZXImbGF0PS0zMy45MTAwMDAmbG9uPTE1MS4yMDAwMDAmdG1wYz0yMi43NSZkYWlkPSZ2cD0wJm9zaT0mb3N2PSZiZmZpPTQxJm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2xCZFhOMGNtRnNhV0VTTDA1bGR5QlRiM1YwYUNCWFlXeGxjeUF0SUZONVpHNWxlU0F0SUVOcGRIa2dRVzVrSUVsdWJtVnlJRk52ZFhSb0dnQWlERUpsWVdOdmJuTm1hV1ZzWkRnQlVBRjRBSUFCQUlnQkFaQUJBYkFCQUxvQkJBZ01HQVEuJmR1cj1DamdLSG1Ob1lYSm5aUzFoYkd4SGNtRndaWE5vYjNSQ2NtRnVaRk5oWm1WMGVTSVdDUGJfX19fX19fX19fd0VTQ1dkeVlYQmxjMmh2ZEFwRUNpbGphR0Z5WjJVdFlXeHNSR2x6Y0d4aGVWWnBaWGRoWW1sc2FYUjVRbWxrUVdScWRYTjBiV1Z1ZENJWENKcl9fX19fX19fX193RVNDbkV0WVd4c2FXRnVZMlVLTUFvTVkyaGhjbWRsTFdGc2JDMHhJaUFJX19fX19fX19fX19fQVJJVGRIUmtYMlJoZEdGZlpYaGpiSFZ6YVc5dWN3cElDaUZqYUdGeVoyVXRZV3hzVFc5aGRGWnBaWGRoWW1sc2FYUjVWSEpoWTJ0cGJtY2lJd2lsX19fX19fX19fXzhCRWc1dGIyRjBMWEpsY0c5eWRHbHVaeW9HQ0tDTkJoZ00mY3JyZWxyPSZmcGE9Mjk2JnBjbT0zJnNhaWQ9SGJqYTRWTmhYeExqSUl5NVJJYzJ0USUzRCUzRCZhdWN0PTEmaW09MSZtYz0zM2JhOWE1YS1lOTg4LTQ3ZmYtODZmZi0zMTkxNzExMTg5YTImdGFpbD0xJnN2PWdvb2dsZSZ0YWlsPTE.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:52 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=48e79998-46b2-aa66-c18c-ff7543aa6492&tv=%7Bc:wPAI3C,pingTime:5,time:5645,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5645,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:621,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5046~100%5D,as:%5B5046~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:274,fm:tq3djmH+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b1%7C1c.10507%7C1c1%7C1d.10507%7C1d1%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1j13%7C1k%7C1l1%7C1m1%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:623,sis:847%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.77.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-77-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:53 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=48e79998-46b2-aa66-c18c-ff7543aa6492&tv=%7Bc:wPAI3C,pingTime:5,time:5645,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5645,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:621,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5046~100%5D,as:%5B5046~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:274,fm:tq3djmH+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b1%7C1c.10507%7C1c1%7C1d.10507%7C1d1%7C1e%7C1f11%7C1f12%7C1f13%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1j13%7C1k%7C1l1%7C1m1%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:623,sis:847%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.77.207 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-77-207.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:09:53 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
px.moatads.com/ Frame F7C9 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRADEDESKV3&ol=1807671245&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VnfZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=0&ii=3&cm=4&f=1&j=https%3A%2F%2Fwww.heraldsun.com.au&lp=https%3A%2F%2Fwww.heraldsun.com.au&t=1671073787642&de=63668153242&cu=1671073787642&m=5465&ar=67fa5e2a4e8-clean&iw=2711444&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=629&lg=1&lh=37&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1134%3A1134%3A3118%3A2330&aa=1&ad=5320&cn=5118&gn=1&gk=5320&gl=5118&ik=5320&ic=5320&ez=1&co=1100&cp=1027&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5245&cd=5044&ah=5245&am=5044&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=9a7i05c%3Aszu2kkt%3Aon4yymv%3Ard1wgn9&bd=www.heraldsun.com.au&gw=thetradedeskv275874568748&zMoatOrigSlicer1=www.heraldsun.com.au&zMoatOrigSlicer2=N%2FA&zMoatDomain=heraldsun.com.au&zMoatSubdomain=heraldsun.com.au&zMoatJS=3%3A-&zMoatCachebuster=297155&zMoatCreative=u18zi3kh&zMoatDealID=-&zMoatImpressionId=ec7a1a6d-2918-4e14-b076-63249069287f&zMoatPartnerID=9a7i05c&zMoatSite=www.heraldsun.com.au&zMoatSupplyVendor=google&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD1lYzdhMWE2ZC0yOTE4LTRlMTQtYjA3Ni02MzI0OTA2OTI4N2YmY3JpZD11MTh6aTNraCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNWQyMGZmOCZwdWlkPUNBRVNFUDVIM2hnSUFCbm9kb05jcXJvWk5QMCZwaWQ9OWE3aTA1YyZhZz1yZDF3Z245JmFkdj1zenUya2t0JmJwPTIuMTU5MTUyMTMxODAyODcmY2Y9NDIwNzAxMyZmcT0wJnRkX3M9d3d3LmhlcmFsZHN1bi5jb20uYXUmcmNhdHM9Jm1zdGU9d3d3LmhlcmFsZHN1bi5jb20uYXUmbWZsZD0yJm1zc2k9Jm1mc2k9JnVob3c9MTEwJmFnc2E9JnJnej0yMDE1JnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPSZzdnBpZD1wdWItOTE3MjcwMDU4NzE3NTMzMiZkaWQ9JnJjeHQ9T3RoZXImbGF0PS0zMy45MTAwMDAmbG9uPTE1MS4yMDAwMDAmdG1wYz0yMi43NSZkYWlkPSZ2cD0wJm9zaT0mb3N2PSZiZmZpPTQxJm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2xCZFhOMGNtRnNhV0VTTDA1bGR5QlRiM1YwYUNCWFlXeGxjeUF0SUZONVpHNWxlU0F0SUVOcGRIa2dRVzVrSUVsdWJtVnlJRk52ZFhSb0dnQWlERUpsWVdOdmJuTm1hV1ZzWkRnQlVBRjRBSUFCQUlnQkFaQUJBYkFCQUxvQkJBZ01HQVEuJmR1cj1DamdLSG1Ob1lYSm5aUzFoYkd4SGNtRndaWE5vYjNSQ2NtRnVaRk5oWm1WMGVTSVdDUGJfX19fX19fX19fd0VTQ1dkeVlYQmxjMmh2ZEFwRUNpbGphR0Z5WjJVdFlXeHNSR2x6Y0d4aGVWWnBaWGRoWW1sc2FYUjVRbWxrUVdScWRYTjBiV1Z1ZENJWENKcl9fX19fX19fX193RVNDbkV0WVd4c2FXRnVZMlVLTUFvTVkyaGhjbWRsTFdGc2JDMHhJaUFJX19fX19fX19fX19fQVJJVGRIUmtYMlJoZEdGZlpYaGpiSFZ6YVc5dWN3cElDaUZqYUdGeVoyVXRZV3hzVFc5aGRGWnBaWGRoWW1sc2FYUjVWSEpoWTJ0cGJtY2lJd2lsX19fX19fX19fXzhCRWc1dGIyRjBMWEpsY0c5eWRHbHVaeW9HQ0tDTkJoZ00mY3JyZWxyPSZmcGE9Mjk2JnBjbT0zJnNhaWQ9SGJqYTRWTmhYeExqSUl5NVJJYzJ0USUzRCUzRCZhdWN0PTEmaW09MSZtYz0zM2JhOWE1YS1lOTg4LTQ3ZmYtODZmZi0zMTkxNzExMTg5YTImdGFpbD0xJnN2PWdvb2dsZSZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=pub-9172700587175332&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=4&tc=0&fs=201243&na=823693098&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:53 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 03:09:53 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=CFEnyECoayWaDgOZWx&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=11915&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2F&b=8679&t=B6Zl_6BmNVqZe9IWSRnKvnCakdYw&V=139&tz=0&_acct=anon&sn=2&sv=C23EYR1hKa-DTU836BbYvyhBGNp33&sd=1&im=062b0732&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.50.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-50-245.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:56 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
pixel.gif
