urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
23.195.152.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.heraldsun.com.au/
Effective URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Submission: On October 21 via manual from IN — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 112 IPs in 11 countries across 95 domains to perform 365 HTTP transactions. The main IP is 23.195.152.111, located in Singapore, Singapore and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 301614.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 7th 2022. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 38 23.195.152.111 16625 (AKAMAI-AS)
1 11 23.195.152.191 16625 (AKAMAI-AS)
11 23.54.56.214 16625 (AKAMAI-AS)
1 151.101.66.217 54113 (FASTLY)
1 16 151.101.65.44 54113 (FASTLY)
1 192.0.66.122 2635 (AUTOMATTIC)
4 52.95.128.178 16509 (AMAZON-02)
1 13.33.33.109 16509 (AMAZON-02)
4 74.125.24.132 15169 (GOOGLE)
1 3 13.33.88.55 16509 (AMAZON-02)
1 172.64.133.15 13335 (CLOUDFLAR...)
2 34.160.169.226 15169 (GOOGLE)
2 7 141.226.229.48 200478 (TABOOLA-AS)
3 104.79.97.250 16625 (AKAMAI-AS)
4 23.54.56.153 16625 (AKAMAI-AS)
1 52.84.45.108 16509 (AMAZON-02)
1 199.36.158.100 54113 (FASTLY)
3 142.250.4.148 15169 (GOOGLE)
1 13.33.91.15 16509 (AMAZON-02)
2 157.240.235.1 32934 (FACEBOOK)
2 18.155.68.27 16509 (AMAZON-02)
2 52.76.94.145 16509 (AMAZON-02)
1 151.101.193.175 54113 (FASTLY)
1 104.22.53.86 13335 (CLOUDFLAR...)
1 23.72.44.233 16625 (AKAMAI-AS)
2 5 142.250.4.156 15169 (GOOGLE)
3 13.33.79.24 16509 (AMAZON-02)
1 54.192.150.12 16509 (AMAZON-02)
2 104.26.6.155 13335 (CLOUDFLAR...)
2 54.192.150.8 16509 (AMAZON-02)
2 4 69.173.158.64 26667 (RUBICONPR...)
1 5 103.231.98.194 62713 (AS-PUBMATIC)
5 13 142.250.4.157 15169 (GOOGLE)
6 14 35.71.131.137 16509 (AMAZON-02)
1 2 209.191.163.152 32475 (SINGLEHOP...)
1 74.214.196.131 19189 (PULSEPOINT)
1 23.106.127.39 59253 (LEASEWEB-...)
1 54.80.43.227 14618 (AMAZON-AES)
1 1 182.161.73.146 55569 (CRITEO-AS...)
1 5 162.19.138.116 16276 (OVH)
2 2 119.9.108.211 45187 (RACKSPACE...)
5 6 35.213.12.39 15169 (GOOGLE)
3 3 202.131.200.84 17941 (BIT-ISLE ...)
1 1 202.131.200.82 17941 (BIT-ISLE ...)
2 2 35.156.131.180 16509 (AMAZON-02)
2 4 34.98.64.218 396982 (GOOGLE-CL...)
1 2 52.223.2.229 16509 (AMAZON-02)
1 52.26.60.1 16509 (AMAZON-02)
1 31.220.27.134 39572 (ADVANCEDH...)
1 1 3.82.239.128 14618 (AMAZON-AES)
1 82.145.213.8 39832 (NO-OPERA)
1 172.217.194.155 15169 (GOOGLE)
4 74.125.130.154 15169 (GOOGLE)
1 9 142.251.10.138 15169 (GOOGLE)
1 52.55.138.176 14618 (AMAZON-AES)
1 16 52.88.128.19 16509 (AMAZON-02)
3 13.33.88.94 16509 (AMAZON-02)
2 63.140.36.121 16509 (AMAZON-02)
1 1 54.251.194.20 16509 (AMAZON-02)
2 54.192.150.79 16509 (AMAZON-02)
4 13.54.79.6 16509 (AMAZON-02)
1 13.33.88.108 16509 (AMAZON-02)
1 104.16.88.20 13335 (CLOUDFLAR...)
1 141.95.98.67 16276 (OVH)
1 162.19.138.120 16276 (OVH)
3 8 104.254.151.36 29990 (ASN-APPNEX)
1 1 50.116.239.135 6336 (TURN-US-ASN)
1 2 23.72.44.196 16625 (AKAMAI-AS)
2 7 104.18.18.126 13335 (CLOUDFLAR...)
4 54.192.150.4 16509 (AMAZON-02)
1 1 199.127.207.182 26120 (RHYTHMONE)
2 2 18.140.27.177 16509 (AMAZON-02)
2 42.99.140.187 4637 (ASN-TELST...)
1 1 3.82.86.176 14618 (AMAZON-AES)
1 52.26.190.74 16509 (AMAZON-02)
1 1 23.73.13.201 16625 (AKAMAI-AS)
12 12 151.101.66.49 54113 (FASTLY)
1 6 139.5.84.243 27381 (CASALE-MEDIA)
1 2 103.71.26.125 132134 (SPOTX-AS-...)
3 157.240.235.35 32934 (FACEBOOK)
1 63.140.36.117 16509 (AMAZON-02)
1 74.118.186.45 26120 (RHYTHMONE)
1 151.101.129.44 54113 (FASTLY)
1 141.226.230.50 200478 (TABOOLA-AS)
1 20.50.2.28 8075 (MICROSOFT...)
2 34.102.253.54 396982 (GOOGLE-CL...)
4 69.173.158.65 26667 (RUBICONPR...)
1 182.161.73.145 55569 (CRITEO-AS...)
1 103.231.98.193 62713 (AS-PUBMATIC)
2 54.144.104.205 14618 (AMAZON-AES)
1 13.33.30.231 16509 (AMAZON-02)
2 13.251.225.18 16509 (AMAZON-02)
2 18.138.205.213 16509 (AMAZON-02)
4 142.250.4.94 15169 (GOOGLE)
1 142.251.10.94 15169 (GOOGLE)
1 52.76.8.38 16509 (AMAZON-02)
4 52.84.228.218 16509 (AMAZON-02)
1 151.101.108.157 54113 (FASTLY)
1 42.99.140.211 4637 (ASN-TELST...)
2 74.125.24.97 15169 (GOOGLE)
2 151.101.1.108 54113 (FASTLY)
2 4 172.217.194.149 15169 (GOOGLE)
3 3 52.74.13.196 16509 (AMAZON-02)
1 35.227.202.26 15169 (GOOGLE)
1 4 104.254.148.251 29990 (ASN-APPNEX)
7 142.250.4.102 15169 (GOOGLE)
4 4 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.100.194 13335 (CLOUDFLAR...)
3 142.251.10.157 15169 (GOOGLE)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
2 52.28.196.126 ()
3 142.251.10.156 15169 (GOOGLE)
4 142.251.10.104 15169 (GOOGLE)
3 172.217.194.94 15169 (GOOGLE)
2 182.161.73.129 55569 (CRITEO-AS...)
1 13.33.33.112 16509 (AMAZON-02)
1 74.125.24.157 15169 (GOOGLE)
10 172.253.118.156 15169 (GOOGLE)
3 142.250.4.132 15169 (GOOGLE)
1 34.120.155.137 396982 (GOOGLE-CL...)
2 13.230.111.91 ()
2 23.75.85.227 ()
2 104.18.12.76 13335 (CLOUDFLAR...)
1 67.199.150.81 ()
1 1 103.229.10.171 ()
4 54.169.146.178 ()
365 112
38    23.195.152.111 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-111.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
content.api.news
mhr.talk.news.com.au
11    23.195.152.191 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-191.deploy.static.akamaitechnologies.com
tags.news.com.au
11    23.54.56.214 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-56-214.deploy.static.akamaitechnologies.com
resourcesssl.newscdn.com.au
1    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
16    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
widget.perfectmarket.com
trc.taboola.com
images.taboola.com
match.taboola.com
1    192.0.66.122 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
origin.go.heraldsun.com.au
4    52.95.128.178 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
1    13.33.33.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-109.sin2.r.cloudfront.net
edition.pagesuite.com
4    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
cdn.ampproject.org
379c407406341424da9c52e0b7d5a5b2.safeframe.googlesyndication.com
3    13.33.88.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-55.sin2.r.cloudfront.net
sb.scorecardresearch.com
1    172.64.133.15 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    34.160.169.226 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 226.169.160.34.bc.googleusercontent.com
bedsberry.com
7    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)
sg-trc-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
3    104.79.97.250 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-97-250.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.heraldsun.com.au
4    23.54.56.153 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-56-153.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    52.84.45.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-108.mrs52.r.cloudfront.net
static.adsafeprotected.com
1    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
ts2020-indies-client.web.app
3    142.250.4.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f148.1e100.net
ad.doubleclick.net
1    13.33.91.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-91-15.sin2.r.cloudfront.net
static.chartbeat.com
2    157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net
2    18.155.68.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-27.sin52.r.cloudfront.net
au.tags.newscgp.com
ncg.tags.news.com.au
2    52.76.94.145 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-94-145.ap-southeast-1.compute.amazonaws.com
pixel.zprk.io
1    151.101.193.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
1    104.22.53.86 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.72.44.233 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-233.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
5    142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
3    13.33.79.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-79-24.sin2.r.cloudfront.net
c.amazon-adsystem.com
1    54.192.150.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-12.sin2.r.cloudfront.net
ats-wrapper.privacymanager.io
2    104.26.6.155 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
2    54.192.150.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-8.sin2.r.cloudfront.net
assets.vidora.com
4    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
5    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
13    142.250.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net
cm.g.doubleclick.net
securepubads.g.doubleclick.net
14    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    209.191.163.152 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    23.106.127.39 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
1    54.80.43.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-43-227.compute-1.amazonaws.com
e1.emxdgt.com
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
5    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
2    119.9.108.211 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
6    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
3    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
1    202.131.200.82 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-tapi.admatrix.jp
2    35.156.131.180 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-131-180.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
2    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    52.26.60.1 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-60-1.us-west-2.compute.amazonaws.com
visitor.omnitagjs.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    3.82.239.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-239-128.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
pagead2.googlesyndication.com
4    74.125.130.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f154.1e100.net
googleads4.g.doubleclick.net
www.googleadservices.com
9    142.251.10.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f138.1e100.net
news.google.com
1    52.55.138.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-138-176.compute-1.amazonaws.com
ping.chartbeat.net
16    52.88.128.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-128-19.us-west-2.compute.amazonaws.com
dpm.demdex.net
newscorpau.demdex.net
3    13.33.88.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-94.sin2.r.cloudfront.net
cdn-gl.imrworldwide.com
2    63.140.36.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-121.data.adobedc.net
metrics.heraldsun.com.au
1    54.251.194.20 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-194-20.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
2    54.192.150.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-79.sin2.r.cloudfront.net
cdn.adsafeprotected.com
docbrdnxrwlkhr2sfqaftkimxsr2k1666336703.nuid.imrworldwide.com
4    13.54.79.6 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-54-79-6.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
1    13.33.88.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-108.sin2.r.cloudfront.net
au.audience.newscgp.com
1    104.16.88.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lbs.eu-1-id5-sync.com
8    104.254.151.36 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
2    23.72.44.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com
image5.pubmatic.com
ads.pubmatic.com
7    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
4    54.192.150.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-4.sin2.r.cloudfront.net
au-script.dotmetrics.net
1    199.127.207.182 (United States)

ASN26120 (RHYTHMONE, US)
dt.scanscout.com
2    18.140.27.177 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-27-177.ap-southeast-1.compute.amazonaws.com
ps.eyeota.net
2    42.99.140.187 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-187.pacnet.net
secure-ds.serving-sys.com
1    3.82.86.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-86-176.compute-1.amazonaws.com
usermatch.krxd.net
1    52.26.190.74 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-190-74.us-west-2.compute.amazonaws.com
beacon.krxd.net
1    23.73.13.201 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-13-201.deploy.static.akamaitechnologies.com
tags.bluekai.com
12    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    103.71.26.125 (Singapore, Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
3    157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com
1    63.140.36.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-117.data.adobedc.net
edge.adobedc.net
1    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.230.50 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
4    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    54.144.104.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-104-205.compute-1.amazonaws.com
mfad.inskinad.com
1    13.33.30.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-30-231.sin2.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
2    13.251.225.18 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-225-18.ap-southeast-1.compute.amazonaws.com
pixel.adsafeprotected.com
2    18.138.205.213 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-205-213.ap-southeast-1.compute.amazonaws.com
secure-sdk.imrworldwide.com
4    142.250.4.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f94.1e100.net
www.gstatic.com
1    142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
fonts.gstatic.com
1    52.76.8.38 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-8-38.ap-southeast-1.compute.amazonaws.com
bs.serving-sys.com
4    52.84.228.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-228-218.sin2.r.cloudfront.net
js.adsrvr.org
1    151.101.108.157 (Tokyo, Japan)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    42.99.140.211 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-211.pacnet.net
snap.licdn.com
2    74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net
www.googletagmanager.com
2    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    172.217.194.149 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f149.1e100.net
8228261.fls.doubleclick.net
3    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
au-gmtdmp.mookie1.com
4    104.254.148.251 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
7    142.250.4.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f102.1e100.net
play.google.com
4    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
2    104.18.100.194 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
3    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
googleads.g.doubleclick.net
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    52.28.196.126 (None, )

ASN- ()
lm.serving-sys.com
3    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
adservice.google.com
4    142.251.10.104 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f104.1e100.net
www.google.com
3    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
www.google.com.au
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    13.33.33.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-112.sin2.r.cloudfront.net
check.analytics.rlcdn.com
1    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
adservice.google.com.au
10    172.253.118.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f156.1e100.net
www.googletagservices.com
3    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
tpc.googlesyndication.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    13.230.111.91 (None, )

ASN- ()
prebid-a.rubiconproject.com
2    23.75.85.227 (None, )

ASN- ()
eus.rubiconproject.com
2    104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    67.199.150.81 (None, )

ASN- ()
image6.pubmatic.com
1    103.229.10.171 (None, )