px.moatads.com/ Frame F7C9 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fad.adsrvr.org%2F9a7i05c%2Fszu2kkt%2Fu18zi3kh_300x250.jpg%3Fcb%3D840391&i=TRADEDESKV3&ol=1807671245&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VnfZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=0&ii=3&cm=4&f=1&j=https%3A%2F%2Fwww.heraldsun.com.au%2F&lp=https%3A%2F%2Fwww.heraldsun.com.au&t=1671073787642&de=63668153242&cu=1671073787642&m=10279&ar=67fa5e2a4e8-clean&iw=2711444&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=629&lg=1&lh=37&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1134%3A1134%3A3118%3A2330&aa=1&ad=10134&cn=5320&gn=1&gk=10134&gl=5320&ik=10134&ic=10134&ez=1&co=1100&cp=1027&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10060&cd=5245&ah=10060&am=5245&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=9a7i05c%3Aszu2kkt%3Aon4yymv%3Ard1wgn9&bd=www.heraldsun.com.au&gw=thetradedeskv275874568748&zMoatOrigSlicer1=www.heraldsun.com.au&zMoatOrigSlicer2=N%2FA&zMoatDomain=heraldsun.com.au&zMoatSubdomain=heraldsun.com.au&zMoatJS=3%3A-&zMoatCachebuster=297155&zMoatCreative=u18zi3kh&zMoatDealID=-&zMoatImpressionId=ec7a1a6d-2918-4e14-b076-63249069287f&zMoatPartnerID=9a7i05c&zMoatSite=www.heraldsun.com.au&zMoatSupplyVendor=google&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD1lYzdhMWE2ZC0yOTE4LTRlMTQtYjA3Ni02MzI0OTA2OTI4N2YmY3JpZD11MTh6aTNraCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNWQyMGZmOCZwdWlkPUNBRVNFUDVIM2hnSUFCbm9kb05jcXJvWk5QMCZwaWQ9OWE3aTA1YyZhZz1yZDF3Z245JmFkdj1zenUya2t0JmJwPTIuMTU5MTUyMTMxODAyODcmY2Y9NDIwNzAxMyZmcT0wJnRkX3M9d3d3LmhlcmFsZHN1bi5jb20uYXUmcmNhdHM9Jm1zdGU9d3d3LmhlcmFsZHN1bi5jb20uYXUmbWZsZD0yJm1zc2k9Jm1mc2k9JnVob3c9MTEwJmFnc2E9JnJnej0yMDE1JnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPSZzdnBpZD1wdWItOTE3MjcwMDU4NzE3NTMzMiZkaWQ9JnJjeHQ9T3RoZXImbGF0PS0zMy45MTAwMDAmbG9uPTE1MS4yMDAwMDAmdG1wYz0yMi43NSZkYWlkPSZ2cD0wJm9zaT0mb3N2PSZiZmZpPTQxJm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2xCZFhOMGNtRnNhV0VTTDA1bGR5QlRiM1YwYUNCWFlXeGxjeUF0SUZONVpHNWxlU0F0SUVOcGRIa2dRVzVrSUVsdWJtVnlJRk52ZFhSb0dnQWlERUpsWVdOdmJuTm1hV1ZzWkRnQlVBRjRBSUFCQUlnQkFaQUJBYkFCQUxvQkJBZ01HQVEuJmR1cj1DamdLSG1Ob1lYSm5aUzFoYkd4SGNtRndaWE5vYjNSQ2NtRnVaRk5oWm1WMGVTSVdDUGJfX19fX19fX19fd0VTQ1dkeVlYQmxjMmh2ZEFwRUNpbGphR0Z5WjJVdFlXeHNSR2x6Y0d4aGVWWnBaWGRoWW1sc2FYUjVRbWxrUVdScWRYTjBiV1Z1ZENJWENKcl9fX19fX19fX193RVNDbkV0WVd4c2FXRnVZMlVLTUFvTVkyaGhjbWRsTFdGc2JDMHhJaUFJX19fX19fX19fX19fQVJJVGRIUmtYMlJoZEdGZlpYaGpiSFZ6YVc5dWN3cElDaUZqYUdGeVoyVXRZV3hzVFc5aGRGWnBaWGRoWW1sc2FYUjVWSEpoWTJ0cGJtY2lJd2lsX19fX19fX19fXzhCRWc1dGIyRjBMWEpsY0c5eWRHbHVaeW9HQ0tDTkJoZ00mY3JyZWxyPSZmcGE9Mjk2JnBjbT0zJnNhaWQ9SGJqYTRWTmhYeExqSUl5NVJJYzJ0USUzRCUzRCZhdWN0PTEmaW09MSZtYz0zM2JhOWE1YS1lOTg4LTQ3ZmYtODZmZi0zMTkxNzExMTg5YTImdGFpbD0xJnN2PWdvb2dsZSZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=pub-9172700587175332&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=4&tc=0&fs=201243&na=707975446&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 03:09:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 03:09:58 GMT
/
insight.adsrvr.org/enduser/moat/ Frame F7C9 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/moat/?e=62&o=dD0xJmlpZD1lYzdhMWE2ZC0yOTE4LTRlMTQtYjA3Ni02MzI0OTA2OTI4N2YmY3JpZD11MTh6aTNraCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNWQyMGZmOCZwdWlkPUNBRVNFUDVIM2hnSUFCbm9kb05jcXJvWk5QMCZwaWQ9OWE3aTA1YyZhZz1yZDF3Z245JmFkdj1zenUya2t0JmJwPTIuMTU5MTUyMTMxODAyODcmY2Y9NDIwNzAxMyZmcT0wJnRkX3M9d3d3LmhlcmFsZHN1bi5jb20uYXUmcmNhdHM9Jm1zdGU9d3d3LmhlcmFsZHN1bi5jb20uYXUmbWZsZD0yJm1zc2k9Jm1mc2k9JnVob3c9MTEwJmFnc2E9JnJnej0yMDE1JnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPSZzdnBpZD1wdWItOTE3MjcwMDU4NzE3NTMzMiZkaWQ9JnJjeHQ9T3RoZXImbGF0PS0zMy45MTAwMDAmbG9uPTE1MS4yMDAwMDAmdG1wYz0yMi43NSZkYWlkPSZ2cD0wJm9zaT0mb3N2PSZiZmZpPTQxJm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2xCZFhOMGNtRnNhV0VTTDA1bGR5QlRiM1YwYUNCWFlXeGxjeUF0SUZONVpHNWxlU0F0SUVOcGRIa2dRVzVrSUVsdWJtVnlJRk52ZFhSb0dnQWlERUpsWVdOdmJuTm1hV1ZzWkRnQlVBRjRBSUFCQUlnQkFaQUJBYkFCQUxvQkJBZ01HQVEuJmR1cj1DamdLSG1Ob1lYSm5aUzFoYkd4SGNtRndaWE5vYjNSQ2NtRnVaRk5oWm1WMGVTSVdDUGJfX19fX19fX19fd0VTQ1dkeVlYQmxjMmh2ZEFwRUNpbGphR0Z5WjJVdFlXeHNSR2x6Y0d4aGVWWnBaWGRoWW1sc2FYUjVRbWxrUVdScWRYTjBiV1Z1ZENJWENKcl9fX19fX19fX193RVNDbkV0WVd4c2FXRnVZMlVLTUFvTVkyaGhjbWRsTFdGc2JDMHhJaUFJX19fX19fX19fX19fQVJJVGRIUmtYMlJoZEdGZlpYaGpiSFZ6YVc5dWN3cElDaUZqYUdGeVoyVXRZV3hzVFc5aGRGWnBaWGRoWW1sc2FYUjVWSEpoWTJ0cGJtY2lJd2lsX19fX19fX19fXzhCRWc1dGIyRjBMWEpsY0c5eWRHbHVaeW9HQ0tDTkJoZ00mY3JyZWxyPSZmcGE9Mjk2JnBjbT0zJnNhaWQ9SGJqYTRWTmhYeExqSUl5NVJJYzJ0USUzRCUzRCZhdWN0PTEmaW09MSZtYz0zM2JhOWE1YS1lOTg4LTQ3ZmYtODZmZi0zMTkxNzExMTg5YTImdGFpbD0xJnN2PWdvb2dsZSZ0YWlsPTE.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:09:57 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/13/6e39d52e
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/tUl-ebg4aorK3/xmiFn1M/SJEre60/maEbcLXN9S5D/YhJzb2w0Ag/aTxwew/1-OwwC
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4b7087ce-36d8-4728-9219-3934a51d4acf-639a8fff-5553&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F826%2F0%2F8.gif%3Fpuid%3D4b7087ce-36d8-4728-9219-3934a51d4acf-639a8fff-5553%26gdpr%3D0%26gdpr_consent%3D
Domain
syd-1-apex.go.sonobi.com
URL
https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%229bb5c2a30b96e3%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%2210dd651272c264a%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%221133c3ccada4ed2%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%22125e9d335a2a82e%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=3acf19d1-2a20-4d58-ac7d-d4a8d7085fcf&pv=7d61ec64-0e71-48bc-af89-822b45c44ffa&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Domain
choices.trustarc.com
URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png

Verdicts & Comments Add Verdict or Comment

346 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| oncontentvisibilityautostatechange object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| _taboola object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr function| toggleShowMore object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter undefined| $ function| jQuery function| admiral object| googletag number| taboola_view_id function| loadjs boolean| isLoadedIndiesJs string| urhehlevkedkilrobacf function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg object| COMSCORE function| udm_ object| ns_p object| placementData object| __AMP_LOG object| __AMP_MODE function| AmpStoryPlayer string| nam object| lazySizes object| ads_api function| algoliasearch function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise function| 4dm1r11545242527 object| vidora function| vidoraTrackExtraElements object| vidoraHelper object| app object| auth object| indieApps object| vidora_ns object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| fetchGDPR function| _tealium_old_error boolean| __tealium_twc_switch object| nb undefined| rea_site_short string| site_short string| pathname string| loc object| theseAddresses object| notTheseAddresses object| nrm_sites object| sectionData number| _sf_endpt function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker object| m object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent object| KAMPYLE_EMBED number| interval function| setImmediate function| clearImmediate object| ID5 function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| brandmetrics function| __assign object| ggeac object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId function| __spreadArrays object| _brandmetrics boolean| apstagLOADED object| ads_core object| ads_extra string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig boolean| excludeKargo object| adUnits object| pbjs object| __iasPET object| kw_ignore object| npt object| atsenvelopemodule object| ats function| pbjsChunk object| _pbjsGlobals object| apsUnits object| nca_ipsos object| dm function| GeaLoader function| omrhp boolean| isAlloyConfigured undefined| google_measure_js_timing boolean| hasApsUnits object| ads_ready function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| Criteo object| ajax object| instance object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData string| s_tnt function| cookieWrite function| cookieRead string| g function| formatTime string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo object| s_i_newscorpau-hsweb_newscorpau-global object| diagPixSentCodes object| __iasAdRefreshConfig object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal boolean| DotMetricsInitScript object| DotMetricsSettings object| UrlCache object| SUBSCRIPTIONS object| SWG object| DotmetricsJSON object| CryptoJS object| DotMetricsObj undefined| oneTagObj function| ebDecode object| bsResponseObj object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| categoryData object| __IntegralASExec number| measureInterval object| tbopt object| GoogleGcLKhOms object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata object| google_image_requests

209 Cookies

Domain/Path Name / Value
.taboola.com/newscorpau-aud-heraldsun/ Name: taboola_session_id
Value: v2_c4a930d1cfb4a83e50562bf455e711c3_f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573_1671073779_1671073779_CIi3jgYQgPNHGK-diZ7RMCABKAEwEDiu_QZA8IUQSOaS1wNQlZoCWABgAGiQ8oHT17O4ql1wAQ
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: aa91b0105669b333242cb2dd528166b0
.heraldsun.com.au/ Name: nk
Value: aa91b0105669b333242cb2dd528166b0
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1671073775
cdn.taboola.com/ Name: abLdr
Value: 9
www.heraldsun.com.au/ Name: lux_uid
Value: 167107377880029487
www.heraldsun.com.au/ Name: _tb_sess_r
Value:
www.heraldsun.com.au/ Name: _tb_t_ppg
Value: https%3A//www.heraldsun.com.au/
.taboola.com/ Name: t_gid
Value: f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573
www.heraldsun.com.au/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Df46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573
.scorecardresearch.com/ Name: UID
Value: 10348c72bf26a823dae79a61671073779
www.heraldsun.com.au/ Name: AWSALB
Value: 1pWNh9yWXCOVzF0TXrfcdUGc29NWl1VJNROntRVVs3GBrtS5nRU4JhX0Ng4MCWyf6HBUeRv6MUkvFLOS9sdPh+1ox3zvPUJVjxRV/HRdcbQzjG++fIFMHSGL2y0p
.heraldsun.com.au/ Name: ak_bmsc
Value: F5D34FBD930DF64C34430FA8F805E7E6~000000000000000000000000000000~YAAQbkZYaFFio/eEAQAAMFLCExKJzBaBOa4ztJ4Xe89WR+sW4rYolY7a3olmT9GfdXcYHHoC7sj3ljth8pnoPtd7p7G4rJ8Wkoocl4iQgEGLF4Gb2V/r+jhlShJoS8LlOMx5mJwS9Wb/jGs3tDcsO86jL+sHY2BDo/3jHULWx2UQSZYmRcRtn9r4X7nwAEeNQZ2go1OGuVTvYy8861to8gu3JB9vjLqr4f8iy6N3Ya53FNTh2rUfm3R70ueBH1wL1F8etUBF3bG33QY9nvWFG2N7HJxepSRN8cxm32tlMiKncgxf2ofiAuckKvqBMlEk8Z4dl0KVS8WMc0jvcGx4kHpMVKN71HWvlDFx5qMvG8mQ13OgaGwt3ltzLCwouzyDRK8B0m/jkG1DGwX0Tvoy8obpfHdWri47jQ4Gk/VLylHT6t3bKn5OpDrTRK5pDGxqTi1M1RS5fGtANu/cbotLyDNTKLqSVA4WzpaHnkfWTSXQFRePnTWRo6nR1eHdU7ZQnA==
www.heraldsun.com.au/ Name: AWSALBCORS
Value: 1pWNh9yWXCOVzF0TXrfcdUGc29NWl1VJNROntRVVs3GBrtS5nRU4JhX0Ng4MCWyf6HBUeRv6MUkvFLOS9sdPh+1ox3zvPUJVjxRV/HRdcbQzjG++fIFMHSGL2y0p
.heraldsun.com.au/ Name: utag_main
Value: v_id:018513c2546d002144c1624b1f3803073001d06b00b08$_sn:1$_se:1$_ss:1$_st:1671075580846$ses_id:1671073780846%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.13825293930109606
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3Aea8c4990-7c25-11ed-b267-573f5bc60a1a.WC12UU6mtv89noJtY3P1QaUa5DyqdBWOlkswZvQlkSg
.heraldsun.com.au/ Name: bm_sv
Value: F46962FBA6A829DE0AE67F7DFC1C83AA~YAAQbkZYaFJio/eEAQAAEVXCExKYikM/Bzoc23xGRZdaOVQ5+zTYAIVsN2/Z4up9SsHrL/MYMsmWrnFVQfddAL0BXMERG6ArpOSDG9V2PJR1cyitXs3tryMRK/kiDBjiRhnwFHg9CkG4XAQ7PCOct52NMP+xccU7JfCFTkhYl5spHtvKTNLADLxRQIX3sX8DmFGoFsJhEyie8tZKSNG+jEYFX9S4T/y1AejhjKGv6gMQhUeAoL9Z/29orhbkyXqhwwSvK/5C~1
.heraldsun.com.au/ Name: _awl
Value: 3.1671073781.5-32103e51f09e8f7e61e1d7b87518521d-6763652d617369612d6561737431-0
.heraldsun.com.au/ Name: _cb
Value: CFEnyECoayWaDgOZWx
.heraldsun.com.au/ Name: _chartbeat2
Value: .1671073781520.1671073781520.1.C23EYR1hKa-DTU836BbYvyhBGNp33.1
.heraldsun.com.au/ Name: _cb_svref
Value: null
.heraldsun.com.au/ Name: metrics_pcsid
Value: not%20set
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _ncid
Value: 8bf258c793dbc6bdc72e781dd1a5d791
www.heraldsun.com.au/ Name: vidoraUserId
Value: n3cefj2u4kmcoq6gprdja5nqs2ll8k
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1671073782432.1005616423
.postrelease.com/ Name: visitor
Value: 08bded0f-a34b-4563-84d6-20162bb07680
.postrelease.com/ Name: status
Value: 0
www.heraldsun.com.au/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.socdm.com/ Name: SOC
Value: Y5qP9sCo8YQAAMHrAkMAAAAA
www.heraldsun.com.au/ Name: _lr_retry_request
Value: true
www.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
.heraldsun.com.au/ Name: nol_fpid
Value: a2ilr0fdrf5ww5ng9i7mnnnaogkvh1671073782|1671073782639|1671073782639|1671073782639
.doubleclick.net/ Name: IDE
Value: AHWqTUn1xDwEfWVPla3AqYSu0QUOI1dPGM1GXES4XrWz9iau7ClffLIRRacWS20AqqY
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: ca6d392c-f435-4915-b3e9-8b4bbb44224c.1671073782.1.1671073783.1671073782.a7093882-a2e0-4391-9c71-a1d66828e78d
.demdex.net/ Name: demdex
Value: 12316709697606325571715865101471925831
.adsrvr.org/ Name: TDID
Value: 3407f6ba-8900-454e-8d7c-437e273b12f1
.adscale.de/ Name: uu
Value: 56147cb144d0422eb716505b524d08b0
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.adscale.de/ Name: cct