ASN- ()
cms.quantserve.com
4    54.169.146.178 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
Apex Domain
Subdomains		 Transfer
29 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 185
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 199020
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
226 KB
25 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 301614
origin.go.heraldsun.com.au
subscriptions.heraldsun.com.au — Cisco Umbrella Rank: 710381
metrics.heraldsun.com.au — Cisco Umbrella Rank: 892780
845 KB
23 google.com
news.google.com — Cisco Umbrella Rank: 5435
play.google.com — Cisco Umbrella Rank: 27
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
74 KB
23 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 865
trc.taboola.com — Cisco Umbrella Rank: 697
sg-trc-events.taboola.com — Cisco Umbrella Rank: 32483
images.taboola.com — Cisco Umbrella Rank: 1714
sync.taboola.com — Cisco Umbrella Rank: 1072
sync-t1.taboola.com — Cisco Umbrella Rank: 1296
match.taboola.com — Cisco Umbrella Rank: 2790
pips.taboola.com — Cisco Umbrella Rank: 1560
cds.taboola.com — Cisco Umbrella Rank: 1451
203 KB
18 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
js.adsrvr.org — Cisco Umbrella Rank: 1436
insight.adsrvr.org — Cisco Umbrella Rank: 632
22 KB
16 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214
newscorpau.demdex.net — Cisco Umbrella Rank: 110192
20 KB
16 api.news
content.api.news — Cisco Umbrella Rank: 57967
194 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
acdn.adnxs.com — Cisco Umbrella Rank: 618
secure.adnxs.com — Cisco Umbrella Rank: 438
32 KB
13 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1347
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
htlb.casalemedia.com — Cisco Umbrella Rank: 519
ssum-sec.casalemedia.com
11 KB
13 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1073
sync-tm.everesttech.net — Cisco Umbrella Rank: 578
3 KB
13 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 75850
mhr.talk.news.com.au — Cisco Umbrella Rank: 677032
ncg.tags.news.com.au — Cisco Umbrella Rank: 147911
236 KB
12 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
token.rubiconproject.com — Cisco Umbrella Rank: 682
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
prebid-a.rubiconproject.com
eus.rubiconproject.com
24 KB
11 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 98850
83 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
288 KB
9 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 706
image5.pubmatic.com — Cisco Umbrella Rank: 53237
image2.pubmatic.com — Cisco Umbrella Rank: 894
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470
ads.pubmatic.com — Cisco Umbrella Rank: 495
image6.pubmatic.com
11 KB
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
pr-bh.ybp.yahoo.com
3 KB
6 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2418
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 6309
docbrdnxrwlkhr2sfqaftkimxsr2k1666336703.nuid.imrworldwide.com
67 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 303
3 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1193
id5-sync.com — Cisco Umbrella Rank: 471
22 KB
6 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 119101
au.pixel.newscgp.com — Cisco Umbrella Rank: 175402
au.audience.newscgp.com — Cisco Umbrella Rank: 198827
49 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
130 KB
5 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 1907
bs.serving-sys.com — Cisco Umbrella Rank: 1148
lm.serving-sys.com
26 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
379c407406341424da9c52e0b7d5a5b2.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
57 KB
4 google.com.au
www.google.com.au — Cisco Umbrella Rank: 23161
adservice.google.com.au — Cisco Umbrella Rank: 109731
1 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
www.linkedin.com — Cisco Umbrella Rank: 591
3 KB
4 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 48292
39 KB
4 openx.net
u.openx.net — Cisco Umbrella Rank: 664
us-u.openx.net — Cisco Umbrella Rank: 409
577 B
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 313
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 534
s.amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com Failed
48 KB
4 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 594
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3256
pixel.adsafeprotected.com — Cisco Umbrella Rank: 620
8 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 968
24 KB
4 amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
60 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 131
47 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
589 B
3 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2796
1 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3417
collector.brandmetrics.com — Cisco Umbrella Rank: 3710
17 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
3 KB
3 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 363
18 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 608
cdn.indexww.com
2 KB
2 rlcdn.com
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4027
api.rlcdn.com — Cisco Umbrella Rank: 825
idsync.rlcdn.com Failed
668 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
57 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 499
464 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
94 KB
2 inskinad.com
mfad.inskinad.com — Cisco Umbrella Rank: 24520
15 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3829
404 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 572
1 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1251
beacon.krxd.net — Cisco Umbrella Rank: 528
529 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1010
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1358
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1440
549 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 373
740 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 923
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1134
902 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 679
bidder.criteo.com — Cisco Umbrella Rank: 763
2 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 918
1 KB
2 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 17468
6 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 18162
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
111 KB
2 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 137525
3 KB
2 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 76020
28 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3561
32 KB
1 quantserve.com
cms.quantserve.com
512 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 547
395 B
1 t.co
t.co — Cisco Umbrella Rank: 483
376 B
1 mookie1.com
au-gmtdmp.mookie1.com — Cisco Umbrella Rank: 305755
640 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 742
3 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 624
15 KB
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
99 B
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 7092
839 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 539
488 B
1 scanscout.com
dt.scanscout.com — Cisco Umbrella Rank: 30570
698 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1096
ad.turn.com Failed
402 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 394
2 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1228
201 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2347
464 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 723
577 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3981
46 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1104
384 B
1 admatrix.jp
sync-tapi.admatrix.jp — Cisco Umbrella Rank: 82134
529 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1247
67 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 640
596 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 538
729 B
1 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 5842
27 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 33382
20 KB
1 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4545
945 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1323
24 KB
1 web.app
ts2020-indies-client.web.app — Cisco Umbrella Rank: 182480
3 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 931
12 KB
1 pagesuite.com
edition.pagesuite.com — Cisco Umbrella Rank: 97950
50 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 5695
7 KB
0 2mdn.net Failed
s0.2mdn.net Failed
0 ambientdsp.com Failed
cm.ambientdsp.com Failed
0 adform.net Failed
c1.adform.net Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 dyntrk.com Failed
gu.dyntrk.com Failed
0 sonobi.com Failed
syd-1-apex.go.sonobi.com Failed
365 95
Domain Requested by
21 www.heraldsun.com.au 2 redirects www.heraldsun.com.au
16 content.api.news www.heraldsun.com.au
15 dpm.demdex.net 1 redirects www.heraldsun.com.au
tags.news.com.au
ssum-sec.casalemedia.com
12 sync-tm.everesttech.net 12 redirects
11 match.adsrvr.org 5 redirects www.heraldsun.com.au
js.adsrvr.org
11 resourcesssl.newscdn.com.au www.heraldsun.com.au
ts2020-indies-client.web.app
11 tags.news.com.au 1 redirects www.heraldsun.com.au
tags.tiqcdn.com
au.tags.newscgp.com
10 www.googletagservices.com securepubads.g.doubleclick.net
www.googletagservices.com
9 news.google.com 1 redirects subscriptions.heraldsun.com.au
news.google.com
www.heraldsun.com.au
www.gstatic.com
9 cm.g.doubleclick.net 7 redirects www.heraldsun.com.au
9 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
www.googletagservices.com
8 ib.adnxs.com 3 redirects www.heraldsun.com.au
tags.news.com.au
acdn.adnxs.com
7 play.google.com www.gstatic.com
6 dsum-sec.casalemedia.com 1 redirects www.heraldsun.com.au
js.adsrvr.org
ssum-sec.casalemedia.com
6 x.bidswitch.net 5 redirects www.heraldsun.com.au
6 trc.taboola.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
6 cdn.taboola.com www.heraldsun.com.au
cdn.taboola.com
5 id5-sync.com 1 redirects www.heraldsun.com.au
cdn.id5-sync.com
tags.news.com.au
4 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
ads.pubmatic.com
4 ssum-sec.casalemedia.com tags.news.com.au
js-sec.indexww.com
ssum-sec.casalemedia.com
4 www.google.com www.heraldsun.com.au
securepubads.g.doubleclick.net
4 secure.adnxs.com 1 redirects www.heraldsun.com.au
4 8228261.fls.doubleclick.net 2 redirects www.heraldsun.com.au
4 js.adsrvr.org secure-ds.serving-sys.com
insight.adsrvr.org
4 www.gstatic.com news.google.com
www.gstatic.com
4 fastlane.rubiconproject.com tags.news.com.au
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
4 au.pixel.newscgp.com au.tags.newscgp.com
4 simage2.pubmatic.com 1 redirects www.heraldsun.com.au
ads.pubmatic.com
4 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
ad.doubleclick.net
3 www.google.com.au www.heraldsun.com.au
3 adservice.google.com 8228261.fls.doubleclick.net
securepubads.g.doubleclick.net
3 googleads.g.doubleclick.net www.googleadservices.com
3 px.ads.linkedin.com 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 insight.adsrvr.org 1 redirects js.adsrvr.org
3 www.googleadservices.com secure-ds.serving-sys.com
www.googletagmanager.com
3 www.facebook.com www.heraldsun.com.au
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 sync-dsp.ad-m.asia 3 redirects
3 sync-t1.taboola.com www.heraldsun.com.au
3 sync.taboola.com 2 redirects www.heraldsun.com.au
3 pixel.rubiconproject.com 2 redirects www.heraldsun.com.au
3 c.amazon-adsystem.com tags.tiqcdn.com
c.amazon-adsystem.com
3 ad.doubleclick.net tags.tiqcdn.com
www.googletagservices.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
3 cdn.ampproject.org www.heraldsun.com.au
2 eus.rubiconproject.com tags.news.com.au
eus.rubiconproject.com
2 prebid-a.rubiconproject.com tags.news.com.au
2 static.criteo.net tags.news.com.au
static.criteo.net
2 lm.serving-sys.com secure-ds.serving-sys.com
2 p.adsymptotic.com 1 redirects www.heraldsun.com.au
2 acdn.adnxs.com www.heraldsun.com.au
tags.news.com.au
2 www.googletagmanager.com secure-ds.serving-sys.com
2 secure-sdk.imrworldwide.com www.heraldsun.com.au
2 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
2 mfad.inskinad.com tags.news.com.au
ssum-sec.casalemedia.com
2 ads.playground.xyz tags.news.com.au
www.heraldsun.com.au
2 sync.search.spotxchange.com 1 redirects www.heraldsun.com.au
2 us-u.openx.net 1 redirects www.heraldsun.com.au
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 ps.eyeota.net 2 redirects
2 ssum.casalemedia.com 2 redirects
2 metrics.heraldsun.com.au tags.news.com.au
2 eb2.3lift.com 1 redirects www.heraldsun.com.au
2 u.openx.net 1 redirects www.heraldsun.com.au
2 rtb.mfadsrvr.com 2 redirects
2 uipglob.semasio.net 2 redirects
2 ce.lijit.com 1 redirects www.heraldsun.com.au
2 assets.vidora.com www.heraldsun.com.au
assets.vidora.com
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 pixel.zprk.io tags.tiqcdn.com
www.heraldsun.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
2 bedsberry.com www.heraldsun.com.au
bedsberry.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 news-networkeditorial.s3-ap-southeast-2.amazonaws.com www.heraldsun.com.au
2 news-networkeditorial.s3.ap-southeast-2.amazonaws.com www.heraldsun.com.au
1 cdn.indexww.com ssum-sec.casalemedia.com
1 cms.quantserve.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 js-sec.indexww.com tags.news.com.au
1 ads.pubmatic.com tags.news.com.au
ads.pubmatic.com
1 api.rlcdn.com tags.news.com.au
1 379c407406341424da9c52e0b7d5a5b2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com.au securepubads.g.doubleclick.net
1 check.analytics.rlcdn.com tags.news.com.au
1 analytics.twitter.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 www.linkedin.com 1 redirects
1 au-gmtdmp.mookie1.com www.heraldsun.com.au
1 snap.licdn.com www.heraldsun.com.au
1 static.ads-twitter.com www.heraldsun.com.au
1 bs.serving-sys.com secure-ds.serving-sys.com
1 fonts.gstatic.com news.google.com
1 docbrdnxrwlkhr2sfqaftkimxsr2k1666336703.nuid.imrworldwide.com www.heraldsun.com.au
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 htlb.casalemedia.com tags.news.com.au
1 hbopenbid.pubmatic.com tags.news.com.au
1 bidder.criteo.com tags.news.com.au
1 collector.brandmetrics.com cdn.brandmetrics.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 sync.1rx.io www.heraldsun.com.au
1 edge.adobedc.net cdn1.adoberesources.net
1 image2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
1 tags.bluekai.com 1 redirects
1 beacon.krxd.net www.heraldsun.com.au
1 usermatch.krxd.net 1 redirects
1 dt.scanscout.com 1 redirects
1 image5.pubmatic.com 1 redirects
1 token.rubiconproject.com www.heraldsun.com.au
1 d.turn.com 1 redirects
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.jsdelivr.net tags.news.com.au
1 au.audience.newscgp.com au.tags.newscgp.com
1 ncg.tags.news.com.au au.tags.newscgp.com
1 cdn.adsafeprotected.com tags.news.com.au
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 ping.chartbeat.net www.heraldsun.com.au
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 pagead2.googlesyndication.com ad.doubleclick.net
1 t.adx.opera.com www.heraldsun.com.au
1 sync.srv.stackadapt.com 1 redirects
1 s.uuidksinc.net www.heraldsun.com.au
1 visitor.omnitagjs.com www.heraldsun.com.au
1 match.taboola.com www.heraldsun.com.au
1 sync-tapi.admatrix.jp 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com www.heraldsun.com.au
1 rtb-csync.smartadserver.com www.heraldsun.com.au
1 bh.contextweb.com www.heraldsun.com.au
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 cdn1.adoberesources.net tags.tiqcdn.com
1 cdn.id5-sync.com tags.tiqcdn.com
1 nebula-cdn.kampyle.com tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 static.adsafeprotected.com bedsberry.com
1 mhr.talk.news.com.au www.heraldsun.com.au
1 images.taboola.com www.heraldsun.com.au
1 sg-trc-events.taboola.com www.heraldsun.com.au
1 use.fontawesome.com cdn.taboola.com
1 edition.pagesuite.com www.heraldsun.com.au
1 origin.go.heraldsun.com.au www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
0 s0.2mdn.net Failed www.heraldsun.com.au
0 aax-eu.amazon-adsystem.com Failed www.heraldsun.com.au
0 idsync.rlcdn.com Failed ads.pubmatic.com
0 cm.ambientdsp.com Failed ads.pubmatic.com
0 c1.adform.net Failed ads.pubmatic.com
0 match.prod.bidr.io Failed ssum-sec.casalemedia.com
0 sync.mathtag.com Failed ssum-sec.casalemedia.com
ads.pubmatic.com
0 gu.dyntrk.com Failed ssum-sec.casalemedia.com
0 ad.turn.com Failed ssum-sec.casalemedia.com
0 s.amazon-adsystem.com Failed ssum-sec.casalemedia.com
www.heraldsun.com.au
0 syd-1-apex.go.sonobi.com Failed tags.news.com.au
365 162
Subject Issuer Validity Valid
news.com.au
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-07-16 -
2023-08-17		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
origin.go.heraldsun.com.au
R3		 2022-09-15 -
2022-12-14		 3 months crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon		 2021-12-15 -
2022-12-14		 a year crt.sh
edition.pagesuite.com
Amazon		 2022-09-17 -
2023-10-15		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-27 -
2023-10-29		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
bedsberry.com
R3		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
web.app
GTS CA 1D4		 2022-10-19 -
2023-01-17		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-30 -
2022-10-28		 3 months crt.sh
au.tags.newscgp.com
Amazon		 2022-01-11 -
2023-02-08		 a year crt.sh
*.zprk.io
Amazon		 2022-10-19 -
2023-11-18		 a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-22 -
2023-03-26		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
*.vidora.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
uuidksinc.net
R3		 2022-09-16 -
2022-12-15		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
metrics.heraldsun.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-17 -
2023-07-18		 a year crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
www.newsconnect.com.au
Amazon		 2022-04-09 -
2023-05-08		 a year crt.sh
au.audience.newscgp.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.dotmetrics.net
Amazon		 2022-09-23 -
2023-10-21		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
secure-ds.serving-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-05 -
2023-03-08		 a year crt.sh
edge.adobedc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-19 -
2023-11-19		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2022-06-11 -
2023-06-11		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
ads.playground.xyz
GTS CA 1D4		 2022-10-13 -
2023-01-11		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
mfad.inskinad.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.nuid.imrworldwide.com
Amazon		 2022-05-12 -
2023-06-10		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
bs.serving-sys.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-10 -
2023-02-10		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-10 -
2023-02-10		 a year crt.sh
lm.serving-sys.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-01-15 -
2023-01-13		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
analytics.rlcdn.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh

This page contains 47 frames:

Primary Page: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Frame ID: 63EB631E95839CB68B7551282FADEDB4
Requests: 178 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=UenPUnz8vca9-E_4ae8pr9x.xjEV-KpO&nonce=-r.lHEAOxaXh6nIfjMBiJRTLIm4qUM7M&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: FEDAF13BCA14879DB76143C6FE65F234
Requests: 3 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L9I5UIDF-Q-GZ6V
Frame ID: B15B5CAEC25EC42E00046509B934B178
Requests: 21 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 71EBA2C960D77D06179BFD03D7557003
Requests: 22 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: FA98A46A2F1AAB5BA8F2CCDD43F769CF
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=462871&publicationId=heraldsun.com.au
Frame ID: 430BD304E0BB652771C01E5C16CCE944
Requests: 13 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: C5CAC7511EE6057B4A0B4703E7DB5781
Requests: 3 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: E4018C509B21A6CA52C05B1FAC25C137
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 71DBD61C0587EBA696DD41EA2E129577
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: 873F93E7DA1FC86DFA5C1E950D996C4D
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: BE58BADEF7DD299F6BEA558133C998C6
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 0DF46C5C728587B6801D4D04B4ADA7ED
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: F420C470655EA17F178CA538AFFE21EF
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJa3s_vj8PoCFeJLfAodGU4NZg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7136558380504.514
Frame ID: F27A236C37ADD4D994DB136827EC1115
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIDLs_vj8PoCFUJLfAodNUsNtg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7624486489236.71
Frame ID: CD1D510E321121A04CBC64FC59D0B6A2
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 175D0CC4649025F16FB5E2BB0CD00439
Requests: 5 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 1F66D3A29AF60F4D6C29E64DA036E57C
Requests: 4 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ChumoopE2uL6tLsIjlFaXd4nTUqzTkw-~A&gdpr=0&gdpr_consent=
Frame ID: 384B4ECF0E66B54621777AB32F4D68F6
Requests: 1 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: A1056260E896F169BD7E0F621C3F3C1A
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
Frame ID: D8775AF9F9015C290668AFA6748A8DAD
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: D519F9BD7D752C9FE95BAF9E7EFE104A
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: 9FA3D623BC271A12F3C724A17192DAAD
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=e8b3d358-e78e-4c33-b377-0defa5253141&google_gid=CAESEJcqVShhduTH3_IeHERfWIw&google_cver=1
Frame ID: BDD7D7800596828954C3CDBA38C5E2F8
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Frame ID: 9E7BFAF89369654113CEBCD4BA072C82
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Frame ID: F659CDEE01F0B41224621B838120D7DA
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=e8b3d358-e78e-4c33-b377-0defa5253141&google_gid=CAESEJcqVShhduTH3_IeHERfWIw&google_cver=1
Frame ID: 2C372EA347CEE3497790754F8B650394
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e8b3d358-e78e-4c33-b377-0defa5253141&expiration=1668928706&gdpr=0&gdpr_consent=
Frame ID: 10B12710A1FA52D9A92A125533983DC9
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Frame ID: 344ACF74F04E604349AE520F4C98E7C0
Requests: 1 HTTP requests in this frame