Value: 1671073783173
ads.playground.xyz/ Name: connect.sid
Value: s%3ANxA_jTgDGJ4R592_iPG-6ty_AA3s7bbh.YHTNj40cqrAgbbzL1YdkBFCHjgnKLeiidxURUqq8ddk
.lijit.com/ Name: ljt_reader
Value: F0WdCQZHSEMkljzCQoaktrWG
.rubiconproject.com/ Name: khaos
Value: LBOI6NG8-I-M375
.imrworldwide.com/ Name: IMRID
Value: ec063f60-7c25-11ed-a1bc-1991a23e8b7a
.criteo.com/ Name: uid
Value: e93b2600-ea01-4114-86cd-cdbc7b44aacd
.contextweb.com/ Name: V
Value: R6AsvTRbGwxX
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1hsm|5Ql.0.f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 833743a0476980a3
.newscgp.com/ Name: sp
Value: 68ae881d-1763-4ed3-bc48-06bd342e1781
.openx.net/ Name: i
Value: f97e3455-bc61-4220-9013-413cab032ddb|1671073783
.lijit.com/ Name: _ljtrtb_42
Value: f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573
mfad.inskinad.com/ Name: azk
Value: ue1-3c37b15d7c7e4930b0ca991ae273605e
mfad.inskinad.com/ Name: azk-ss
Value: true
.heraldsun.com.au/ Name: s_ecid
Value: MCMID%7C12337878221359103911713469521552611165
.id5-sync.com/ Name: callback
Value: https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D
.smartadserver.com/ Name: pid
Value: 2342050872406973870
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 107:f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573
.3lift.com/ Name: tluid
Value: 1993700976437061636540
.heraldsun.com.au/ Name: s_nr30
Value: 1671073784176-New
.heraldsun.com.au/ Name: s_tslv
Value: 1671073784177
.heraldsun.com.au/ Name: s_inv
Value: 0
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Chome%7Chomepage%7Chomepage
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Chome%257Chomepage%257Chomepage%2C10%2C10%2C1200%2C1%2C9
.heraldsun.com.au/ Name: s_cc
Value: true
.bidswitch.net/ Name: c
Value: 1671073784
.bidswitch.net/ Name: tuuid_lu
Value: 1671073784
.adnxs.com/ Name: uuid2
Value: 2866451666043766535
.id5-sync.com/ Name: id5
Value: 711a6beb-04ed-7be3-b295-a9bd6a0ab45b#1671073783822#2
.omnitagjs.com/ Name: ayl_visitor
Value: 5ff2f4c8ca691a5c52843594f5f34f2b
.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898%2C17568988%2C17568985
.heraldsun.com.au/ Name: aam_uuid
Value: 12316709697606325571715865101471925831
.mfadsrvr.com/ Name: tuuid
Value: 0d6d5ecc-7194-4e87-bb2e-fc3bbb730e38
.mfadsrvr.com/ Name: c
Value: 1671073784
.mfadsrvr.com/ Name: tuuid_lu
Value: 1671073784
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.dpm.demdex.net/ Name: dpm
Value: 12316709697606325571715865101471925831
.bidswitch.net/ Name: tuuid
Value: d13c19b7-0716-405b-af08-35d2ae2f9b21
.amazon-adsystem.com/ Name: ad-id
Value: A5QDXsCdVU2NhcQ0JNudCU4
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adx.opera.com/ Name: UID
Value: OPU694bb9b2382f4b28a9e96e8823b13717
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c2542e52-2a09-422c-7b95-a340470f155f.TqEyGI8p6t0hGqEP6LZ%2F5U1Jm8Xh%2FqF3rsPYQrg0Fls
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AwlQuUioJQix7laNARw8VX6310UA.VUX5FyavjaAPo9ew7hmn4TgqEDOH%2F7A%2FEpeR5%2BEDYDE
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=7a7b83a6-c6f8-4ac4-a9ad-2077459848b5&Created=12/15/2022 03:09:44&UserMode=0&guid=15822366-5a43-4702-aa6f-6a5432d9e4df&ver=1
.mfadsrvr.com/ Name: ssh
Value: !taboola,1671073784
.casalemedia.com/ Name: CMID
Value: Y5qP.Y9gwtF.MOeIsu.A9QAA
.casalemedia.com/ Name: CMPS
Value: 5314
.casalemedia.com/ Name: CMPRO
Value: 5314
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-d13c19b7-0716-405b-af08-35d2ae2f9b21
.turn.com/ Name: uid
Value: 7596305536165464863
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13062
Value: 1
.mathtag.com/ Name: uuid
Value: caa7639a-8ff9-4200-8b5b-209efb5c023f
.heraldsun.com.au/ Name: __gads
Value: ID=7d81e20235f87b60:T=1671073784:S=ALNI_MYCEwYbg74bv8oX7iBoCFKnq6l2QQ
.heraldsun.com.au/ Name: __gpi
Value: UID=00000b90e8dbb61e:T=1671073784:RT=1671073784:S=ALNI_MbXOv5vQi26BPEZiBjAnC-C6AKSog
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiYxMjMzNzg3ODIyMTM1OTEwMzkxMTcxMzQ2OTUyMTU1MjYxMTE2NVIOCInNiZ7RMBgBKgNPUjLwAYnNiZ7RMA==
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: or2
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 005amuCEX0_004c3mCEX0_
.serving-sys.com/ Name: G4
Value: 0009fM00Jp_
.serving-sys.com/ Name: OT2
Value: 0001DC1rKb
.serving-sys.com/ Name: u2
Value: cc2b0849-23b1-46bf-9fea-c86ee2e316e14Kd050
.eyeota.net/ Name: mako_uid
Value: 18513c2674f-2f2e00000108451f
.eyeota.net/ Name: SERVERID
Value: 17695~DM
.scanscout.com/ Name: uid
Value: CI-f59c0b20a6cf374159db6c82588493ca
.scanscout.com/ Name: UIAA
Value: 12316709697606325571715865101471925831
.scanscout.com/ Name: UIXX_UPDT
Value: "UIAA=1671073785652"
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: 3mzX5DFC1qq8mbL0yCftZy69kIb+L1r4vzlV68HXWYEoS0srE/ue9t3j13HbV1nmw4xrfN8Zovlf2Mlq/sTLMBLrGHpShF+YBWekhKwLyU04ll+r+MN6txTJ2hIN
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19342%7CMCMID%7C12337878221359103911713469521552611165%7CMCAAMLH-1671678584%7C9%7CMCAAMB-1671678584%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C-592627197%7CMCOPTOUT-1671080984s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19349%7CvVersion%7C5.1.1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y5qP_QAAAkH1QwAo
.demdex.net/ Name: dextp
Value: 358-1-1671073784150|470-1-1671073784251|481-1-1671073784352|771-1-1671073784453|903-1-1671073784553|19566-1-1671073784654|23728-1-1671073784755|30432-1-1671073784856|30064-1-1671073784957|66757-1-1671073785058|134096-1-1671073785161|144230-1-1671073785261|144231-1-1671073785362|144232-1-1671073785547|144233-1-1671073785648|144234-1-1671073785794|144235-1-1671073785899|144236-1-1671073786001|144237-1-1671073786103|147592-1-1671073786205|461447-1-1671073786314
.bluekai.com/ Name: bku
Value: pSL99w3wZZmmmr/W
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2BB2C270-1275-4EE1-B10B-096D74BFC1C7
www.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 100
.krxd.net/ Name: _kuid_
Value: PQind6gb
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-3407f6ba-8900-454e-8d7c-437e273b12f1&KRTB&22918-3407f6ba-8900-454e-8d7c-437e273b12f1&KRTB&23031-3407f6ba-8900-454e-8d7c-437e273b12f1
.adotmob.com/ Name: uid
Value: 087e22041926d30e15fae1b8
.adotmob.com/ Name: uuid
Value: 087e22041926d30e15fae1b8
.adotmob.com/ Name: partners
Value: IX%3A1671073786780
.tapad.com/ Name: TapAd_TS
Value: 1671073786632
.tapad.com/ Name: TapAd_DID
Value: 1f37e46b-e5b2-40b6-b147-cbbc088b6407
.t.co/ Name: muc_ads
Value: 99b95140-130a-4420-b1a6-994e4a04b370