Frame: https://379c407406341424da9c52e0b7d5a5b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D16B650A76B5CB8223453A7C4AB1B368
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSFQe51NcdSvSLDeuKkqlmfKxtiq2s9964SmDWcJMvYfOae-7qIi3A920f7QkRo4WluNhh0M1BR0xe1iwNnH6mWEx-xFCIiADE3wLgPsEaftUh0tI0vXSzAsDbd09uO_2DPbc-piw-IZ1TEW3cPHGVt_GKc8pqEN3_AnwFDiPOlrzf1y7M-wmwjxVWlqc1ki7zGQTkWDMIuw3O5PFtGMWajhp18apNi_1_WAU9z81JJ6_LCBsLIrqzaQf0D9tOZfvXSPGY3ZR0v_lvnnUnvyT2WYO0ZuHtcuAwErGYnlvFJrnYkjqAKfYBvgLAz8bxFw&sai=AMfl-YRFQ61b5HADnENy6Gt55fIIhQ_jli_Mp6OJemuqRW8WUZ3oPbbwXKk2xM7AjsFVvK7ZcHlDKYDgwuxNx-QbTcifGIlcpS4izvhFYLbvQxOZdTabGhSxj6r2SrTUHF-tlw&sig=Cg0ArKJSzJnLoy5OVtAJEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E0959D6EA818C274E57BA948A797D49A
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzhaWWmitClsg5Ohq6RgC-BM-Fyx3bQONcPlQ4cG9kJrpQ9E5QPxw_mmdpwCEsYwxx0pd-htedumT9OoAM-cpiwzLDcxMS1_9MksFdBdr2fc5xvf_Y-vs7eR_uw7Uswt9nvkK4XQ-KefJVAExkBv6wQjY_-5DxuZ8A8jjjkPx6pvolc262wM-dcKy94vQ8B4JE5NRBPYqJNOaW2qDKT73s82seqavRXLiWrgIuX9e9BVKoIyI9HnNZ8SNTw9ZE3OJIO5GxtivUyX0wect533OcL19BLGVbRMv-a496qxZdlem6OQDF9AKnDwT-ZPo25A&sai=AMfl-YToW21cwZt5pmuf70TUv9_MgbcAnOmLkxBBIui3VK9MTiXc60iZPglGNJ9qkuw8eieLJ9uTMNzl99F-0hTcuf-jHVzAaEqCmBn0YRNr7q-KtzVa5E4iHxPGN_pdyWdmWw&sig=Cg0ArKJSzO2leT1jASjxEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2B6B2F17DC29B4B1D00CB86AEB93D419
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBuznzNb-VuWb2VsFy0WdzsqnoXzOjP5acsZnA15NXIcF5vTk28o2vLS3vGnMNiq_PRgxCOjUNWtFQrwsP_miuFrcf295gbKDh-2ovQ0NCoe9H53tGkauFFfdv5rYQR3DGKgN_C_MGXrIKQCcUgaoM3N5jGzfkNByQp0lpHP9veYbfVP27eGZrkSScIGAUksXDVpQrXUg5R335M6N9m7Lbg3rYPdwOgt9mn1iX8YRbHWgPZb6AEzQg52-vsy2Ad_7E9D5HuBbF9Vu6JhqvWb51C6mvSI7tKWCxHoQDQD44wGYUb9np6BPj0dqk6tXNMg&sai=AMfl-YTC8lnQ3RjUEo8CbZAA9C9lW4J_jaH6RS6DB0SLwK1QY7ZK-9K7ClfBLpg3E6ZZvda0CwRTX3tSID3EkE154B1JJYps5oxD--sV1TbZ-sCLZHQJ81nBHK3gNSV2VyGZcw&sig=Cg0ArKJSzLtsHBlN8RpNEAE&uach_m=[UACH]&adurl=
Frame ID: B69396664D3797EC3DDE347171F34E1D
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWSotLXZbc-tP9cam2CDb66kXGfmelZfwMjc_8OIbD8-0tsOMK9iY5KM2UhbH0f-FFC3tyUOzq2pd24hEUIHgPJ-toqMTc-cdI1OriV8y2g-vrMqVZZnU54gBfK1x7ZlMwoTVD9Te4oHWfgIUWdUrcoAcrJbFjAl5gVE5jJoCTeeO5QfnsMq9nMxOrA3yFIdmMBrSrn-_mCmjBeN9FubfbMY-Am4DB-P8EBMQDi-0SZ17oZom1u0SjD3gv-dx_G4W5zTXhtGKaZ2mzCXW3Gv7guDqZmD_TdliLRgR2xeTe1hJOwVQlLcX_FvS8H69iyA&sai=AMfl-YSj6vIv4ir1fipYNn_UTyXp8cBjzFfRFOMWsiMwewGqhKXSW8uaeXCnrib_WFsTXisGhmp6zM7JZPTFJRnpgeK14ZVSoHslcUny8F-yb69JEkok5jVyubSP7CBa0z14bw&sig=Cg0ArKJSzE154I8jixAYEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B4CB168D5367F7B74D99C51189F86BD0
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: C91AADF1859CFB842AAD8D6E9F446635
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 844569814E631F20E60B5F2B6A017CC4
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 09235D25D7B4616F2F03524B575A06EE
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BB84634A883338AC871E21F7F2CBB9B8
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Frame ID: A32F9B1C0B0753C667A08BFDF340D59F
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 2BAD8BFBF8127191259F76077F07DD3A
Requests: 10 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138407741791&pubOrder=2553375348&cb=1537156564&custom=homepage&custom3=168400391&adsafe_par&impId=8cccec6c-5110-11ed-a2af-0264d93e907e
Frame ID: 9DF21EDC003712D1F595C9D5812831E6
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=0FFC6740-17D0-4085-9D95-FD2F5BDB5BCC
Frame ID: EF68CF890E626E741408326A248A1F2B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ffd16352-47c5-4700-8592-83221c587532&gdpr=0&gdpr_consent=
Frame ID: 1D4009A4B749FDB518BB22070FCDF23D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1JHvAAB7aM5RAAr&gdpr=0&gdpr_consent=
Frame ID: 00C078BE23AAA978E3DA192189B7A59F
Requests: 1 HTTP requests in this frame

Frame: https://cm.ambientdsp.com/cm/send?vc=pmj
Frame ID: 3CC461ED39FE4E96D1DEDCBAB8CC9AEA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B23FAQVpkwYcbJFRU2rdUAhvwVIcbMUHAmpofNqP
Frame ID: 6E0B1E7DB3663E1D6F16C7612F45FD82
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4556601905268206534&gdpr=0&gdpr_consent=
Frame ID: 43144BBF6A28CC78B8FC2756A29DEB42
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=211156751&chanId=171638111&placementId=6137590224&pubCreative=138409096256&pubOrder=3099570905&cb=1180514138&custom=homepage&custom3=168400391&adsafe_par&impId=8cccec6a-5110-11ed-a2af-0264d93e907e
Frame ID: 734A8A03AD1333E59E1E9034AEDF55DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Herald Sun | Breaking News and Headlines from Melbourne and Victoria | Herald Sun

Page URL History Show full URLs

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&166... HTTP 302
    https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

365
Requests

78 %
HTTPS

0 %
IPv6

95
Domains

162
Subdomains

112
IPs

11
Countries

3392 kB
Transfer

9013 kB
Size

146
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&166633668922636289 HTTP 302
    https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1666336692993&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1666336692993&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
Request Chain 105
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L9I5UIDF-Q-GZ6V
Request Chain 106
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJBVV0tFiDceWiWOTBA4nDQ&google_cver=1
Request Chain 108
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
Request Chain 109
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e8b3d358-e78e-4c33-b377-0defa5253141
Request Chain 110
  • https://ce.lijit.com/merge?pid=42&3pid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 114
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=0cc07d74-3174-47b9-9e86-97c3009e8b63
Request Chain 115
  • https://id5-sync.com/s/464/9.gif?puid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F6%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F6%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/6/2.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
Request Chain 116
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1 HTTP 302
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dbidswitch%26bidswitch%5Fssp%5Fid%3Dtaboola%26uid%2Dset%3D1%26auid%3D HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1&auid=048caf2c-480a-41c2-8859-170df00cd06f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=96&user_id=DmrO-3DJSmue-Wg&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=60ca4cbf-e072-4758-8229-0c9a732c458e
Request Chain 117
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=717308f6-e304-4299-a9e0-dcf9185eb43a HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=717308f6-e304-4299-a9e0-dcf9185eb43a&tbid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&query=taboola_hm%3D717308f6-e304-4299-a9e0-dcf9185eb43a&isDirect=0
Request Chain 119
  • https://eb2.3lift.com/xuid?mid=7772&xuid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 122
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=fPU_QfvZRn1IsYwGjzAGFK310YE
Request Chain 125
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=b59d3c1f-1262-4aa9-be05-7539b070a7af
Request Chain 131
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1666336695894 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1666336695894
Request Chain 139
  • https://cm.everesttech.net/cm/dd?d_uuid=77688079296075721740729129481305816947 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1JHvAAB7aM5RAAr&d_uuid=77688079296075721740729129481305816947
Request Chain 154
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=4556601905268206534
Request Chain 155
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=4273321647021922134
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Nzc2ODgwNzkyOTYwNzU3MjE3NDA3MjkxMjk0ODEzMDU4MTY5NDc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIofk5NGVZhv-wzp20pdeE4&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 160
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=e8b3d358-e78e-4c33-b377-0defa5253141
Request Chain 161
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
Request Chain 162
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1JHu7a3Dx9xUVjqxdRI8QAA%264717
Request Chain 165
  • https://dt.scanscout.com/ssframework/uid?UIAA=77688079296075721740729129481305816947&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-143768f338df5f9c091220181e908930
Request Chain 167
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=77688079296075721740729129481305816947&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=77688079296075721740729129481305816947&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 170
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=77688079296075721740729129481305816947 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=77688079296075721740729129481305816947
Request Chain 171
  • https://tags.bluekai.com/site/43981?id=77688079296075721740729129481305816947&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 172
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=Y1JHvAAAAgmc6AAT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTFKSHZBQUFBZ21jNkFBVA==&_test=Y1JHvAAAAgmc6AAT
Request Chain 173
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y1JHvAABmjcXIAAW HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y1JHvAABmjcXIAAW&expires=90&_test=Y1JHvAABmjcXIAAW
Request Chain 174
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y1JHvAAB7aM5RAAr HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1JHvAAB7aM5RAAr&_test=Y1JHvAAB7aM5RAAr
Request Chain 175
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=Y1JHvAAAAgmc6AAT
Request Chain 176
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y1JHvAAAAgmc6AAT HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y1JHvAAAAgmc6AAT
Request Chain 177
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1JHvAAB7aM5RAAr
Request Chain 178
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y1JHvAAB7aM5RAAr&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y1JHvAAB7aM5RAAr&img=1&__user_check__=1&sync_id=8b4adff3-5110-11ed-90ff-17a1ae810107
Request Chain 179
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y1JHvAAB7aM5RAAr&t=2592000&o=0
Request Chain 180
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
Request Chain 190
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=462871&publicationId=heraldsun.com.au HTTP 301
  • https://news.google.com/swg/ui/v1/serviceiframe?_=462871&publicationId=heraldsun.com.au
Request Chain 227
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7136558380504.514 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CJa3s_vj8PoCFeJLfAodGU4NZg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7136558380504.514
Request Chain 228
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7624486489236.71 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CIDLs_vj8PoCFUJLfAodNUsNtg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7624486489236.71
Request Chain 231
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e8b3d358-e78e-4c33-b377-0defa5253141&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=e8b3d358-e78e-4c33-b377-0defa5253141&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=e8b3d358-e78e-4c33-b377-0defa5253141&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ChumoopE2uL6tLsIjlFaXd4nTUqzTkw-~A&gdpr=0&gdpr_consent=
Request Chain 247
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1666336705906&url=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1666336705906&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1666336705906%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1666336705906&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true&liSync=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ac6f64ab-f21e-46e7-8c4f-35962f6f8be8 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ac6f64ab-f21e-46e7-8c4f-35962f6f8be8&_expected_cookie=0a029f603cb7395ac0412cd33cce8a9a
Request Chain 261
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZThiM2QzNTgtZTc4ZS00YzMzLWIzNzctMGRlZmE1MjUzMTQx&gdpr=0&gdpr_consent=&ttd_tdid=e8b3d358-e78e-4c33-b377-0defa5253141 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=e8b3d358-e78e-4c33-b377-0defa5253141&google_gid=CAESEJcqVShhduTH3_IeHERfWIw&google_cver=1
Request Chain 262
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=e8b3d358-e78e-4c33-b377-0defa5253141&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Request Chain 263
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=e8b3d358-e78e-4c33-b377-0defa5253141&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZThiM2QzNTgtZTc4ZS00YzMzLWIzNzctMGRlZmE1MjUzMTQx&gdpr=0&gdpr_consent=&ttd_tdid=e8b3d358-e78e-4c33-b377-0defa5253141 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=e8b3d358-e78e-4c33-b377-0defa5253141&google_gid=CAESEJcqVShhduTH3_IeHERfWIw&google_cver=1
Request Chain 267
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=e8b3d358-e78e-4c33-b377-0defa5253141&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Request Chain 307
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=4556601905268206534
Request Chain 315
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0gua6Xwe3vV0aMYlr-XVU&google_cver=1
Request Chain 316
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1JHu7a3Dx9xUVjqxdRI8QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJXc6ENeRNbIMWGori60-BA&google_cver=1
Request Chain 318
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4556601905268206534
Request Chain 320
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=8xmmUPEd8FfoGqFQ_Ey-VPBOoFToSasBoUzGoAOD
Request Chain 321
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_635247c55dc7b&knw=0
Request Chain 325
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
Request Chain 326
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB
Request Chain 327
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=3C47F33B6C8F4C98A96EC531F9EBF7F6
Request Chain 329
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0gua6Xwe3vV0aMYlr-XVU&google_cver=1
Request Chain 341
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ffd16352-47c5-4700-8592-83221c587532&gdpr=0&gdpr_consent=
Request Chain 342
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1JHvAAB7aM5RAAr&gdpr=0&gdpr_consent=
Request Chain 344
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B23FAQVpkwYcbJFRU2rdUAhvwVIcbMUHAmpofNqP
Request Chain 345
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4556601905268206534&gdpr=0&gdpr_consent=
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=D_xnQBfQQIWdlf0vW9tbzA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 349
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEZGQzY3NDAtMTdEMC00MDg1LTlEOTUtRkQyRjVCREI1QkND&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC268UEu4xB1r27BjVYEc-s&google_cver=1
Request Chain 351
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0F79FDE0276B4E6281D630D8DAE8CC61
Request Chain 353
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e8b3d358-e78e-4c33-b377-0defa5253141
Request Chain 354
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e8b3d358-e78e-4c33-b377-0defa5253141&gdpr=0&gdpr_consent=&expires=30
Request Chain 355
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlJNVVJREYtUS1HWjZW
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIxZvvVJsPH-h_-SQ47NQvk&google_cver=1

365 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heraldsun.com.au/
Redirect Chain
  • http://www.heraldsun.com.au/
  • https://www.heraldsun.com.au/
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&166633668922636289
  • https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
531 KB
94 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
70f92168133886302a94ef998f1c2f37c35fef164b0ad42f2fe821935d8b20a2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 07:18:11 GMT
expires
Fri, 21 Oct 2022 07:18:11 GMT
host-header
a9130478a60e5f9135f765b23f26593b
is-https
true
pragma
no-cache
server
nginx
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 543869 0 pmb=mTOE,4
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3db41fdad1ee972853801a1edf83b61665-1666336690&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=b41fdad1ee972853801a1edf83b61665
x-bpath
OLD
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options
nosniff
x-opw
4
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
sin1 0 2 9980
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-xss-protection
1

Redirect headers

cache-control
max-age=816
content-length
154
content-type
text/html
date
Fri, 21 Oct 2022 07:18:10 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1652934576.471666"
location
https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
server
AkamaiNetStorage
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
275FEC52742BD6B3
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=475056
accept-ranges
bytes
content-length
11472
x-amz-id-2
IVnTIaUhKHXQir+Znof6dy37oHqsxU5oLNTbsgCQSwUsi/yxeEd2fckGsI5WAk0gjMs/U4ujn1Y=
expires
Wed, 26 Oct 2022 19:15:48 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
45848B4AA7DC4868
etag
"ad24be3fafec705de20c00e56afe05ae"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=63887
accept-ranges
bytes
content-length
12052
x-amz-id-2
romzxQzdw/EtyocjUv4Yb6IcUsxbsLC7IQJ97xaM37jA51fZfXYpM06R7S477KI+0aMA0Ss1vmw=
expires
Sat, 22 Oct 2022 01:02:59 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
XE608XH2JQPY9M4C
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=368611
accept-ranges
bytes
content-length
12440
x-amz-id-2
xtS5X8zqfRWWlpi1B3sMWw57xMMm9nFysXQEZ0JUxoJkfCtrYy1ppxityt7bve71Sq+vT1Cfeko=
expires
Tue, 25 Oct 2022 13:41:43 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
D5509D0BA22E6447
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=253354
accept-ranges
bytes
content-length
11372
x-amz-id-2
gcjYwkNeKzl/QoYd2RdSCUAMdqlAfsg+6AGakSKNgroTpc7v9Hlkk/IvTe4PnMuy1AZAyHma9WM=
expires
Mon, 24 Oct 2022 05:40:46 GMT
lux.js
cdn.speedcurve.com/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
3ee455138c5a2ac218dfaef865fb6e8131490ad85d6d63492cebc49a2b335c85

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
105
date
Fri, 21 Oct 2022 07:18:12 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
442
x-cache
HIT
content-length
7152
x-served-by
cache-syd10140-SYD
last-modified
Fri, 21 Oct 2022 07:10:49 GMT
server
Apache
x-timer
S1666336692.182264,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Oct 2022 07:10:49 GMT
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
75dc72f6edfcab5e5275c992c7f55f8f1ac3764db858c3d5babd39a7efb01add
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 21 Oct 2022 07:18:13 GMT
date
Fri, 21 Oct 2022 07:18:12 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
958
x-rq
kix1 0 2 9980
last-modified
Tue, 18 Oct 2022 04:09:04 GMT
server
nginx
etag
W/"634e26e0-879"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cfbca4ab1d4fa2f7bc61aef4ced9c3acedeb0d94cc15528b4baa313fa7b61cc5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 21 Oct 2022 07:18:13 GMT
date
Fri, 21 Oct 2022 07:18:12 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2968
x-rq
sin2 0 2 9980
last-modified
Mon, 17 Oct 2022 04:47:37 GMT
server
nginx
etag
W/"634cde69-1dbd"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 21 Oct 2022 07:18:13 GMT
date
Fri, 21 Oct 2022 07:18:12 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1537
x-rq
kix1 0 2 9980
last-modified
Tue, 18 Oct 2022 04:09:04 GMT
server
nginx
etag
W/"634e26e0-2b9b"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 21 Oct 2022 07:18:13 GMT
date
Fri, 21 Oct 2022 07:18:12 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
6236
x-rq
sin2 0 2 9980
last-modified
Mon, 17 Oct 2022 04:47:36 GMT
server
nginx
etag
W/"634cde68-7b68"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 21 Oct 2022 07:18:13 GMT
date
Fri, 21 Oct 2022 07:18:12 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
894
x-rq
sin2 0 2 9980
last-modified
Mon, 17 Oct 2022 04:47:36 GMT
server
nginx
etag
W/"634cde68-b62"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 		239 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8996ae9cba44b0fab413cefcaadaae26b43497f606ca7e2c36dd037a2633bc9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
FaKSuY9Gc3UBuPzCUwefSlH7NeXAVfh.
content-encoding
gzip
via
1.1 varnish
date
Fri, 21 Oct 2022 07:18:12 GMT
x-amz-request-id
BGP6E9VTSE3PKX2N
age
114
x-cache
HIT
content-length
35956
x-amz-id-2
APU9RbLbhxx5korNf+GUQ+rF2otSGpH44QDSDOUgYIBE0W2urwZaUcUGWdnDy0fhw4H0YTo+wdw=
x-served-by
cache-syd10138-SYD
last-modified
Thu, 20 Oct 2022 11:18:34 GMT
server
AmazonS3
x-timer
S1666336692.182744,VS0,VE0
etag
"9ddab20635321f945ad28c990ba0d6cc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
83
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
4
6f350fad
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/6f350fad
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6eb1bdb532bb20beeedc024a231ff52f7752f36ec35f7f235246cdc994f49c4c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 21 Oct 2022 07:18:12 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Fri, 21 Oct 2022 07:18:12 GMT
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-arrrg4
https://www.heraldsun.com.au/
x-opw
4
content-length
8779
pragma
no-cache
x-bpath
OLD
blaizehappened
true
etag
"11ea3ab5966209e32b6c39dcab75a232fd4284980de0995b36e5c36d9c3c40f5"
vary
User-Agent, Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f6f350fad&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=6f350fad&session=b41fdad1ee972853801a1edf83b61665
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Sat, 05 Nov 2022 11:26:16 GMT
date
Fri, 21 Oct 2022 07:18:12 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3055
x-rq
sin1 0 2 9980
last-modified
Sun, 25 Sep 2022 23:05:20 GMT
server
nginx
etag
W/"6330deb0-1f69"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1310884
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
8CFC5CF20FCCF0E0
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=241815
accept-ranges
bytes
content-length
16112
x-amz-id-2
AX9xKzvyw8F7URJ4HsRau/7gUlz9ldHtflgeH4seCCuG/IAZ+XqRAnV+hWm9j5KML9DAp3P3UaA=
expires
Mon, 24 Oct 2022 02:28:27 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
1J7K2R2S5W0QCG3W
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=369042
accept-ranges
bytes
content-length
15948
x-amz-id-2
nruS5wshl+Z53oSxuJC5+gzpa8OsRlwVDWEf/z6xyogyoJwFPbDOW+3prnciPYrDNF71xlrPNUg=
expires
Tue, 25 Oct 2022 13:48:54 GMT
dc16ab8f043aa62be3111333b0ed982d
content.api.news/v3/images/bin/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/dc16ab8f043aa62be3111333b0ed982d?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2c712f6165e664d49235ee815886694465e16fc9bdc56222ec34b25816afaa07

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Fri, 21 Oct 2022 06:58:17 GMT
server
Akamai Image Manager
etag
00a63252251a4ca17212ef8875085ded-dc16ab8f043aa62be3111333b0ed982d-650
edge-cache-tag
dc16ab8f043aa62be3111333b0ed982d
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5182730
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
35878
expires
Tue, 20 Dec 2022 06:57:02 GMT
1fa4c600496dfb144cd653570dd199dc
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1fa4c600496dfb144cd653570dd199dc?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c9a2e5dc6c0b4b9aa19a0d414a4e2387a450dc51bbf466f4623e726675b3ff3e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
x-check-cacheable
YES
edge-cache-tag
1fa4c600496dfb144cd653570dd199dc
content-length
3793
last-modified
Fri, 21 Oct 2022 06:01:21 GMT
server
Akamai Image Manager
x-serial
492
etag
1f32530fe09e928474ce881c2ca0dc93-1fa4c600496dfb144cd653570dd199dc-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5179375
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 20 Dec 2022 06:01:07 GMT
113468d9c6ca84f8c0260d052f1b89cc
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/113468d9c6ca84f8c0260d052f1b89cc?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2db566844ca97347c6446345c564d708cd701486a733c08bd1e0b9cbf596374b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Thu, 20 Oct 2022 22:26:42 GMT
server
Akamai Image Manager
etag
92f38438c8225caae022e5591311bc1f-113468d9c6ca84f8c0260d052f1b89cc-150
edge-cache-tag
113468d9c6ca84f8c0260d052f1b89cc
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5152160
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4821
expires
Mon, 19 Dec 2022 22:27:32 GMT
03f1eda0a21b600316650084f05e503c
content.api.news/v3/images/bin/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/03f1eda0a21b600316650084f05e503c?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
05468c17ecb4afc693efe2820a3b8e316fdbcb5057134e24c9b35a2622dfafab

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Fri, 21 Oct 2022 04:34:56 GMT
server
Akamai Image Manager
etag
3b459e0c6eb7d09601b7bd4e1a50f2df-03f1eda0a21b600316650084f05e503c-150
edge-cache-tag
03f1eda0a21b600316650084f05e503c
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5174298
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5488
expires
Tue, 20 Dec 2022 04:36:30 GMT
c938dfe16bb6568a1ed6e1ffcd4a6de3
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c938dfe16bb6568a1ed6e1ffcd4a6de3?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
424b06a23c2fc5c0a49e532a9d11766e3b13c4f2f3e67b3d964d791dd0ee78f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Fri, 21 Oct 2022 06:47:27 GMT
server
Akamai Image Manager
etag
e3cf36467c2f2f539b1d6c13429832d0-c938dfe16bb6568a1ed6e1ffcd4a6de3-150
edge-cache-tag
c938dfe16bb6568a1ed6e1ffcd4a6de3
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5182036
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3554
expires
Tue, 20 Dec 2022 06:45:28 GMT
8fde3b59b1b3e735db3bd547db53b82d
content.api.news/v3/images/bin/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/8fde3b59b1b3e735db3bd547db53b82d?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e893dee4c64712e807ea6c1ea3b8aa2783af6d9153662e408dfb756f3b1e7a53

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Fri, 21 Oct 2022 05:01:58 GMT
server
Akamai Image Manager
etag
321fe046846c114bb6333e2157db6e73-8fde3b59b1b3e735db3bd547db53b82d-150
edge-cache-tag
8fde3b59b1b3e735db3bd547db53b82d
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5175729
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3069
expires
Tue, 20 Dec 2022 05:00:21 GMT
1600895b0dcf4f82925a474f7d6b877b
content.api.news/v3/images/bin/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1600895b0dcf4f82925a474f7d6b877b?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
96dcaf800ca211b904e1c1a17fb4df8491c7aa08a3098f71e6e7eaefecbe27f3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Fri, 21 Oct 2022 05:00:20 GMT
server
Akamai Image Manager
etag
bf48029128e94ce3d623b5dd2db7ac54-1600895b0dcf4f82925a474f7d6b877b-150
edge-cache-tag
1600895b0dcf4f82925a474f7d6b877b
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5175622
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5340
expires
Tue, 20 Dec 2022 04:58:34 GMT
ab31d82e50cfea279770d578c41a2e69
content.api.news/v3/images/bin/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ab31d82e50cfea279770d578c41a2e69?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
04f8659b391209197fc7c37603180662b45f55c2ca1d4b4c7d21a94525ea9cf6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
x-check-cacheable
YES
edge-cache-tag
ab31d82e50cfea279770d578c41a2e69
content-length
32978
last-modified
Fri, 21 Oct 2022 00:17:41 GMT
server
Akamai Image Manager
x-serial
851
etag
06c51d83813b0ab57a8cc379150b2476-ab31d82e50cfea279770d578c41a2e69-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5158623
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 20 Dec 2022 00:15:15 GMT
64ca0bea0f2036095fd0b959f3ede56f
content.api.news/v3/images/bin/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/64ca0bea0f2036095fd0b959f3ede56f?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a5965f42761049cea307e041781eb1e5324fea4dc7d8d92019dd4c8eacfbe08e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Fri, 21 Oct 2022 06:57:39 GMT
server
Akamai Image Manager
etag
a2ae47c2db0e7ef503f2dfaf3ec939af-64ca0bea0f2036095fd0b959f3ede56f-650
edge-cache-tag
64ca0bea0f2036095fd0b959f3ede56f
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5182821
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
41595
expires
Tue, 20 Dec 2022 06:58:33 GMT
982f1a5923c5b729475772d0337c5296
content.api.news/v3/images/bin/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/982f1a5923c5b729475772d0337c5296?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b6154759228babffa545b9fbc7a0d0d0ad1bffd6b4abe2e425e61f45f10a51e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Thu, 20 Oct 2022 23:32:27 GMT
server
Akamai Image Manager
etag
0eb5e19c2d4baf9899a0a843b0f8d66e-982f1a5923c5b729475772d0337c5296-650
edge-cache-tag
982f1a5923c5b729475772d0337c5296
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5156006
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
31419
expires
Mon, 19 Dec 2022 23:31:38 GMT
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
7D7951CE58958EA3
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=359948
accept-ranges
bytes
content-length
540
x-amz-id-2
c9QV5xkLqZA3aeUA+058OxiQN9SbPZxH29WSoy5e4h/svbFFRtWq6gzsRBj8GficGxoExGdKPks=
expires
Tue, 25 Oct 2022 11:17:20 GMT
3039110453_-BOB_Generic_CVP-1.png
origin.go.heraldsun.com.au/wp-content/uploads/2022/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin.go.heraldsun.com.au/wp-content/uploads/2022/09/3039110453_-BOB_Generic_CVP-1.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.122 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9e47ed2c15b82499c44e99168ffcaa05c7a2e15ce8d035a52b2ea9bcef036f7d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
x-rq
syd3 113 149 443
last-modified
Wed, 28 Sep 2022 02:44:57 GMT
server
nginx
etag
"660f834e8f7b259f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10168
expires
Thu, 28 Sep 2023 02:44:57 GMT
rea-logo.png
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/rea-logo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.178 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 07:18:13 GMT
x-amz-version-id
fJFk.rSD7m0my1Uc67iV0dc4uKOxz4yR
Last-Modified
Thu, 09 Sep 2021 21:17:00 GMT
Server
AmazonS3
x-amz-request-id
12BXE54MWNZQA23J
ETag
"731035d55715734eff2f2a0f9afb31e7"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
28648
x-amz-id-2
iwVg0hj9nJfX/i3ONb+LWXYQgO35EqxiRXNpoymJoryUjw/uT4yS81/9dXlk/+V8Ej1QV8tiwoE=
games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.178 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 07:18:13 GMT
x-amz-version-id
mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
12BPRX7BM21AQQQB
ETag
"2fa79b1c302fa407df95b287a47e01bc"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
4533
x-amz-id-2
DjjZU9LanEpNxdPX8L7fn0gDv8mXUGwYXaghCckuoqxjL4W3Bvr6JeFtLen+5yH5NPG+PFiRohk=
horoscopes.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/horoscopes.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.178 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 07:18:13 GMT
x-amz-version-id
NaxMYGcYiBqyljIpDSJQNqEzm8yfC62_
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
12BK3ZK20Y1F27EQ
ETag
"e9dc4230a2305a0cb7743e2ade763349"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
9223
x-amz-id-2
JOKPCE12IZcobTvx55QWUWi4YZvNTpOcaf/0Man4ieHrvxyAlGG/LJ5g03wqSpV+5/vACku/yag=
braingains.svg
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/braingains.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.178 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
63919867af3995b5bdf26e6d016d1c020d0a79b7d28ba4f397065826b734f432