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMrQjJirehml1hEPAdobVSQ&KRTB&16514-CAESEMrQjJirehml1hEPAdobVSQ&KRTB&23025-CAESEMrQjJirehml1hEPAdobVSQ&KRTB&23386-CAESEMrQjJirehml1hEPAdobVSQ
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:caa7639a-8ff9-4200-8b5b-209efb5c023f&KRTB&16736-uid:caa7639a-8ff9-4200-8b5b-209efb5c023f&KRTB&23019-uid:caa7639a-8ff9-4200-8b5b-209efb5c023f&KRTB&23208-uid:caa7639a-8ff9-4200-8b5b-209efb5c023f
.twitter.com/ Name: personalization_id
Value: "v1_0Y5mUz+9rJ48DvvnJJMolA=="
.adnxs.com/ Name: anj
Value: dTM7k!M4/8D>6NRF']wIg2Iljx0=0?!fj6l#MP7J(Ed5b>w-/6ja?Rd
.yahoo.com/ Name: A3
Value: d=AQABBPqPmmMCEHlyInTbMbqYnb1yaZywU9EFEgEBAQHhm2OkYwAAAAAA_eMAAA&S=AQAAAl79gTNbNYcZtpXwV1lB28Q
.dyntrk.com/ Name: dyn_u
Value: 07030001_639a8ffadcaf7
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.2112665395.1671073787
.spotxchange.com/ Name: audience
Value: ee46f7a6-7c25-11ed-889d-1a5700cb0407
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 7cac37fac28c1a740f382e82ca59a725
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8379
.simpli.fi/ Name: suid
Value: 903013B2202C4A24905F0F26C6F8A8E6
.linkedin.com/ Name: li_sugr
Value: 9091c847-0c1b-4e2b-aa4a-51c2ddb355ed
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&ac155659-0c8f-45af-8c21-2fc02883e4a1"
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2772:u=1:x=1:i=1671073787:t=1671160187:v=2:sig=AQFLp2w7sYnHJ3g3C1P2J5Jbv2UAmUu-"
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:903013B2202C4A24905F0F26C6F8A8E6
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsI1r70k_uUrzsQBRIVCgZjYXNhbGUSCwi8kN2f-5SvOxAFEhkKCnJpZ2h0bWVkaWESCwi6yKqt-5SvOxAFEhcKCHB1Ym1hdGljEgsIsL2ypvuUrzsQBRIWCgdydWJpY29uEgsI2Mn2sfuUrzsQBRIVCgZnb29nbGUSCwjQwpep-5SvOxAFEhgKCWJpZHN3aXRjaBILCNDCl6n7lK87EAUSFAoFdGFwYWQSCwi2kK6r-5SvOxAFGAEgBCgCMgsItoix2JGVrzsQBTgBWgV0YXBhZGAC
.www.heraldsun.com.au/ Name: ln_or
Value: d
.linkedin.com/ Name: UserMatchHistory
Value: AQIbvAO5rViccQAAAYUTwm8EZWQ059ga5bjwvJwhCm2fD3LYoaUdOuN43ao_EVcBuCrE3Iz0E19v7w
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJUw88R64FZHgAAAYUTwm8E7sn89TeZaT8r0xKQ8xj5zP8RqN2ZVU6okZ0PXA9PPjedgacXyzSxbTr-0lUe7A
.company-target.com/ Name: tuuid
Value: bab05e2e-514b-4026-b3e4-af56a214c416
.company-target.com/ Name: tuuid_lu
Value: 1671073787
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJ1KT+Z/UryIbUyebV3a1sthxQGyyN+09+TPPn9GXc7ofy0CWNKbNS1tT8h2DZUn+pumcZlz7yr2AsEy1bQpUAe5ElgYJ7z+6k=
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&202212150309478ecbb958-a17b-40bb-84ca-91674626500bAQEdVxPMitKT4PASUFptJI1sXoxOHIpN"
.csync.loopme.me/ Name: viewer_token
Value: 16f53cf7-7c29-4f78-a59c-40dbfed353d2
.tpmn.co.kr/ Name: uuid
Value: 05cf0ee709a74bcaadd19c6a7236deb2
.tpmn.co.kr/ Name: bidswitch
Value: d13c19b7-0716-405b-af08-35d2ae2f9b21
.adform.net/ Name: C
Value: 1
.zemanta.com/ Name: zuid
Value: 5UusAsjuAjm0-hh-OURt
.adsymptotic.com/ Name: U
Value: a138050acbcbcc52f4f2f09d07ee5dd7
.google.com/ Name: NID
Value: 511=QbPrAg2LXE_bl2NmzfU3uAcGxlSIegO-J9cgAGNXx1uvtk6Q0dkyCGEqpiiaMv-2YKf9wKkct4103S2rGwmg2r4ZighdEpIHkyGO1IEQ_M2y-kSEIFoEEKxV9lkTUO7OwpNH1NdYHDTThJgznPprTmx9mlmib1tTAAbPVY8xEEI
.adform.net/ Name: uid
Value: 5719384269748548482
.r-ad.ne.jp/ Name: r_ad_token
Value: 51x39n00nBDAY008mrdF
.semasio.net/ Name: SEUNCY
Value: DFD6276B4AF23EFB
.casalemedia.com/ Name: CMTS
Value: 4800
.heraldsun.com.au/ Name: s_tp
Value: 11915
.id5-sync.com/ Name: 3pi
Value: 464#1671073784216#-1964131108#f46c82c9-a911-4b39-9ebd-b0ad85730a7b-tucta941573|112#1671073790187#213929836#DFD6276B4AF23EFB|2#1671073785382#-823408381#2866451666043766535|3#1671073786013#-474765304#caa7639a-8ff9-4200-8b5b-209efb5c023f|264#1671073784716#-1181370403#3407f6ba-8900-454e-8d7c-437e273b12f1|10#1671073789261#1827883616#5719384269748548482|108#1671073787202#691626193
www.heraldsun.com.au/ Name: mdLogger
Value: false
www.heraldsun.com.au/ Name: kampyle_userid
Value: 33b0-97b8-d00d-a07f-5cde-1983-8032-0a16
www.heraldsun.com.au/ Name: kampyleUserSession
Value: 1671073790409
www.heraldsun.com.au/ Name: kampyleUserSessionsCount
Value: 1
www.heraldsun.com.au/ Name: kampyleSessionPageCounter
Value: 1
www.heraldsun.com.au/ Name: kampyleUserPercentile
Value: 70.465256369319
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 158393:4
.pubmatic.com/ Name: DPSync3
Value: 1671667200%3A248_164%7C1672272000%3A197_201_245_226%7C1671148800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1672272000%3A233_54_13_220_7_21_71_56_22_3_247_8%7C1671667200%3A223_2%7C1672358400%3A35%7C1671926400%3A63
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~28ur:175w~28ur:18z8~28ur"
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y5qP_QAAAkH1QwAo&KRTB&22978-Y5qP_QAAAkH1QwAo&KRTB&23194-Y5qP_QAAAkH1QwAo&KRTB&23209-Y5qP_QAAAkH1QwAo
.heraldsun.com.au/ Name: cto_bundle
Value: cI-LhV8yOGo3bFhzTUptT3BzSDZpRUNXZWlhMUpEQU9zRDdTOTNsUGdIJTJCdTlQd1RNYTF3NTBheENyOUpidk5iMFJydUZqUkh4QWZlTG5LOFBBTlBmTHZMM0Q0V25qek9kVEpQcXIlMkY0QklOMnF0dmFnY3Nlc0hrMWIzZTU5SmN2WmpDekxMSFBWWHM4MFlLbUxrd0NtRGwwaTZHZFhWZWIyZlJmSzVtUVNNVzdkTHBNJTNE
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2866451666043766535&KRTB&23339-2866451666043766535
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7596305536165464863&KRTB&23150-7596305536165464863
.pubmatic.com/ Name: PugT
Value: 1671073791
.quantserve.com/ Name: d
Value: EI8BCwHoJ_ijAA
.quantserve.com/ Name: mc
Value: 639a8fff-05891-58e72-2536a
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: y6wqwedab3h
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5719384269748548482&KRTB&23263-5719384269748548482
.mookie1.com/ Name: id
Value: 10522730902714800831
.mookie1.com/ Name: mdata
Value: 1|10522730902714800831|1671073791262
.mookie1.com/ Name: ov
Value: 09d00b86f7bfc7f84f46eb9cf3a76725
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-KJCJvCbF1rszk4XlJ5Kd6CbGh-8zkYXuKMJskrJn&KRTB&19420-KJCJvCbF1rszk4XlJ5Kd6CbGh-8zkYXuKMJskrJn&KRTB&22979-KJCJvCbF1rszk4XlJ5Kd6CbGh-8zkYXuKMJskrJn&KRTB&23403-KJCJvCbF1rszk4XlJ5Kd6CbGh-8zkYXuKMJskrJn
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-y6wqwedab3h
.rlcdn.com/ Name: rlas3
Value: axiVUbZM2hQxAFgRsAJoW/gM0Ga/2uqlIjY6i28smIs=
.rlcdn.com/ Name: pxrc
Value: CP+f6pwGEgUI6AcQABIFCOhHEAA=
.sitescout.com/ Name: ssi
Value: 4b7087ce-36d8-4728-9219-3934a51d4acf#1671073791349
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-wlQuUioJQix7laNARw8VX6310UA&KRTB&23334-wlQuUioJQix7laNARw8VX6310UA&KRTB&23417-wlQuUioJQix7laNARw8VX6310UA&KRTB&23426-wlQuUioJQix7laNARw8VX6310UA
.sitescout.com/ Name: _ssuma
Value: eyIzOSI6MTY3MTA3Mzc5MTczMSwiNyI6MTY3MTA3Mzc5MTczMX0
.mookie1.com/ Name: syncdata_TAP
Value: 1
.pippio.com/ Name: did
Value: bBP8HlYhnP7nqu-f
.pippio.com/ Name: didts
Value: 1671073791
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CICg6pwGEgQIAhAAEgYI7OsBEAA=
.agkn.com/ Name: ab
Value: 0001%3AWBALFrifJq3XOxGrLtcXL6dWC%2FBXn%2F0G
.pubmatic.com/ Name: SPugT
Value: 1671073792
.mookie1.com/ Name: syncdata_NEU
Value: 1

11 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=956901863930.137?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=956901863930.137?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=956901863930.137?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://login.newscorpaustralia.com/csp-reports
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://www.heraldsun.com.au/
Message:
Access to XMLHttpRequest at 'https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%229bb5c2a30b96e3%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%2210dd651272c264a%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%221133c3ccada4ed2%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%22125e9d335a2a82e%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=3acf19d1-2a20-4d58-ac7d-d4a8d7085fcf&pv=7d61ec64-0e71-48bc-af89-822b45c44ffa&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0' from origin 'https://www.heraldsun.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%229bb5c2a30b96e3%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%2210dd651272c264a%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%221133c3ccada4ed2%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%22125e9d335a2a82e%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=3acf19d1-2a20-4d58-ac7d-d4a8d7085fcf&pv=7d61ec64-0e71-48bc-af89-822b45c44ffa&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Message:
Failed to load resource: the server responded with a status of 500 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
javascript warning URL: https://z.moatads.com/thetradedeskv275874568748/moatad.js(Line 140)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4b7087ce-36d8-4728-9219-3934a51d4acf-639a8fff-5553&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F826%2F0%2F8.gif%3Fpuid%3D4b7087ce-36d8-4728-9219-3934a51d4acf-639a8fff-5553%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2v1nmaazabtftnwqbg0lhaxze3ugv1671073782.nuid.imrworldwide.com
8228261.fls.doubleclick.net
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.adsrvr.org
ad.doubleclick.net
ad.tpmn.co.kr
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.com.au
analytics.twitter.com
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
b1sync.zemanta.com
beacon.krxd.net
bedsberry.com
bh.contextweb.com
bidder.criteo.com
bs.serving-sys.com
c.amazon-adsystem.com
c.eu1.dyntrk.com
c1.adform.net
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.speedcurve.com
cdn.taboola.com
cdn1.adoberesources.net
cds.taboola.com
ce.lijit.com
check.analytics.rlcdn.com
choices.trustarc.com
choices.truste.com
cm.ambientdsp.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
content.api.news
cs.r-ad.ne.jp
csync.loopme.me
d.adroll.com
d.turn.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
e1.emxdgt.com
eb2.3lift.com
eb46f448e065b66a0598ed157a24376b.safeframe.googlesyndication.com
edge.adobedc.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.gstatic.com
geo.moatads.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
hk3-bid.adsrvr.org
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image5.pubmatic.com
image6.pubmatic.com
images.taboola.com
insight.adsrvr.org
jadserve.postrelease.com
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lm.serving-sys.com
login.newscorpaustralia.com
match.adsrvr.org
match.taboola.com
mb.moatads.com
metrics.heraldsun.com.au
mfad.inskinad.com
mhr.talk.news.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news.google.com
newscorpau.demdex.net
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.zprk.io
play.google.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
px.moatads.com
resourcesssl.newscdn.com.au
rm-script.dotmetrics.net
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.company-target.com
s.pubmine.com
sb.scorecardresearch.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
sg-trc-events.taboola.com
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
subscriptions.heraldsun.com.au
syd-1-apex.go.sonobi.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
t.adx.opera.com
t.co
tags.bluekai.com
tags.news.com.au
tags.rd.linksynergy.com
tags.tiqcdn.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ts2020-indies-client.web.app
u.openx.net
udc-neb.kampyle.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
visitor.omnitagjs.com
widget.perfectmarket.com
www.facebook.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.heraldsun.com.au
www.linkedin.com
x.bidswitch.net
y.one.impact-ad.jp
z.moatads.com
choices.trustarc.com
login.newscorpaustralia.com
pixel.tapad.com
syd-1-apex.go.sonobi.com
103.229.10.171
103.229.205.243
103.231.98.193
103.231.98.194
103.231.98.195
103.231.98.196
103.71.26.126
104.16.89.20
104.18.99.194
104.22.53.86
104.244.42.3
104.244.42.69
104.254.150.228
104.254.151.60
104.83.197.32
107.178.244.193
107.178.254.65
119.9.108.180
124.146.215.44
13.107.42.14
13.226.210.105
13.229.254.84
13.33.30.231
13.33.33.112
13.33.33.116
13.33.33.118
13.33.35.226
13.33.39.40
13.33.88.104
13.33.88.56
13.33.88.94
13.35.8.23
13.35.8.87
13.56.245.55
135.125.160.160
139.5.84.243
139.99.49.250
141.226.229.48
141.226.230.50
141.95.33.111
142.250.4.106
142.250.4.139
142.250.4.94
142.251.10.132
142.251.12.148
142.251.12.155
15.197.193.217
151.101.129.175
151.101.129.44
151.101.194.217
151.101.65.44
151.101.66.49
157.240.235.1
157.240.235.35
162.19.138.120
172.217.194.113
172.217.194.154
172.217.194.94
172.253.118.154
172.253.118.157
172.253.118.94
172.253.118.97
172.64.132.15
172.64.151.162
172.64.154.237
172.67.69.247
18.136.76.220
18.138.175.196
18.138.18.111
18.140.183.49
18.140.217.106
18.140.22.85
18.140.27.177
18.155.68.116
18.155.68.27
18.155.68.41
18.155.68.80
18.155.68.96
18.158.185.48
18.176.234.133
18.213.217.104
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
184.87.193.153
185.183.112.148
185.84.60.23
199.127.207.190
199.232.44.157
199.36.158.100
209.191.163.208
23.106.127.52
23.106.69.73
23.13.140.73
23.15.243.62
23.195.152.111
23.195.152.191
23.72.44.183
23.72.44.196
23.72.44.233
23.72.45.156
3.0.210.216
3.0.212.186
3.104.211.97
3.5.169.12
3.73.8.30
34.102.166.132
34.102.253.54