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 07:18:13 GMT
x-amz-version-id
BSPbSueNKMvcQ7CCwOmuub6mQNodfiBJ
Last-Modified
Wed, 15 Dec 2021 03:04:45 GMT
Server
AmazonS3
x-amz-request-id
12BTG3BJRDR464ZM
ETag
"a5e3e51d1e5816755ebf71f5ea933857"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
17305
x-amz-id-2
oOmLZy1vrvfWAgJcQ5dxsPI8Z54z3AtY6CwQvRZBF4CR1FDFhz+Ae++QWtjIAwDSFZu1BXPyRzY=
get_image.aspx
edition.pagesuite.com/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edition.pagesuite.com/get_image.aspx?pbid=38d72c05-d55e-479e-a6ea-985d57be1901&h=400
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-109.sin2.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fd2c647c1e5d819e20c05b48e06217b99d58ad410396771ad7b949ef92cdfa0a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:13 GMT
via
1.1 bdcb0966d6e5d28eb31a406298268896.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 23:28:58 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-amz-cf-pop
SIN2-P1
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
private
x-amz-cf-id
yuCvqF6l1mriUh22UMbZn26qiih9GnsrRvJugBUrpTFcmIsop3mfqw==
heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Sat, 05 Nov 2022 11:28:26 GMT
date
Fri, 21 Oct 2022 07:18:12 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2891
x-rq
sin1 0 2 9980
last-modified
Sun, 25 Sep 2022 23:05:20 GMT
server
nginx
etag
W/"6330deb0-1e5e"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1311014
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
0CFAD35F585CD25F
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=199954
accept-ranges
bytes
content-length
535
x-amz-id-2
/dMDWimqjNaN3Tcwf330wcepiHJ85rowGvlxWAI4XFDCzqgpfSqU6umPtJ3+EDdM8Cd02euf6XA=
expires
Sun, 23 Oct 2022 14:50:46 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:12 GMT
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
HBSM65NXW692RVP6
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=418190
accept-ranges
bytes
content-length
586
x-amz-id-2
u7f7Gi68iGJY0DiRegO0fNtiPTUOatAsJ44BUTin/3jhqu4YfC+TUH48SPBNhy8NBinMhmKQtr4=
expires
Wed, 26 Oct 2022 03:28:02 GMT
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css?ver=v0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 21 Oct 2022 07:18:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
etag
"53dcef6f9171cfd3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 21 Oct 2022 07:18:12 GMT
/
www.heraldsun.com.au/_static/ 		98 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZmZmBpaWFsWUWAK/EIjE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Fri, 21 Oct 2022 07:18:12 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
100749
x-rq
sin1 0 2 9980
last-modified
Tue, 18 Oct 2022 13:30:39 GMT
server
nginx
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 21 Oct 2022 07:18:13 GMT
adblock.js
tags.news.com.au/prod/adblock/ 		102 B
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
application/x-javascript
date
Fri, 21 Oct 2022 07:18:12 GMT
cache-control
max-age=9246
server
AkamaiNetStorage
etag
"bebf5f8dc74222b04669a0854d13b696:1634099175.124073"
content-length
102
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
load.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 21 Oct 2022 07:18:12 GMT
x-amz-request-id
PX8KA6TTQJ71451Y
age
244
x-cache
HIT, HIT
content-length
1123
x-amz-id-2
kB6hDs6OePhIkLgivlRQ9twXfEYYoXdQkPyJbmuOlb8McYTT6MAErDcwXXBa/05yTqjCF/YwACo=
x-served-by
cache-lax10664-LGB, cache-syd10151-SYD
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1666336693.600715,VS0,VE0
etag
"1a868d280f9424f5d82876d6cf0c46b9"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
2, 10
impl.20221020-6-RELEASE.js
cdn.taboola.com/libtrc/ 		688 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20221020-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c6cce6beb8587b0075a75db191541a7370f872c50bcf924bc94d705e5af45cef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
lJkxnv595Wu.gVAqlBuJEnC38eN6BMRz
content-encoding
br
via
1.1 varnish
date
Fri, 21 Oct 2022 07:18:12 GMT
x-amz-request-id
WZSHGNA2VJW6VA5W
age
14764
x-cache
HIT
content-length
145799
x-amz-id-2
z2m1RZi+iCE5+9GWTg9o/5bRSMiNjhu4BouFh33EX4dG+TEgTXJN89+3YTiQdN9nRBOCC8uOdk8=
x-served-by
cache-syd10138-SYD
last-modified
Thu, 20 Oct 2022 11:12:08 GMT
server
AmazonS3-br
x-timer
S1666336692.397923,VS0,VE0
etag
"843237e8a641bcdbbdbd25e0be3eb694"
vary
Accept-Encoding
content-type
application/javascript
abp
3
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
14255
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-55.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 12:34:05 GMT
content-encoding
gzip
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
72907
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
hYq7T1ApY-FoH-NYB8ulygyViGWtkl3r8_g332l5gzZzginEhXcqDA==
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.133.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
56VJA3RSAAEG4BTK
age
1142431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
aj0wInNBgUhB4eh9HkhR+XD4sY/t0Vkt4vaBy7JDNCsruZrk5ed3qJP9SQ+iSI5DDNrVOC423gQ=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvmMo2CWv1etGoQHbnrLkasTe27M5OoOOCgJsnMSxU5ebN0tcmKT8LlTQG8zK85p2YfVUJ6IF0SHdt3PSHLNVvDk6AKkebvrTXY0TQnsnscZDz%2F2Kmjrg%2FILnyniB%2F6ujCrlDZre"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
75d837cc4bad2e98-SIN
pmk-202003261.4.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 21 Oct 2022 07:18:12 GMT
x-amz-request-id
CBJAXHHVTDDK1AH7
age
16665527
x-cache
HIT, HIT
content-length
30954
x-amz-id-2
T+SO3zzAu/vI3ID3zGGjDx2/OWdNCwfDObUAO4AV3bMqhIR2V9jGe9Y4TcERARxY+Vu0wOuMQqY=
x-served-by
cache-sna10723-LGB, cache-syd10151-SYD
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1666336693.795015,VS0,VE0
etag
"b7fcedf037c57085d364b689ca46f32e"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1929
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1666336692993&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20a...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1666336692993&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20...
0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1666336692993&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.33.88.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-55.sin2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:13 GMT
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
wD75lnOHNdEuhoedsf3ItBl2FWiAufM2-nO1IqgZIqBd7gs84-mtHg==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1666336692993&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
date
Fri, 21 Oct 2022 07:18:13 GMT
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
content-length
0
x-amz-cf-id
XqRtVRFh3LZprcYYEeX_cafyoRdZKsdJXOXu-f8e5kmY5ptEFOTSMg==
x-cache
Miss from cloudfront
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
cce51e57845474d4ff0ae3082f484cac92183d9d89c0e8235378e834d17710e0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 21 Oct 2022 07:18:13 GMT
x-datacenter
gce-us-west1
etag
"5486e2f7d791c7e3ac63c284acfcaf1125d0bc2cb254493b6ff68a32d1260884"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-west1-spot-0x9d
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
661392823
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=07%3A18%3A13.058&lti=deflated&data=%7B%22id%22%3A216%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1666264700129%2C%22vi%22%3A1666336693056%2C%22cv%22%3A%2220221020-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11860%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A1290.671875%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221020-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f887f7a656fdd9e71e07d97ed3b5248d1afb4a00e63c92bf5762985852d2cc33

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
187
date
Fri, 21 Oct 2022 07:18:13 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-syd10138-SYD
server
nginx
x-timer
S1666336693.112005,VS0,VE187
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 21 Oct 2022 07:18:21 GMT
date
Fri, 21 Oct 2022 07:18:13 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
74
x-rq
sin2 0 2 9980
last-modified
Mon, 17 Oct 2022 04:47:37 GMT
server
nginx
etag
"634cde69-37"
vary
User-Agent
content-type
text/css
cache-control
max-age=8
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		277 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Fri, 21 Oct 2022 07:18:13 GMT
server
AkamaiNetStorage
etag
"b4a3b9b58bfcfee5da16aa61754376ea:1658294497.988769"
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=781
is-https
true
x-opw
4
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 21 Oct 2022 07:31:14 GMT
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
098d0c759acc49ed9d0fb0e7d8a1e3676e8eed1898d5d6cf06395f683f0ef1f4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 21 Oct 2022 07:18:47 GMT
date
Fri, 21 Oct 2022 07:18:13 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
29735
x-rq
sin2 0 2 9980
last-modified
Mon, 17 Oct 2022 04:47:37 GMT
server
nginx
etag
W/"634cde69-180c7"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=34
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 21 Oct 2022 07:18:33 GMT
date
Fri, 21 Oct 2022 07:18:13 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2149
x-rq
sin2 0 2 9980
last-modified
Mon, 17 Oct 2022 04:47:37 GMT
server
nginx
etag
W/"634cde69-1973"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=20
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 21 Oct 2022 07:18:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
etag
"53dcef6f9171cfd3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 21 Oct 2022 07:18:13 GMT
amp-story-player-v0.js
cdn.ampproject.org/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
66ecd9d913510bd0c55550a3a627be2f8e355e77fab145021cd82ed1778202d5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 21 Oct 2022 07:18:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16098
x-xss-protection
0
server
sffe
etag
"eb8cd37e8ed3ad85"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 21 Oct 2022 07:18:13 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
userx.20221020-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20221020-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a694cff962fd2ccaa8496264e1270c0b4f3faa7bc3c9cc600d20fd4163b1bf3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
GmujQBghrrmGVmUeKhTA7zcZ8NQOBkAy
content-encoding
gzip
via
1.1 varnish
date
Fri, 21 Oct 2022 07:18:13 GMT
x-amz-request-id
M8RY0DSDXCQ92XHS
age
37
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5396
x-amz-id-2
sCFtRwfZRXvr6B9U7JrNp+AqgoJx2b2eIKE2RmixnQBEnHxCV2X05hbxHFEbhZQJGjpetI+n51U=
x-served-by
cache-syd10138-SYD
last-modified
Thu, 20 Oct 2022 11:22:05 GMT
server
AmazonS3
x-timer
S1666336694.822400,VS0,VE0
etag
"a626d23dae5d4d1875a69c5d31f31b6a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
61
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
9
social
sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=HK:SG:V&lti=deflated&ri=4777710eaeefddfbe81d062b1489063c&sd=v2_cf2362f619eb4d84cbd3d3339b66f0fb_8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35_1666336693_1666336693_CIi3jgYQgPNHGMC2oMu_MCABKAEwEDiu_QZA8IUQSOaS1wNQlZoCWABgAGi0ovD79tOEkd4BcAE&ui=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&pi=/&wi=873729681997272865&pt=home&vi=1666336693056&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=07%3A18%3A13.367&id=956&llvl=2&cv=20221020-6-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 21 Oct 2022 07:18:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
output-onlinepngtools.png
cdn.taboola.com/static/impl/png/ 		433 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/impl/png/output-onlinepngtools.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
AAyhRafOuktzn.f74Q8OqW.nPL5_HaO.
date
Fri, 21 Oct 2022 07:18:13 GMT
via
1.1 varnish
x-amz-request-id
7DASVJ1H3X18PHY6
age
25154
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
433
x-amz-id-2
EdDgsCi1ANPBZkcG+Gks2WKSvDtIMGejcE9k6aQEmf20VndqdcFZ0pEWOHBbO4f65FaaQtA7vcM=
x-served-by
cache-syd10138-SYD
last-modified
Mon, 15 Feb 2021 03:14:25 GMT
server
AmazonS3
x-timer
S1666336694.926064,VS0,VE0
etag
"85ce6ba53f1b4531a8d6ea8389d13cf7"
content-type
image/png
abp
61
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
274
MHGTP_A2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.news.com.au/wp-content/uploads/2022/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.news.com.au/wp-content/uploads/2022/10/MHGTP_A2.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
79a9b0fad267507bb86a9228ccae612e80fa2c2c2675bb549a05292394b237fa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 21 Oct 2022 07:18:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.news.com.au/wp-content/uploads/2022/10/MHGTP_A2.jpg
age
1293202
edge-cache-tag
437661541799935023575409277037436713749,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
cache-tag
437661541799935023575409277037436713749,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
281
req-referer
https://www.couriermail.com.au/
content-length
8718
x-request-id
55b5817bd7d1b9809c806a3efd96cf26
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000106-IAD, cache-iad-kcgs7200152-IAD, cache-lga21926-LGA, cache-iad-kiad7000087-IAD, cache-syd10138-SYD
last-modified
Thu, 06 Oct 2022 07:02:58 GMT
server
nginx
x-timer
S1666336694.044151,VS0,VE0
etag
"21980423db7f5e0f5d0716a683b84f9b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 55, 25
comments-count
mhr.talk.news.com.au/api/v1/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=b59cbd563d4932a3bb6b4d9f8cd3969c,0c8c9d2111bf75a2f9c8576c62afcb1f,21130e5646aad75793496fdd24cf21d6,daea3456d5af9b82c14e135362388655,dc342e23fe7b589f8d845efe041484c5,47ba8913686469401391cc1586d93307,7e9ff765f4aae35d10409ea57be5e050,1c683c18eb3828d65a1d180ad6243133,5355ae5db7f2dac5bf51824a99677e7e,5ab160c59c793c696e954e2876bb57e4,313deec7e473629614e8a4407bb7286e,7247fb89e4a136480e6df3c7ed59027b,cdc57688213b035a43864a3610e548a5,78bdbfee678af90e2016c8d94a85248c,9f1bda51c10830c68805ecc62d959894,1c5347e215b0d34e7b05788abd7f4ee6,cf5606c1eedcaa90e0c8f89c4f36f328,63e31edeec84eadb8ea38676996e6cef,44193896eda81c034de65b02e1b65d04,98caea824a965fb7140ef03c570358a6,747df2207c2d730835345d46cfa7b441,25551b0a9eb4b1efa1e3b3b09b5bfa2a,90df82b1913e4f8a773ee0237210966c,5e4e444c6d0f47291acf1a8a3797e47b,0e2aeac7785e3fd55d6b35ec4b7c1671,fdf73a476dec1323a5b4c6033ac399b5,a9e03f1f87768959386c65c0a7cd479b,25d6d61eacd417dfb67a868929ec7fbd,f4f65e62257802c260feab44fcba6c67,7d4a5a16f430b8f2f976674559f086d1,66fc21b307a09d37e454a2fb9e2cb471,a7da920a3857e55f4e4375caa3e3062b,a018ac2b580c483ecc9a11d1c72267bf,bd821a50e166fda0d477919b0c13761c,fe9177aeb4080110544476ac0f9d5c14,fc2f992072633ba776f489d8d3959ade,f17cd3357700da6fb82f3d2be5172028,c8766caf6ba8ac23cacb9b23cf357afe
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
f7cc498562d2ae83a144e0ba1d56bc415bbfb5ae5e6bceb0a6f9cec10d93a45c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Oct 2022 07:18:14 GMT
server
nginx/1.20.1
etag
W/"58d-70QC518lCsrfsNgHa2HzuW1VlGI"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
8c2d9430-510f-11ed-a80d-df7d03e971d3
content-length
812
x-xss-protection
1; mode=block
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
277ba12bf62340b1b206fe667f5740223c0d7641137e277726c8c87707952742
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Fri, 21 Oct 2022 07:18:13 GMT
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1697
x-rq
sin1 0 2 9980
server
nginx
vary
User-Agent
allow
GET
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=24
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 21 Oct 2022 07:18:37 GMT
1c9d4dd425b6fd22c8f6d473f1f7246b
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1c9d4dd425b6fd22c8f6d473f1f7246b?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b0dde663e56fd874be977f8e8965a6a0ec4a975edf3f90f75db9357992f6596e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:13 GMT
x-check-cacheable
YES
edge-cache-tag
1c9d4dd425b6fd22c8f6d473f1f7246b
content-length
5779
last-modified
Thu, 20 Oct 2022 23:29:56 GMT
server
Akamai Image Manager
x-serial
1417
etag
a9c9463928d5db700b355fc3c9b8962a-1c9d4dd425b6fd22c8f6d473f1f7246b-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5155828
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 19 Dec 2022 23:28:41 GMT
8d0f37fda86f7d62b526a5b3865619fd
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/8d0f37fda86f7d62b526a5b3865619fd?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
dd90aa1d33b85e1f44cfb13f5786ddeac4417f948a706ef5f48b6c7fd0bb09ff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:13 GMT
x-check-cacheable
YES
edge-cache-tag
8d0f37fda86f7d62b526a5b3865619fd
content-length
3491
last-modified
Tue, 18 Oct 2022 21:37:34 GMT
server
Akamai Image Manager
x-serial
640
etag
b180bf20a9cf4176b3c71877879a98dc-8d0f37fda86f7d62b526a5b3865619fd-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4976316
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 17 Dec 2022 21:36:49 GMT
4a976a1d27bbf39cf56b3316b615a5cd
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/4a976a1d27bbf39cf56b3316b615a5cd?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b198702ad4dd80291b87e36b9a35bf38c7a405e76ed29660dbfe3ac336e241c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:13 GMT
last-modified
Sun, 09 Oct 2022 22:53:53 GMT
server
Akamai Image Manager
etag
1b44bc507868afd24ca3771e25e97e88-4a976a1d27bbf39cf56b3316b615a5cd-150
edge-cache-tag
4a976a1d27bbf39cf56b3316b615a5cd
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4026546
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4597
expires
Tue, 06 Dec 2022 21:47:19 GMT
authorize
login.newscorpaustralia.com/ Frame FEDA 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=UenPUnz8vca9-E_4ae8pr9x.xjEV-KpO&nonce=-r.lHEAOxaXh6nIfjMBiJRTLIm4qUM7M&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.97.250 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-97-250.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
4d584e2ade180efc39ee1a784a916d173dac9ad3aa4c5596e4542456330f7be0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
75d837d47e4280c9-NRT
content-encoding
gzip
content-length
804
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Fri, 21 Oct 2022 07:18:14 GMT
expires
Fri, 21 Oct 2022 07:18:14 GMT
ot-baggage-auth0-request-id
75d837d47e4280c9
ot-tracer-sampled
true
ot-tracer-spanid
202ba6a4436ba73d
ot-tracer-traceid
735db150015d012a
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-202ba6a4436ba73d-0000000000000000735db150015d012a-01
tracestate
auth0-request-id=75d837d47e4280c9,auth0=true
vary
Accept-Encoding
x-akamai-transformed
9 539 0 pmb=mTOE,3
x-auth0-requestid
129ea8492cace7ee2f3f
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1666336695
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.153 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-153.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9c3f3e3a92851510d35e3925f9974ef2fa291b988bfc206f93f75782641a7cef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:14 GMT
content-encoding
gzip
last-modified
Mon, 10 Oct 2022 03:44:56 GMT
server
AkamaiNetStorage
etag
"ab3cd326d66a657c84c1d367ff0fd072:1665373496.039565"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1552
expires
Fri, 21 Oct 2022 07:23:14 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		81 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.153 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-153.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b8051b699814854101bcef9e76eae29fd82782892473478215e7a8d63891bf78

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:14 GMT
content-encoding
gzip
last-modified
Mon, 10 Oct 2022 03:44:55 GMT
server
AkamaiNetStorage
etag
"8182e94712ffbcdc04005f2c2f1606ec:1665373495.865001"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
21263
expires
Fri, 21 Oct 2022 07:23:14 GMT
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		191 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f13fa6991b1cf663c289c9288465a7bbafc60118b9804fb9147737cd34adaa22
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 21 Oct 2022 07:18:15 GMT
date
Fri, 21 Oct 2022 07:18:14 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
45685
x-rq
sin1 0 2 9980
last-modified
Wed, 19 Oct 2022 05:57:31 GMT
server
nginx
etag
W/"634f91cb-2fc56"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
625537f8f068a9025a4035488041f0ab07889bacd3e572ef7a2dc4141ecf1080
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 21 Oct 2022 07:18:15 GMT
date
Fri, 21 Oct 2022 07:18:14 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3398
x-rq
sin2 0 2 9980
last-modified
Mon, 17 Oct 2022 04:47:37 GMT
server
nginx
etag
W/"634cde69-215f"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
87fec1cb3d1121bab86b5829308c0b86
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/87fec1cb3d1121bab86b5829308c0b86?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
3fea50dfd4cc4c109d86ba77cbb516a24d39c8cd70fa5d91db2ef66c6037a17e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:14 GMT
x-check-cacheable
YES
edge-cache-tag
87fec1cb3d1121bab86b5829308c0b86
content-length
3452
last-modified
Fri, 21 Oct 2022 07:04:22 GMT
server
Akamai Image Manager
x-serial
1469
etag
1496d4bf67d75e135eca63e4b8e0cc89-87fec1cb3d1121bab86b5829308c0b86-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5183195
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 20 Dec 2022 07:04:49 GMT
17e62af478b80377c89440fd8f09a290
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/17e62af478b80377c89440fd8f09a290?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
96c9a396eb11c91e6a42966288fa37b34ec01a036d8cb76453ecc3451c4361a7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:14 GMT
x-check-cacheable
YES
edge-cache-tag
17e62af478b80377c89440fd8f09a290
content-length
3323
last-modified
Fri, 21 Oct 2022 06:58:38 GMT
server
Akamai Image Manager
x-serial
1562
etag
96e871eca56030634ece8171fc8e3625-17e62af478b80377c89440fd8f09a290-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5182771
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 20 Dec 2022 06:57:45 GMT
c40eb393b7a69fc062437e030c17aed8
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c40eb393b7a69fc062437e030c17aed8?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
bb2999530be0665421499572ff8d571b237d5db2c5fd83e8cf758151aadcc1a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:14 GMT
x-check-cacheable
YES
edge-cache-tag
c40eb393b7a69fc062437e030c17aed8
content-length
3830
last-modified
Fri, 21 Oct 2022 07:16:28 GMT
server
Akamai Image Manager
x-serial
1509
etag
aaf5f9c2f8add048a4814732be063a36-c40eb393b7a69fc062437e030c17aed8-150
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5183800
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 20 Dec 2022 07:14:54 GMT
skeleton.js
static.adsafeprotected.com/ 		17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-108.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 54ba4737103cb6263e414e602fbbe752.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
2690872
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
pwz-yPBkvVTyT4YhTyoQ3PMOAjs_PNgVQA3nZkRHgQK0Cw9y8L52gQ==
pixel_6f350fad
www.heraldsun.com.au/akam/13/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_6f350fad
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/6f350fad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-bpath
OLD
date
Fri, 21 Oct 2022 07:18:14 GMT
blaizehappened
true
vary
User-Agent
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
is-https
true
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_6f350fad&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=pixel_6f350fad&session=b41fdad1ee972853801a1edf83b61665
x-arrrg4
https://www.heraldsun.com.au/
x-opw
4
content-length
0
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
bulk
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=HK%3ASG%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221020-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
96
pragma
no-cache
date
Fri, 21 Oct 2022 07:18:14 GMT
via
1.1 varnish
x-served-by
cache-syd10138-SYD
server
nginx
x-timer
S1666336694.427586,VS0,VE96
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
csp-reports
login.newscorpaustralia.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/csp-reports
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.97.250 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-97-250.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/csp-report

Response headers
2721378e
login.newscorpaustralia.com/akam/13/ Frame FEDA 		0
0
WDsaFxgB
login.newscorpaustralia.com/z2kS_CMre0bUoWs3cyGU/Y77bSXztabrO/TisvAQ/TWMU/ Frame FEDA 		0
0
indies-loader.js
ts2020-indies-client.web.app/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2b47f6850e47a047f2dce76569a61df775d7504fe64716ec66af316ab80e489
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
cache-syd10175-SYD
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Fri, 21 Oct 2022 07:18:15 GMT
last-modified
Thu, 08 Sep 2022 01:41:49 GMT
x-timer
S1666336695.186897,VS0,VE0
etag
"dda6d8f74d0e858612ec503761d52ecaea214cb075d9052ffc7fb232c4add592-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2355
x-cache-hits
88228
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		257 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.97.250 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-97-250.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:15 GMT
content-encoding
gzip
strict-transport-security
max-age=600
last-modified
Tue, 30 Aug 2022 05:33:14 GMT
x-amz-cf-pop
NRT20-C1
etag
"04df6ed36e659404b1589354c5fb8697"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=14
accept-ranges
bytes
x-amz-cf-id
Q-dz20KDJPTukcFZcMWngDVqx0qCpXLrPXEAqbKNWPPZrB-OKPSlxw==
content-length
66268
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Fri, 21 Oct 2022 07:18:14 GMT
via
1.1 varnish
x-amz-request-id
R49A95MEAARZDWRY
age
28386
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
OwQO4r3NRn2mobB8qX5KI65TenVKTAqHjn3l8Eljsiqz/LERXHRjxQ8w1JWWw1vGRMYpafcYhZ8=
x-served-by
cache-syd10138-SYD
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1666336695.996124,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
61
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
5691
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16663366949350.8389449077532178
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:15 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
833
expires
Fri, 21 Oct 2022 07:18:15 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
application/x-javascript
date
Fri, 21 Oct 2022 07:18:15 GMT
cache-control
max-age=69142
server
AkamaiNetStorage
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=799041791242.0509
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=799041791242.0509?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
cafe /
Resource Hash
8138b157c70451fe330fb970f81a5e80d6afe77cf06b78498b5dffeb85db6713
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12654
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.91.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-91-15.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 06:01:59 GMT
content-encoding
gzip
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:51:11 GMT
server
nginx
x-amz-cf-pop
SIN2-P2
age
4576
etag
W/"62d7517f-1181e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
cG56Dc8qTnN4RZkT-a4dFq7XGf8Tm3m512lrRTr2O-36a0sz-yuD_A==
expires
Fri, 21 Oct 2022 08:01:59 GMT
metrics.js
tags.news.com.au/prod/metrics/ 		184 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e13d067d9eb0964f0d2cae94917201de23e1cb041cbfc8e49a371a6775dbf155

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:15 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"d27c6282cf1afe8356f8d36f3765b246:1666145306.529977"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=51050
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Fri, 21 Oct 2022 07:18:15 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=54463
content-length
9840
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 21 Oct 2022 07:18:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27027
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
QrZmnzYK/8tetUBW+Dw4n4q4thOM49Uv1egfqOmdSCgFZo21UpyEbYfvPC6ZHju3vMYMWKNbRjg4Lb3/cdYMVQ==
x-fb-trip-id
548340344
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-27.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 07:14:05 GMT
Content-Encoding
gzip
Via
1.1 4cad8a97cc16b078d964f8e158a1b4ae.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Mar 2022 03:18:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN52-P1
Age
254
ETag
W/"cd21e4d44772e851dcd7105fef09c01e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600
Connection
keep-alive
X-Amz-Cf-Id
UVTO0OOmrwx-4XZjcqL6qIUDwSvBnNXV91io45ROXyHmQ6UfQ1DNZw==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2022-10-21T07%3A18%3A14.958Z&country=au&newsconnectId=&fpid=b41fdad1ee972853801a1edf83b61665
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.94.145 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-94-145.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ec80fbb02e805fe57c3c5603aaaa88c8862508ffdcef76082834b4b801a76e6b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2862
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc7915fb854d0156e3819a66061fd153d26f4bcc58a65fc81bf12193d455567c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
ZfiUUBaSSlEhkkDAmF.0BHZEtTcnVGyf
content-encoding
gzip
via
1.1 varnish
date
Fri, 21 Oct 2022 07:18:16 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
9XK600K8GSWK9ETJ
age
99869
x-cache
HIT
content-length
519
x-amz-id-2
jEIwctCHg0fk8Q0ItEzlesnpgzv0KwASFIS5fV2FCdjXiThQpPLTijZloQ6BgMXaZr5CtlZ54T8=
x-served-by
cache-syd10172-SYD
last-modified
Thu, 20 Oct 2022 03:33:49 GMT
server
AmazonS3
x-timer
S1666336697.750611,VS0,VE0
etag
"ed404d2e28b21279cd08c1ad36fca41a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
124154
id5-api.js
cdn.id5-sync.com/api/1.0/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
KZEWE669P2SPK080
age
3344
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
75d837e2ba81a955-SYD
x-amz-id-2
NedPOaXj/z+SH1G3RObOOPpBsoKYxdmL30oTQ1IN2A0hd0wbNM4Gj8YjXV4saLGO9Iaobi6u0Ig=
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.44.233 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-233.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:17 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Fri, 18 Mar 2022 11:22:12 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
20617
expires
Fri, 21 Oct 2022 08:18:17 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
dbed06d37303d9a2f40a4c7c800d2879e8788cbf872d160593a837fcc9d06603

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:16 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a588a197dac6c25da7e9aaae6669b7f8:1666070376.116114"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=60074
content-length
2296
tad.js
tags.news.com.au/prod/tad/ 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
463625dd9de1e4bc31d37fb22a0dd092b327e5590707fa3020df235bd7d05661

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:17 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"abb04a67d96b288284cca2a84c7ec8b5:1665535620.337526"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=63651
content-length
33699
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
sffe /
Resource Hash
ca642c74ae1ef4365f2c0079aab1c445285887916637dddb71f6d03a3bbcbaee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27385
x-xss-protection
0
server
sffe
etag
"1370 / 571 of 1000 / last-modified: 1666303801"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 21 Oct 2022 07:18:17 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f59ff797b78853b110b03a4f27bac47a6d31faa53e47d55a56e3725d013f0d83

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 06:28:56 GMT
content-encoding
gzip
via
1.1 17da3580ac51ce2ae5123bc46728adb2.cloudfront.net (CloudFront), 1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 16:04:04 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2, SIN2-P2
age
2962
etag
W/"b13d25523ad505c18e73c78358e50098"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
-NWsXyOu9pJpZiSuP2Ik6o0r8blUA6aGai-ni3ZR7jTMX9o8w7BSXQ==
prebid.js
tags.news.com.au/prod/prebid/ 		366 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:17 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a5e55cf5b1d1242200b67a7ae1da6953:1664416072.664196"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=26128
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-12.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1af93a79baedcd0b0141f5ea252e90b09939df173357ac3dbcba632498e5385d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
ClDIgD0zuwLI7F0xhBbpGkCt4wZOjpVN
content-encoding
gzip
via
1.1 d8bc31f1690f46d533b518410accf19e.cloudfront.net (CloudFront)
date
Fri, 21 Oct 2022 06:41:09 GMT
last-modified
Thu, 13 Oct 2022 05:35:01 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
2230
x-amz-server-side-encryption
AES256
etag
W/"964c4cc68e0d531d901baf0d73f36918"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
h65In3nZcO537BMYj3LN7ttDQL4ysBjoOJl4FZbHSTjTqHnAtcE0OQ==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
225d7f8798e8442ff98725d44342d3d07ecb39067ff00e05358462a5e4d3c0bc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:18 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"86881fb73b4ddbe1082c71eabef497ff:1665372502.912417"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=10323
content-length
5789
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c77d9fedc0a692cdb6cfd3f9f2d9ad7e38f17d11d5d860c86bee2357b1f4bec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:18 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 21 Oct 2022 06:33:00 GMT
server
cloudflare
age
2718
cf-polished
origSize=5850
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usqpAiqsA6RlV4IzMqqXjDUFEN1mSGqCqJ9idW7D%2BvrnFmTy9pKhoKWe7IcXzOl1c7yOpWhse1EKvO1ebofri%2F%2BgddrqvDr4d1nGYkMU0nifcFH2qj6lXSfK%2BJTG1Ss1exB8WRLM"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
75d837f08c33a89b-SYD
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.153 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-153.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:19 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 02:18:16 GMT
server
AkamaiNetStorage
etag
"479ba55551c0a2369f399625b1c2c4ea:1632190696.475182"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
899
expires
Sat, 05 Nov 2022 07:18:19 GMT
mynews-promo.png
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/ 		366 KB
366 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Mon, 24 Oct 2022 16:28:36 GMT
date
Fri, 21 Oct 2022 07:18:19 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
373561
x-rq
nrt1 0 2 9980
last-modified
Mon, 26 Sep 2022 05:57:39 GMT
server
nginx
etag
W/"63313f53-5b713"
vary
User-Agent
content-type
image/png
cache-control
max-age=292217
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-8.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 906c6b5e83bd44f62b7f603039ce6f30.cloudfront.net (CloudFront)
date
Thu, 20 Oct 2022 16:03:25 GMT
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
54895
x-amz-server-side-encryption
AES256
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
EsgK93hsYJzwYWrdLbigsikoUEU4Mpcxra5FySf6gY6BDciWX_sNkg==
campaigns
resourcesssl.newscdn.com.au/indies/ 		896 B
953 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
e87455ae95f61cfbc0f7cb6fddf160a4359d212caca78f512ce2fe37dded02e0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

x-cache-hits
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Fri, 21 Oct 2022 07:18:15 GMT
x-powered-by
Express
content-length
503
x-served-by
cache-qpg1227-QPG
server
Google Frontend
x-timer
S1666334880.414050,VS0,VE377
etag
W/"380-buHeOXtmZuLHUq6FLZ+ztTi2ZXY"
x-i
true
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
88ee6f772941a4247e6284dfcd49521f
cache-control
private, max-age=18
function-execution-id
yjb93ojt09fb
accept-ranges
bytes
x-orig-accept-language
en-US,en;q=0.5
x-country-code
SG
expires
Fri, 21 Oct 2022 07:18:33 GMT
campaigns
resourcesssl.newscdn.com.au/indies/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
private, max-age=1750
content-type
text/html
date
Fri, 21 Oct 2022 07:18:15 GMT
expires
Fri, 21 Oct 2022 07:47:25 GMT
function-execution-id
wrjq67txop09
server
Google Frontend
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-cache-hits
0
x-cloud-trace-context
772010f3c2e7e382f64448310c7b5449
x-country-code
SG
x-i
true
x-powered-by
Express
x-served-by
cache-qpg1260-QPG
x-timer
S1666336695.376301,VS0,VE253
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame B15B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L9I5UIDF-Q-GZ6V
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L9I5UIDF-Q-GZ6V
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Fri, 21 Oct 2022 07:18:20 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1666336700.933272,VS0,VE94
x-cache
MISS
accept-ranges
bytes
x-served-by
cache-syd10138-SYD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L9I5UIDF-Q-GZ6V
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame B15B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJBVV0tFiDceWiWOTBA4nDQ&google_cver=1
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJBVV0tFiDceWiWOTBA4nDQ&google_cver=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Fri, 21 Oct 2022 07:18:19 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1666336700.637832,VS0,VE94
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10138-SYD

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJBVV0tFiDceWiWOTBA4nDQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B15B 		42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35:$UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 07:18:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame B15B
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
date
Fri, 21 Oct 2022 07:18:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
420493
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame B15B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e8b3d358-e78e-4c33-b377-0defa5253141
0
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e8b3d358-e78e-4c33-b377-0defa5253141
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Fri, 21 Oct 2022 07:18:19 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1666336699.248975,VS0,VE94
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10138-SYD

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e8b3d358-e78e-4c33-b377-0defa5253141
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
merge
ce.lijit.com/ Frame B15B
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
209.191.163.152 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:20 GMT
pod
X-Sovrn-Pod: ad_ap1sfo1
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:20 GMT
pod
X-Sovrn-Pod: ad_ap1sfo1
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ce.lijit.com/merge?pid=42&3pid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame B15B 		49 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74995b8c8d-b5rjd
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame B15B 		43 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Oct 2022 07:18:19 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame B15B 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.43.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-43-227.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:20 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B15B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=0cc07d74-3174-47b9-9e86-97c3009e8b63
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=0cc07d74-3174-47b9-9e86-97c3009e8b63
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:20 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
420460

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:20 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=0cc07d74-3174-47b9-9e86-97c3009e8b63
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1774375
content-length
0
expires
Fri, 21 Oct 2022 00:00:00 GMT
2.gif
id5-sync.com/c/464/112/6/ Frame B15B
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F6%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F6%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/6/2.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/464/112/6/2.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

location
https://id5-sync.com/c/464/112/6/2.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
uip-response-status
FallbackResponse
date
Fri, 21 Oct 2022 07:18:14 GMT
frontend-id
0
content-length
0
routing-server-id
1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame B15B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dbidswitch%26bidswitch%5Fssp%5Fid%3Dtaboola%26uid%2Dset%3D1%26auid%3D
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1&auid=048caf2c-480a-41c2-8859-170df00cd06f
  • https://x.bidswitch.net/sync?dsp_id=96&user_id=DmrO-3DJSmue-Wg&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=60ca4cbf-e072-4758-8229-0c9a732c458e
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=60ca4cbf-e072-4758-8229-0c9a732c458e
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
424242