34.120.155.137
34.160.169.226
34.196.166.22
34.214.51.179
34.96.71.22
34.98.67.3
35.172.34.118
35.190.60.146
35.213.109.249
35.213.12.39
35.214.223.115
35.227.202.26
35.230.38.116
35.241.45.82
35.244.159.8
35.71.178.8
42.99.140.160
44.198.62.85
44.205.120.122
47.242.65.123
50.116.239.135
52.196.251.57
52.200.50.245
52.45.175.185
52.46.155.104
52.53.57.143
52.57.243.182
52.74.13.196
52.74.213.242
52.84.228.218
54.148.229.14
54.192.150.7
54.192.150.76
54.192.150.93
54.200.252.46
54.68.250.34
54.68.77.207
63.140.36.117
63.140.36.179
64.202.112.255
67.220.224.144
69.173.158.64
69.173.158.65
74.118.186.44
74.125.130.155
74.125.24.132
74.125.24.149
74.125.24.156
74.125.24.157
74.125.68.156
74.214.196.131
8.43.72.97
82.145.213.8
96.16.116.178
96.16.116.247
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c
00963888aa539b10793484d1b020aac609a909c06f08441b3cb0b3cc37e9635f
00d877cf8ab56b0e41021ca56386a1740f9cb7fa03d6e41920f5a470b0c81209
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02937b2f5649841ee04fba91787b51d6170fe88a206652c84aceba8fa8dea70e
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
05816d52fa2870bc59ee6cd704b62968a49bca08b4ceb6cdd0eba29b0fccb7bb
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06dc65c0c36784dc999236b2d2798dbc941d132b0d8ddec0734c8074bd2a3038
071d0a5d172af491aedca9041f20e830d25fd4d339a1006bca3bed949069aa30
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
082324f55e6dd10eff6dbd749f7d9bd2576d809eaf5739832c83b55812824554
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d9b171003cd9f7f4b99731a056ba9764b87d0e0a6188e380519b31c6e57e32b
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1ad4794a2327551b3b4c89fc345ca763c117d50a001fc64f050dd4ce1ef7ddfc
1af93a79baedcd0b0141f5ea252e90b09939df173357ac3dbcba632498e5385d
1c1e1c3ae7f9b71951f0539bbea7738054c26fee2e896ebb54f253db765d4c84
1c6591c006824f39e3010d230b56c939b12c0e95623e34e8ba07824529badad5
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e343140fba50863f9a58310f2917a6a081b047af98a6f38a319b9e7987dd286
1e598350485430106ce15a2db0eefa83278a3ec8470a540711321e527c420188
1e5b8e36471f58025ddc9e4d36d2f3239b28c019326638c5b207aed348b457c5
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
22a475851d6b425b419a22ce7935499b777fe9a44b3371fe92ab2a699b0b5918
232c948603c17dc66940eb62927c550570b7859a8044c8e9d3f92943a9159124
24410676eb08d5eb735d4106f35c8e1de84e2c6d10e4f6b68222125d6a52da6a
24713e413b9683a29e14f18d8cfe3a6657f2d693c59aa833bc58706f490150c5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
268ac228a84f1ccb4f3b8087ab40a9f70a68478219b9371ef609e5f524d23d7d
28aca0f1123fc56312b262449c8967227f5a477aa29bc53b52031c184da1d375
291a3d79990d83388695cb991d16245105d67f77d4b1c82cba26c2f156583a3a
2aadece8a877cb80d5b846f5f165f2e4c97cb56e01babff8d55aac659c62c57e
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b6a59cd150d86a347f70844bc75b8caa0fba4d62156efce7e94df8d8e41fc9f
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2e29f9b139b8d969decbd30d8d27b2ca29053a0d2bf60f9be5731e215fef26c4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
316148663fb541638ab8110da16a88bd42a6845eef56f07bec7cce1d82b8e590
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a2d92184892d9c1792d9c45df7c5a9b082f065072ebd08b22db8110e8e241f
3373bf0e9c20d05a7cc15a719073afccfac16280d0052945a325913d9950ad56
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a
3687399516733927a932d97f42b3f7a5b124e1d21c7cf7cff2a110e8174ad30d
36a1d1c43e402933e481767a31986cd28968a959cd0fcfb614fa1b2da6a8b7cc
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
375fa7d646eb52c53c4973a0ba502e5edc41e5a455c57232dc290b36ae1436e4
392df454db433937cbd9eab9124a901bbdfa8309483d629420f4f177237a3bef
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3a6a8741402081a0481dd9ca52d005627203d868f9b21b3650c71d2b839ad0b6
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d
3c49d119318946cd6fe858a177c78d67ed10cd91f0a308c05cb9da4a170262ea
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ec3bc86b3068c897765fd1b8a794ecbc905b8ba9169fedf6fe8e220945bc8a3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
4245c9317bdd03c399c7d209333549e525906f02f649a11cbd5707ef2782af03
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e579007c6bbfe5eab935a6e4faf2ef0fb58ffe28e8fad827627b9bea4454e7
462de0cf99e5a07877be62391df469f48b1fb508b31d01ceab53b0a7bf1a73ce
4659eb111944262ea882a8fe8cf2befc95a3e27d658c95124bbac231d28b2cb9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4baf1f8d152b97458890b22fef3b1a965a8fbd9f2207d4b8c51fc6e1e5d401d3
4d88116e98897c38a320d85c485b9a29855c170fed2fde9585cff3ea5b7a2d6c
4dac27962abc535e8e0c5707e167d2fe63d16dbfda95ce820c6c8218796d24c1
4dee19d7dd0581c179a55c4accb3012dd4bee4ea86acd9948a1487f76e40bf66
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5258b77094e2764ed3cbaccfa9a241723c11ed8f813f857eb176e5f9a19bce
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52afdd0537a16b3f5706ead2732920a5839854c1f2a1a9f31cfb196fbe4d43da
5313f527622c6c4dbd291030c8cb593f6f192dec11c37abc9554176661431bd1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
57cafe0256f6066f49e799fcaa56acdc553048ee5707e69aa278025ff95fde69
58c6ed298adc79144173b43526af24a8625f756a9ca8fa31e1aa093a58d802ee
598e6fdbdcea0672e5b866da5737a51487f88b7f360c901cf48cbed1c3f6caee
5c7b80c0d2eac000558cbcaa19ed5f73abbd45709890b5799a3bda8e21ec47a4
5cfc7ff45e6c0030f629b9e0efb2d9f8a624b34b59da4b0534396ba8f4f21f39
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5eea965bd4580f342affc5008864573b0946d5bd2dfa7e47f9d2536b28a843a9
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
60b5a92e9329d7033d4e7ba617b174e19d8527a99194cc18d63487353127a896
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
64bef2d8024ff0095b597adc6b85c3ea22a68bc266e7bd22d49d90e7abdefa82
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
68ba68fdbe01e94c9f187960f9aecd379d993e725f2a3f04f9e0c36cee41ce30
6a781e9e5e64a18c4ce90814dd47e327bbf73130cb3aa0b3c12f48ca06ea5a19
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c77d9fedc0a692cdb6cfd3f9f2d9ad7e38f17d11d5d860c86bee2357b1f4bec
6ea04aa12c5127809e1127bdf7f814a7296cd02c8589aeda6f9a16398506ad99
6f31e08174a2c5faf665d6cced153a270adb26d94cbf1812c5b4be5363e3f5ec
707d2c0e6f2ebf60d6f8555335382ee4b51f7577298d08a7f7b357e0efa33adc
72c47e4ae419dc20b6542b6867a309bf67aae467efcdf67ca8cc19bc4f692992
757066733cc5808a89fa43b99da0148bc8fad6820af900f0ab67d6109ee1af11
75894af688d6666620c532c1658557e02cbb99a73482a625d60b501b5a62a672
785465b09f140b9b51cd3cd6df111c999e5ae3b678f1f4a034463ee62f04da56