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=60ca4cbf-e072-4758-8229-0c9a732c458e
Date
Fri, 21 Oct 2022 07:18:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame B15B
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=717308f6-e304-4299-a9e0-dcf9185eb43a
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=717308f6-e304-4299-a9e0-dcf9185eb43a&tbid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&query=taboola_hm%3D717308f6-e304-...
0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=717308f6-e304-4299-a9e0-dcf9185eb43a&tbid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&query=taboola_hm%3D717308f6-e304-4299-a9e0-dcf9185eb43a&isDirect=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 21 Oct 2022 07:18:22 GMT
via
1.1 varnish
server
nginx
x-timer
S1666336703.701834,VS0,VE130
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10138-SYD

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=717308f6-e304-4299-a9e0-dcf9185eb43a&tbid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&query=taboola_hm%3D717308f6-e304-4299-a9e0-dcf9185eb43a&isDirect=0
date
Fri, 21 Oct 2022 07:18:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
425258
sd
u.openx.net/w/1.0/ Frame B15B 		43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame B15B
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 21 Oct 2022 07:18:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Fri, 21 Oct 2022 07:18:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame B15B 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.60.1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-60-1.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:21 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
/
s.uuidksinc.net/match/1135/ Frame B15B 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/1135/?remote_uid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:21 GMT
server
nginx/1.19.0
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame B15B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=fPU_QfvZRn1IsYwGjzAGFK310YE
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=fPU_QfvZRn1IsYwGjzAGFK310YE
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
425258

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=fPU_QfvZRn1IsYwGjzAGFK310YE
Date
Fri, 21 Oct 2022 07:18:22 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
sync
x.bidswitch.net/ Frame B15B 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=453&user_id=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 07:18:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
t.adx.opera.com/ Frame B15B 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:21 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame B15B
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=b59d3c1f-1262-4aa9-be05-7539b070a7af
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=b59d3c1f-1262-4aa9-be05-7539b070a7af
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:21 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
425924

Redirect headers

date
Fri, 21 Oct 2022 07:18:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=b59d3c1f-1262-4aa9-be05-7539b070a7af
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221020-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Fri, 21 Oct 2022 07:18:21 GMT
x-amz-request-id
X0ZYP01DBVFV8BGR
age
23
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
4Kz0IYrYemcpVmkh7tqXAdNXHjnvoIBG0gj4fKylvZEutp7Kxoecb4kvf6bm3AoltdeGYgepo18=
x-served-by
cache-syd10138-SYD
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1666336701.226047,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
61
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
84
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=799041791242.0509?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Nov 2022 18:16:21 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrzNBtiisFU5mAjVRYqJ-2DeiGyZaRc3kkl0yYyCZIbqH00znJa1BGk013NmwSiPa24AO4SEKZvLjNAjOjMVMiitLwTlm9-lj1ICl16ZuENvEx0Ndiu80o0KXZrwV-9S_CCJ7Ap-i0GpTsVZ_n&sai=AMfl-YSDIgQ9A2MfWrh1ODUsuLYAS2la98b4BANrUSNJS581G50uaC9HiMWBkKtICn9F-BBXndoSmJa5x_MZn8DkzA&sig=Cg0ArKJSzIfMiSL_Y0eDEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20221019.15414&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=799041791242.0509?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 21 Oct 2022 07:18:16 GMT
swg.js
news.google.com/swg/js/v1/ 		149 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f138.1e100.net
Software
sffe /
Resource Hash
a274d807ff49c89235376b78c95e39abaa08257a24df13b1f9837bc81ec98116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 06:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46717
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 21:18:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 07:18:48 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=BDrbcrDYY9O7ZCwDN&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=12339&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=8184&t=C-6yTdCfl0UZCSQiRNDoOk68WaIC7&V=136&i=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=0&_acct=anon&sn=1&sv=DutaFMCLeb1LcWIoBDgGsj-jztxn&sd=1&im=062b0732&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.138.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-138-176.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Oct 2022 07:18:22 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1666336695894
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1666336695894
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1666336695894
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
0f99405dab4771ddd83989c240c8724fc03ee8e373f05d48b455978b4bbc35ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v040-09e9232a3.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
pb4EWEXWQCA=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1562
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v040-04cf334b8.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
5Ade6/P6RZs=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1666336695894
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
v2sbiof1ChiajACMhhGxXHfVvUXCiCoj3IVM3_wSzNUHGXuYBcHPoOY0VSJTdfjYwNCDSpGz_
bedsberry.com/ 		183 B
210 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2sbiof1ChiajACMhhGxXHfVvUXCiCoj3IVM3_wSzNUHGXuYBcHPoOY0VSJTdfjYwNCDSpGz_
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
1b05d5b24ddb710dae9541c6e8332baaa69d6fdcdecc4c83b1fa54db2e91359b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 21 Oct 2022 07:18:16 GMT
via
1.1 google
x-buildnumber
661392823
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183
x-datacenter
gce-us-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-us-west1-spot-0x9d
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 21 Oct 2022 07:18:15 GMT
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b08422bfd44cdfaa840071ee59a1ab11ea900a22ac7cad31a7a1add5099b0e58

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
pNmAdUFZ._O4TOa2cQqYeLNTcpY9dJN6
content-encoding
gzip
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
date
Fri, 21 Oct 2022 06:25:24 GMT
last-modified
Fri, 21 Oct 2022 01:19:32 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
3185
x-amz-server-side-encryption
AES256
etag
W/"3889d142ca3f677897a9efaf823495ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
76hae5X1IexYA4du0la0nJt2FSdzMyxxwNBTQtUEUmRwgEo8BDG6tg==
384959879014125
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/384959879014125?v=2.9.87&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
8fee87c7f368d1d466beff2c278c998d8278aa89cf2ebbb71bba2f7659346f64
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 21 Oct 2022 07:18:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86009
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
xtr8g4535tRBlcduil/4JCAdGskDxwWijjER/dDY3ez6uscWgkLI4IjKIVaklpSbecd6xfBxjozVwBCsJA9Rbg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:17 GMT
server
AkamaiNetStorage
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=2874
content-length
65
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=b49cede5a013879e66980eec99fcb443&timewithTz=2022-10-21T07:18:14.958Z&country=au&newsconnectId=&fpid=b41fdad1ee972853801a1edf83b61665
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.94.145 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-94-145.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:21 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
dest5.html
newscorpau.demdex.net/ Frame 71EB 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-1-v040-08c246ade.edge-usw2.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ziAu7CtMTPY=
content-encoding
gzip
date
Fri, 21 Oct 2022 07:18:18 GMT
last-modified
Thu, 29 Sep 2022 16:19:09 GMT
vary
accept-encoding
id
metrics.heraldsun.com.au/ 		48 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=77711952274834134600727030220105461353&ts=1666336697240
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-121.data.adobedc.net
Software
jag /
Resource Hash
4ba5890c8b4ca896e1ee7984a81a7b8084fbeb978fd9e1e0d7f64b0205f6d591
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 21 Oct 2022 07:18:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y1JHvAAB7aM5RAAr&d_uuid=77688079296075721740729129481305816947
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=77688079296075721740729129481305816947
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1JHvAAB7aM5RAAr&d_uuid=77688079296075721740729129481305816947
0
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1JHvAAB7aM5RAAr&d_uuid=77688079296075721740729129481305816947
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v040-057b9e236.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
NQbyP+GsT0U=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1JHvAAB7aM5RAAr&d_uuid=77688079296075721740729129481305816947
Date
Fri, 21 Oct 2022 07:18:22 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-79.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 19 Oct 2022 03:32:39 GMT
Content-Encoding
gzip
Via
1.1 41fd6d5d31b98dbe4a4504a337ab4b96.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
186344
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
Idj2WM1yA68sucljKm0RiXuVMeq43S1r_7ctCRZRBQ8gigr9PDFeYQ==
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.54.79.6 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-79-6.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Fri, 21 Oct 2022 07:18:18 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.54.79.6 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-79-6.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Fri, 21 Oct 2022 07:18:18 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame FA98 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-27.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
121
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 21 Oct 2022 07:16:18 GMT
ETag
W/"748ca6666533691c2a9fad2f102bc379"
Last-Modified
Mon, 21 Mar 2022 03:18:39 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 16074517396ff3ce754e4ac422c346c8.cloudfront.net (CloudFront)
X-Amz-Cf-Id
8zZTPi3IAGuvzHho1yPMwzwTr34MXXaR7BPkAcgoueJjaLufWoAUhA==
X-Amz-Cf-Pop
SIN52-P1
X-Cache
Hit from cloudfront
lookuplist
au.audience.newscgp.com/ 		108 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=b41fdad1ee972853801a1edf83b61665&&bust=16663366976500.9839335469357291&errors-in-body=1
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-108.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
bfba1067abfd1c6c02b4ba6e897ee9d8f8c550b51fbee7cce21f1cbbd473a8be

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:18 GMT
via
1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
108
x-amz-cf-id
NmrJBJKnf_JljDkMpKC7tpahrbv2Nb75Ps2oL9VZ_GxyGDjwOGXb9w==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221021
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40cb368f045d5452437d16c14a82ceeec9b37204f16b657be49d086106ae4700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 07:18:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15430
x-jsd-version
1.0.1499
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4582-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"663-m5zFW9QZB+4iGVgL4HRK+wU5t5E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F33ZPr7tY2G8sAmgSxzywOWFr6hUYt4kdBUDlU3BBFftsKYl%2B6StNmNbsiGuMVvrZJw%2Fj%2B2mDs%2Fy39YgGD7x8e6Ja%2BYN7RpMdEOU%2BjrS8h1N5tngRTOuUleoys3ZNxjnzcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
75d837eadd5ca862-SYD
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.67 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216533.ip-141-95-98.eu
Software
/
Resource Hash
0e70ed2a688f8b6c15dcf94ded527001ec9c041d3c54f28de3fdb79da755f28c

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 21 Oct 2022 07:18:18 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		34 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
dcb6ca1cd3da04d59b0dd78687da88d8335f34b74333af3157ccfee80fc35c70

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 21 Oct 2022 07:18:18 GMT
content-length
34
vary
Origin
content-type
application/json
pubads_impl_2022101901.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
196eb4e1c32206100f0e8ad4ec1d25770d5dc9d91acd7b7972ec369440323aaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143255
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130799
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:34:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 19 Oct 2023 15:30:47 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		144 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106
x-xss-protection
0
expires
Fri, 21 Oct 2022 07:18:18 GMT
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=77711952274834134600727030220105461353&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%01b41fdad1ee972853801a1edf83b61665%011&ts=1666336698056
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
32510f78ed56e36892d042b84565a0c3f01f11051df509e24ebd0b4c328133f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v040-0cb0e6265.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
oDlvSyYaRME=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1563
Expires
Thu, 01 Jan 1970 00:00:00 UTC
config
c.amazon-adsystem.com/cdn/prod/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 04:25:33 GMT
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
age
10364
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
OCPDWui7eadjLM4bzci--ju_Br3IuH-ehd6sLDiOn-08cjKyvA-UhA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding
gzip
via
1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
date
Thu, 20 Oct 2022 20:15:21 GMT
x-amz-cf-pop
SIN2-P2
age
39778
x-cache
Hit from cloudfront
last-modified
Thu, 06 Oct 2022 01:32:47 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
WFzLbxGl6Dz0c6lKov-wudBssh-8bL0FLTZ4AJAXGlJ4IcfcWd8IRw==
s05956837077860
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/s05956837077860?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=21%2F9%2F2022%207%3A18%3A18%205%200&cid.&newsnkidcookie.&id=b41fdad1ee972853801a1edf83b61665&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=b41fdad1ee972853801a1edf83b61665&mid=77711952274834134600727030220105461353&aamlh=9&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&c.&getNewRepeat=3.0&getPreviousValue=3.0&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D83&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=6%3A18%20PM%7CFriday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=83&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cnsw%7Csydney%7C-33.88%7C151.22%7Cgmt%2B10%7Cunknown&v79=au&v80=b41fdad1ee972853801a1edf83b61665-00000000000000000000000000000000-1666336695337-909860&v110=2022-10-21%2007%3A18%3A10&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-121.data.adobedc.net
Software
jag /
Resource Hash
004cd06307d87dd645930199f68f2f74286e010d777319307355a3ea7398d056
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-aam-tid
VIeWGLiQRcw=
date
Fri, 21 Oct 2022 07:18:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
4969
x-xss-protection
1; mode=block
dcs
dcs-prod-usw2-1-v040-08c246ade.edge-usw2.demdex.com 6 ms
pragma
no-cache
last-modified
Sat, 22 Oct 2022 07:18:22 GMT
server
jag
etag
3578430820248911872-4619407564041476660
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 20 Oct 2022 07:18:22 GMT
ibs:dpid=358&dpuuid=4556601905268206534
dpm.demdex.net/ Frame 71EB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=4556601905268206534
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=4556601905268206534
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v040-0477273d9.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
TrCTDW9gTAE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 07:18:19 GMT
AN-X-Request-Uuid
683f4557-bfdc-4933-8643-ae9676764f6a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=4556601905268206534
Connection
keep-alive
X-Proxy-Origin
173.245.209.129; 173.245.209.129; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=470&dpuuid=4273321647021922134
dpm.demdex.net/ Frame 71EB
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=4273321647021922134
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4273321647021922134
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v040-017b9458b.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
pdFY2nXMRWg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4273321647021922134
pragma
no-cache
date
Fri, 21 Oct 2022 07:18:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.54.79.6 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-79-6.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Fri, 21 Oct 2022 07:18:18 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.54.79.6 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-79-6.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Fri, 21 Oct 2022 07:18:18 GMT
Server
nginx
token
token.rubiconproject.com/ Frame 71EB 		0
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=6404&puid=77688079296075721740729129481305816947&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=771&dpuuid=CAESEIofk5NGVZhv-wzp20pdeE4&google_cver=1
dpm.demdex.net/ Frame 71EB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Nzc2ODgwNzkyOTYwNzU3MjE3NDA3MjkxMjk0ODEzMDU4MTY5NDc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIofk5NGVZhv-wzp20pdeE4&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIofk5NGVZhv-wzp20pdeE4&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v040-00a352654.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Bd3v7XhySAc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIofk5NGVZhv-wzp20pdeE4&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=903&dpuuid=e8b3d358-e78e-4c33-b377-0defa5253141
dpm.demdex.net/ Frame 71EB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=e8b3d358-e78e-4c33-b377-0defa5253141
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=e8b3d358-e78e-4c33-b377-0defa5253141
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v040-055ec9a58.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4FXde+yeQZs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=e8b3d358-e78e-4c33-b377-0defa5253141
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
189
ibs:dpid=19566&dpuuid=%s
dpm.demdex.net/ Frame 71EB
Redirect Chain
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v040-02042986b.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6b4e0lDLQqI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:19 GMT
server
nginx
etag
"60b842b9-cde"
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
expires
Fri, 21 Oct 2022 07:18:19 GMT
ibs:dpid=23728&dpuuid=Y1JHu7a3Dx9xUVjqxdRI8QAA%264717
dpm.demdex.net/ Frame 71EB
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1JHu7a3Dx9xUVjqxdRI8QAA%264717
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1JHu7a3Dx9xUVjqxdRI8QAA%264717
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v040-02c8c6061.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
2nWYalJ9Qms=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCRL8ERZKArcG%2B4PUL2AIEVeqAhBar3n%2BNdYheVP1nuZVcVR2iV0Rvl8NsO9kdvirgysgRHOeanoAVO%2F2dSKQ1ZyrJWEAWbnePpMKAMDtFs4M%2FCD9Eh0GS%2Be2beRzatAxvRmUtDH"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1JHu7a3Dx9xUVjqxdRI8QAA%264717
cache-control
no-cache
cf-ray
75d837f43cc4aaef-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
door.js
au-script.dotmetrics.net/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13062
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-4.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
06d36044f1fafdfe8db8a047f8bedcb32906ecddcf9aa93c16dc818407fc6f69