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d
7b7ac50b79bf18752a58cfb881a3becafbe2578a3aabfee87d4d909226425f98
7bc5ef548dbde54ff0472e34814e5a79a711865437493388d8d01e7eb7f7220e
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
803cf9015548ef7142b604cd241fb74444ba503821f9eeb53fa7c739795fb24f
807309e11ee0715a03218fa4f8e68809350e81ba539823720dffa7bab9b1fc29
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
82abd351cc44ce888587e81355124ba7f09e06448c6218d0d37b028f85b5588b
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84745e85a96d262b5058cbbc464e4aadc0d6d236c8a842f41a38183f26262912
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
871692dfb0891aec6f11a20084973748da4f55804d2c982b1f6e10c4855fe7da
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95
8b346f5da4ac6be488bb5c02a6742c845cdb51ad17c64669f376af02cfae0250
8ce5c312cf2f5fa1388339aefb0d24c851ff95e811f32828965f2ef8d917f92d
8d7aba7173352460004be923ca4d8f2d723b439fa44049a519c09921063f4f4f
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
95bef38a9994b4f393a39601168b36cf4a64a430c67192ab80d295c016254a30
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a16ace082ee5d4603c6b28a3aac56154bf72ff307fbc72269270c3f3acea61a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c387d446d57313c4a8bff837dc8adc35268a50b86de7f7e0fb3e2d6495fc267
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f
9f20d92c37155a1281d057f626e58292ab336661e3586ddafeb6da1bb8f85e42
9ff79f831706ee98020c617518d4dea792976313b1ce1ab3d07d12f4639bcece
a042caa66ccb570b206c362aef8f8917fcd6a1c271ad29af0152ad00c7e75cf2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a36f079973122f757fec90fc321d48ca19234434ce6ff5e5444cdb035f71f360
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad3e1f23fedcd23186a2c8856ab6989f833cdbf4da13b45c5602f77922c156dd
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
af443a5abe2eb9d462641c0b26b3795a40fd055df03b9b46b41b8ac868915f6c
b04773d5df5fd9ca777408f0d78c6ed64aaf6165bc70c99a11d6b0d4cc06e9c6
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b0e3f8264efae0bccf0c34f32f588a6bc610df37a8a53552da41b76e9b1c7708
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a0eaade87e6b0fdba8439d8c708e324b8930b83d2c3a14245945c5e2dcfbde
b5e1f5e47fcd4c4a4923cf617a5025ac465087f7c99384f3e45121c2b5d6c5e9
b890e2fe66bddbfcf0aad772997478817d1ee529a7d79bc58d296a33a68970fa
bb0c14cd339c6a54d0a34d590e897937afc38109202bca355cb1ffd06b2701b0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbd29deca68f9639a9456faedcb3c18abc0af0b4bd8336b49a82b61c34296bfe
bc200d6bd022a9edfff201827101285a92b8188ae2af8b8fdf368cda42f30d5f
bc727e9522d980b6d047a6555aa711399b89c8980a2175c1226169b0337c95df
bdda5fd122f247d9ac522edad66dad0f5874fd9cedd384cb8a974558b28d6837
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf64ad094e8e22f7ab25e14f742f77c820ce94e92df25f66b9d3536be324d5f0
c0be42a419e69918d547e0509026832bf520142fcc19747cd632be523c01fb45
c18e2c0430dae4a90ea1281694f07d8ec9c8865d526ff1f948cfd605f344d140
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c58757892378c5f299a012046e3d89dff57b0a39a774d901d1a0280dce2ef73b
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
c91da41b350edbad9daa9e61681b6e9e37b98cfea296b4cbb5b7ae1fa2c36950
c98c20916f12f74e43f885162eb285c213a978a45c76769a2517e4b8c6d4b1ae
cb805ed0f4abf2c0cd626b8cb5022191bce25dcae35c3dca265b174998600eac
cbdaa0d9ab150be50ea53f75a1d0ef126a96cf88511bbc00577be698db00fb9e
cc0d616327ba36317c494ef34473d2b786e85a1c29f1f2eb3ef56e172faf9182
ccd29fb2f25f0ca52df4dee355c1fe99d6c2e9f27949fe44e0c6df3e874b0fdb
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556
ced8f40659bf37ca569e6a55eb74fb618846d08867cc7589a45d6b24ce6ad25a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf71f77ca65d84fcd2e82b9176f32b618f136297883ec4e0d46f9a4e2bcb1b11
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cf8afe3a3b0417b7b55c00f55ff021f31ec8f1021d1462b21a806b73fb1c14cc
d0279de3d330f6103a9cb724874dbdedae33b44cdebbdca46fb907cf3219e122
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d055023e6f324f857331e15baf7f3bf35bf6323ce6edde2501d873f1031bba6f
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d37c6844355db530b6cf47460ee5fdf20b2e0ba5ee299dea5a19a1783ad2987b
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
d4a9b2e1495aff1c72b808d366bbc3cc6a43706e817befbb5aee91611f9884b3
d5782b9d5673c486506c93f060e962736615fce7928e530212c3538b3fd85593
d68581261ad3a07db6603185fd5aee983bf76b5fa710d49ba6e562935eaf65b7
d7e81547491c16035ad8bfef7ccd5d58241ee34b682ea28e09d2b05c1c1bdb34
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
da75b108ff1ca812d896c648f2aef586fbd65374274dec7890fb9fc411bb7d14
dbd3a8ebc22466c0a20ddf58489252b8ef30dad1f4d1c4e577b0b324b00db77c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dea5d793682ff6a99a6b9f9898a04b2aefb899340d1562ae7fb29b0804ba3f88
e08f58109945c5c8ecfe19db0b5df560d74e90699f61db79f75ad9fb7ce27bd6
e097e0f4d5290725d3f9da40c2719f622a8e579ffff890a9a7dd7d2632ec2f8c
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e1623e1451248e9a54e49b3fbc7290db5e5e620756f4c8933efeece19abc5816
e1f33bea29d3a3031701b094adb902ff0e8609f9629c6bee9d9ee45bdfe78bdc
e23cf54d0da26fb920ba7736991af32a2d83595dd8f4a08d94bf6087cf4bec4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e993b065ce2b946688eef1341f0b28db3b9b93d6f1bd609a37166abb077ade30
eb2ab5b5cdfb45aad4d8911147a322e9546a12881682d80eaaa9040e77d63288
eb5f4383f425774d9d1870b942fce87d7cb799dc5116385ad8b1bf2098cb6a1e
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edf89ad38d60352113b897011f2a8bcfad3ae02cd5abca770dac96015e085067
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f164ec8de5881a65f775c90a18557a2ca67a4ef51f35aed61135683efe18baf1
f165a9d06f5fa4a94dde100488e8932c15f31013058fe53aecf6828378b73035
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f782453376c8eafe4712af01d339385534774c44b0ebdb57ed5eadf96d49e859
f783a98f82eab75754ecaae44f592895ba33a7be2e3920c05f4143047347d4a4
f7e88dfec8eb11687d47b060cac765d657ca6207d50bd9d3d92ead924ec4d1f9
f948c330c0e25b79dfcb7a2f039dfa3af4ddacdbea9077cbfe722d438f09f5a4
fa157089af4b90cd83ebad0e30ba1da678e690b0705183636b22592107d50f51
fab98dd589aef77e51e7bc23d3ee8fca2ae741341e9b905063110ffbe7e97850
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbdf12aa1eb94ab45dd826b6349c4fd915ab7a585cbe8d4c68d46a68caa37043
fccb25d16f118b7e7a9d0bad2197c96501d7ba1142cd7ff50c5557d727b5543c
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
fd56fe5b6b1263cdb2ece23a6854ebde16cbd1179cc0e9ff628876f8c4416c1a
fec72676feb48045880ac7db884269bb0a4ddf1c622714818c644d2615c119b4