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:22 GMT
content-encoding
br
via
1.1 b4ef37917b36c601eeeeb55cdda4288c.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
etag
"13062...215.2022102107"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
lH17H1Q4hGNDSGElPfy9vgzlUsgUcayWVeGm-my2XK8GhuNN-BgH_A==
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adf23626aad133ddca790af234b0e5708586c5f4213b381673d75e7b8add800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:22 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 21 Oct 2022 06:33:08 GMT
server
cloudflare
age
2714
cf-polished
origSize=46186
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsODePQlsIiEt307ctA%2BKYl0qEhkjSF9PzuXmtQnQmk%2Bk4LIGtHYuPGppIpy81oyrqnPLO7SLp5JP9bVlfZci56kqo0JtUAVFeBPC5EA%2BP7SzYgekOoX6ao34lgvtZg%2Fkx1YZIzN"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
75d83804cf13a89b-SYD
ibs:dpid=30432&dpuuid=CI-143768f338df5f9c091220181e908930
dpm.demdex.net/ Frame 71EB
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=77688079296075721740729129481305816947&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-143768f338df5f9c091220181e908930
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-143768f338df5f9c091220181e908930
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v040-017b9458b.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
W95XRzhuQT8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-143768f338df5f9c091220181e908930
Date
Fri, 21 Oct 2022 07:18:19 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
701.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
7e5177bba3c3f74dc41e3ae6300ba0baa8db501b5abccad2daa6a11ac21fccd8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 07:18:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 71EB
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=77688079296075721740729129481305816947&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=77688079296075721740729129481305816947&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v040-0b83dfcc5.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
BMerEgyXQ4Q=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
303,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Fri, 21 Oct 2022 07:18:20 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.187 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-187.pacnet.net
Software
AmazonS3 /
Resource Hash
704de20959867ad7e42c0e25a807e6a87daab17c4e8755cdf36fa105f6a7400f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:22 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 08:55:48 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P1
etag
W/"095a7b562e641bfc203fc3ef9697c6bc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
Mg-PJrPZYvUFlAGyPVC9EWlvXHDkYYQUS1sjVFkZHnJNCU2RdwDlbg==
content-length
21384
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202210100344&cb=1666336699212
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.153 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-153.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:22 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Fri, 21 Oct 2022 07:28:22 GMT
usermatch.gif
beacon.krxd.net/ Frame 71EB
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=77688079296075721740729129481305816947
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=77688079296075721740729129481305816947
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=77688079296075721740729129481305816947
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
52.26.190.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-190-74.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n016-pdx-prod.krxd.net
date
Fri, 21 Oct 2022 07:18:20 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1666336700
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=77688079296075721740729129481305816947
date
Fri, 21 Oct 2022 07:18:20 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a004-ash-prod.krxd.net
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame 71EB
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=77688079296075721740729129481305816947&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v040-0716cbe9b.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
R51AYcFtQnk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Fri, 21 Oct 2022 07:18:22 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pixel
cm.g.doubleclick.net/ Frame 71EB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTFKSHZBQUFBZ21jNkFBVA==&_test=Y1JHvAAAAgmc6AAT
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTFKSHZBQUFBZ21jNkFBVA==&_test=Y1JHvAAAAgmc6AAT
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-syd10155-SYD
pragma
no-cache
date
Fri, 21 Oct 2022 07:18:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666336700.265114,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTFKSHZBQUFBZ21jNkFBVA==&_test=Y1JHvAAAAgmc6AAT
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 71EB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y1JHvAABmjcXIAAW
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y1JHvAABmjcXIAAW&expires=90&_test=Y1JHvAABmjcXIAAW
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y1JHvAABmjcXIAAW&expires=90&_test=Y1JHvAABmjcXIAAW
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-syd10155-SYD
pragma
no-cache
date
Fri, 21 Oct 2022 07:18:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666336700.474372,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y1JHvAABmjcXIAAW&expires=90&_test=Y1JHvAABmjcXIAAW
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 71EB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y1JHvAAB7aM5RAAr
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1JHvAAB7aM5RAAr&_test=Y1JHvAAB7aM5RAAr
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1JHvAAB7aM5RAAr&_test=Y1JHvAAB7aM5RAAr
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 07:18:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-syd10155-SYD
pragma
no-cache
date
Fri, 21 Oct 2022 07:18:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666336700.474349,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1JHvAAB7aM5RAAr&_test=Y1JHvAAB7aM5RAAr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
setuid
ib.adnxs.com/ Frame 71EB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=Y1JHvAAAAgmc6AAT
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=Y1JHvAAAAgmc6AAT
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 07:18:20 GMT
AN-X-Request-Uuid
cf59b187-5739-4153-b29b-1a59592d376e
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.129; 173.245.209.129; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-syd10155-SYD
pragma
no-cache
date
Fri, 21 Oct 2022 07:18:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666336700.423491,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=Y1JHvAAAAgmc6AAT
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 71EB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y1JHvAAAAgmc6AAT
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y1JHvAAAAgmc6AAT
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y1JHvAAAAgmc6AAT
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y1JHvAAAAgmc6AAT
date
Fri, 21 Oct 2022 07:18:20 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame 71EB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1JHvAAB7aM5RAAr
1 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1JHvAAB7aM5RAAr
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 21 Oct 2022 07:18:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-syd10155-SYD
pragma
no-cache
date
Fri, 21 Oct 2022 07:18:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666336701.564024,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1JHvAAB7aM5RAAr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 71EB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y1JHvAAB7aM5RAAr&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y1JHvAAB7aM5RAAr&img=1&__user_check__=1&sync_id=8b4adff3-5110-11ed-90ff-17a1ae810107
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y1JHvAAB7aM5RAAr&img=1&__user_check__=1&sync_id=8b4adff3-5110-11ed-90ff-17a1ae810107
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
103.71.26.125 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 07:18:21 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
90
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 21 Oct 2022 07:18:21 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=6409&uid=Y1JHvAAB7aM5RAAr&img=1&__user_check__=1&sync_id=8b4adff3-5110-11ed-90ff-17a1ae810107
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
62
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame 71EB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y1JHvAAB7aM5RAAr&t=2592000&o=0
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y1JHvAAB7aM5RAAr&t=2592000&o=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 00:18:21 PDT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
Q9fjCq3K6VCkJVQO6hA928nNZYi2lzhQOniz2baaqbdQQvFZQYAoqXahAOFHbYeg0VetmupreS3esKCmAkK1qg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
cache-control
public, max-age=0
priority
u=3,i
expires
Fri, 21 Oct 2022 00:18:21 PDT

Redirect headers

x-served-by
cache-syd10155-SYD
pragma
no-cache
date
Fri, 21 Oct 2022 07:18:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666336701.775260,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y1JHvAAB7aM5RAAr&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ibs:dpid=147592
dpm.demdex.net/ Frame 71EB
Redirect Chain
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
42 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcscanary-prod-usw2-1-v051-0d1d13a3f.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
5RGsvZX2RQ4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-vcl-time-ms
95
date
Fri, 21 Oct 2022 07:18:20 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1666336701.781220,VS0,VE95
x-cache
MISS
location
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10138-SYD
8.gif
id5-sync.com/i/701/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/701/8.gif?id5id=ID5*vMebpVePGicglVyIu_dCa4oTcTgQkwUr_sNdnGA4deYn-4JgnkQ5dt9FpkxjxKPs&o=api&gdpr_consent=undefined&gdpr=false
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 21 Oct 2022 07:18:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
interact
edge.adobedc.net/ee/v1/ 		725 B
839 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=d0ba467d-1486-4837-a41c-0e56f8fdf135
Requested by
Host: cdn1.adoberesources.net
URL: https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-117.data.adobedc.net
Software
jag /
Resource Hash
aa4769b521bb641f69c6addca70a2e0ea710e0501f5c8fca5f7feb839289e777
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 21 Oct 2022 07:18:20 GMT
content-encoding
deflate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-rate-limit-remaining
599
x-adobe-edge
OR2;9
x-xss-protection
1; mode=block
x-request-id
d0ba467d-1486-4837-a41c-0e56f8fdf135
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-konductor
22.10.4-BLACKOUT19OCT22:60e2e600
0
sync.1rx.io/usersync/adobe/ Frame 71EB 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.45 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:21 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
/
pips.taboola.com/ 		4 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
cache-syd10127-SYD
date
Fri, 21 Oct 2022 07:18:21 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
validate
assets.vidora.com/v1/ 		0
300 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-8.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Oct 2022 07:18:21 GMT
via
1.1 906c6b5e83bd44f62b7f603039ce6f30.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
flodhBcSwDNoJYkN5Gdy_6FLAq8wlJ_9Em_4HnGfQW0z4ZOTLYRLsA==
expires
Fri, 21 Oct 2022 07:18:20 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 21 Oct 2022 07:18:22 GMT
cache-control
no-store
server
nginx
c.js
collector.brandmetrics.com/ 		0
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au&rnd=5665730
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:23 GMT
content-length
0
content-type
text/javascript;charset=utf-8
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f138.1e100.net
Software
sffe /
Resource Hash
a9e322e104caf61653b1595f938d5c774c6bc0ac2799aff3538fedaee835c8ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 18:18:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 08:08:05 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f138.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 06:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 07:30:41 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame 430B
Redirect Chain
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=462871&publicationId=heraldsun.com.au
  • https://news.google.com/swg/ui/v1/serviceiframe?_=462871&publicationId=heraldsun.com.au
26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=462871&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f138.1e100.net
Software
ESF /
Resource Hash
85802b7d129495d4a392bf53185270068dc24974b7be930df25daa3ba40cb61d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6gNwuLPxL95fLip-7xvNvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-6gNwuLPxL95fLip-7xvNvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy
same-site
date
Fri, 21 Oct 2022 07:18:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-rVSHWZlS3U3IdaGzrZDMvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
application/binary
cross-origin-opener-policy-report-only
unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy
same-site
date
Fri, 21 Oct 2022 07:18:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://news.google.com/swg/ui/v1/serviceiframe?_=462871&publicationId=heraldsun.com.au
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
entitlements
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/ 		2 B
359 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f138.1e100.net
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
Tw1ZrV6S6M8HrQmSnEoR4BpykB7j_69v
content-encoding
gzip
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
date
Fri, 21 Oct 2022 06:22:15 GMT
x-amz-cf-pop
SIN2-P2
age
3368
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 28 Sep 2022 14:09:01 GMT
server
AmazonS3
etag
W/"81a9e2a298d0019660cb2966f0c24748"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
bTaitmvcGMwy2cvfrT6eih-lUUX8PjLzVvyF_llrYI3a6mPcMGTqBw==
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1666336702574&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.2.1666336702572.180148268&it=1666336696553&coo=false&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 21 Oct 2022 07:18:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
prebid
ib.adnxs.com/ut/v3/ 		492 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3b0d471050064de5075a626a90f1008314631b455287ca8f86e4cd180a5f28a6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 07:18:24 GMT
AN-X-Request-Uuid
28a27446-b79b-4c3d-958d-d5d02d086d28
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.129; 173.245.209.129; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
492
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
syd-1-apex.go.sonobi.com/ 		0
0
prebid
ads.playground.xyz/host-config/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/host-config/prebid?v=2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 07:18:24 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
e1b37ab6-4180-48d4-bbd8-0aed370618ea
fastlane.json
fastlane.rubiconproject.com/a/api/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=2&alt_size_ids=57%2C68&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=608059f9-168d-4d14-9a0c-d992203801ab&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&slots=1&rand=0.8086041101656161
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e5606bf9cab565a9d99ce34c1322abacea8c08b89b1aba830a69acdce98edcfe

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:24 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		406 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=2846d310-6231-46c3-b28e-ee5c2c70abbe&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&slots=1&rand=0.2623213648962852
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
82e43efcec65dca97879898148c3584520b4ed3900b4201ab6685c66396fed1d

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
406
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		384 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=fa99f886-1f15-40c5-82df-d1b18ed54416&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&slots=1&rand=0.2495232465577466
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d2df272021a91cffac682e6399b8389e01fe7393335200123dd0eeda80d0b469

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
384
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		386 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=e9a7c120-4f96-4199-90be-7dfdd5c24468&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&slots=1&rand=0.9510120822561001
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
24b67a5dd1331f2f3815d918242dbeaf18004999641c13b369078b4387ccdd72

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
386
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=24484645678
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
2b63ef488a84ac4c1ff55278af21da6ec1a0599860d65dc4508e9b540639b80a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 07:18:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1708
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 21 Oct 2022 07:18:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v2
mfad.inskinad.com/api/ 		86 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mfad.inskinad.com/api/v2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.104.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-104-205.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
8e428c071fbe3d580654e99ac80fb928f54551bdffe742f9afc005bdca94aabd

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

expires
0
pragma
no-cache
date
Fri, 21 Oct 2022 07:18:24 GMT
content-encoding
gzip
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"1561d-VD8fNmwlWzz8X9+wwShHWyg8/qM"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
x-served-by
bifrost-production-shard001-us-east-1e-i-0516301018e39bebb
cygnus
htlb.casalemedia.com/ 		36 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=277566&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223053585077fe53%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%3Fpagetype%3Dhomepage%26sec1%3Dhome%26sec2%3D%26sec3%3D%26env%3D%26adl%3Dfalse%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.13.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22314ef829ee42575%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A1800%2C%22h%22%3A1000%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%221800x1000%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%7D%7D%2C%7B%22id%22%3A%22345f75e9427e8bc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%7D%7D%2C%7B%22id%22%3A%2236b2ccc3b7f4a76%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22320697%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%7D%7D%2C%7B%22id%22%3A%223795853a2215ec5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22320695%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99f2644d5b80b4488b52d2e3eb32b8cd1f2a27e6232cff94fd9434fab88fee18

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWQ7rUCp1AR6YZnCDX627aKLM5pQ68t%2FahhcsBPxe2tL05SitD%2BPQTok8X24N%2B5Tn%2Fk%2B2UaZmidBEqwNKnOtAZVMhwQP5ZyHn7%2BC8YLj2PJxLWvqE8RpJ7eIhmGOXoajUeGm53m5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75d8380faee5a87c-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&pid=gcNi7nDhTZUku&cb=0&ws=1600x1200&v=22.10.131733&t=4000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x50%22%2C%221000x100%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%2C%221000x150%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.30.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-30-231.sin2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:23 GMT
via
1.1 69eaf3b14624853f73e8b23e5e76f49e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
7QrBR1DlJ9N1GPp1QeD4--gVguPcoysEWLOFH0S2n4P9CQN7zMAawQ==
pub
pixel.adsafeprotected.com/services/ 		733 B
971 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=b985c2e3-1edc-fe89-b73c-de08e499f1c5&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.225.18 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-225-18.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9089f099538de9e243dac12d181f6a9b23a3ac2e6bc91ebd030f50cf477d576a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:24 GMT
server
nginx
x-server-name
app04.sg.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=Microdata&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1666336703077&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22meta%3Adescription%22%3A%22News%20and%20Breaking%20News%20-%20Headlines%20Online%20including%20Latest%20News%20from%20Australia%20and%20the%20World.%20Read%20more%20News%20Headlines%20and%20Breaking%20News%20Stories%20at%20Herald%20Sun%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Herald%20Sun%22%2C%22%40id%22%3A%22heraldsun.com.au%22%7D%2C%22isAccessibleForFree%22%3A%22True%22%2C%22isPartOf%22%3A%7B%22%40type%22%3A%5B%22CreativeWork%22%2C%22Product%22%5D%2C%22name%22%3A%22Herald%20Sun%22%2C%22productID%22%3A%22heraldsun.com.au%3Adigital%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.87&r=stable&ec=1&o=30&fbp=fb.2.1666336702572.180148268&it=1666336696553&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 21 Oct 2022 07:18:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame C5CA 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
2454
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Fri, 21 Oct 2022 06:37:30 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 28 Sep 2022 14:09:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-cf-id
fjOkKWM10rfbNnqoBhu-1H0X5BkpDmBoYzyAHki6Xx4N8o1HrXiIyA==
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
kefD87rpNa3sUBHNjAEOkjjRzic54A4V
x-cache
Hit from cloudfront
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.187 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-187.pacnet.net
Software
AmazonS3 /
Resource Hash
289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
W_yTpbzpqY89CZHjDkmLnffsRbstOxY.
content-encoding
gzip
date
Fri, 21 Oct 2022 07:18:24 GMT
last-modified
Mon, 12 Sep 2022 05:38:14 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P4
etag
"189bff3ecbc5fc21ff53bd3b46f8ee8b"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=62
accept-ranges
bytes
x-amz-cf-id
17OsOtIjsmEXrPJkCcxBX8o6mHpHJQqkCcdA_43J0MjKs99GynPC8Q==
content-length
1284
hit.gif
au-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1666336703816&pvs=1&pvid=40df511b-2183-4823-b44c-593c5277736d&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-4.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:23 GMT
dotmetrics-hit-status
01 OK
via
1.1 b4ef37917b36c601eeeeb55cdda4288c.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
QqMANcwCGwXCQBGivcMazMZzq9WZYbGBoWbx7SEygy8vUxvdWaAixg==
script.js
au-script.dotmetrics.net/Scripts/ 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=215
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13062
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-4.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
fd70a17701f20f906fcfcab108d8a3724c899cee3e46668f44f4f4f8ada6fe2e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:24 GMT
content-encoding
br
via
1.1 b4ef37917b36c601eeeeb55cdda4288c.cloudfront.net (CloudFront)
last-modified
Thu, 29 Sep 2022 09:57:51 GMT
server
Kestrel
x-amz-cf-pop
SIN2-C1
etag
"1d8d3e9efb78572"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
31SSHVtCOsuN4ztgF-AjxU-yYsA2xUcHzsj8EBGtfUDosqfWaCnUFw==
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 430B 		0
25 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AS5O4XC9E3bnjJOcy50e3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=462871&publicationId=heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 21 Oct 2022 07:18:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-AS5O4XC9E3bnjJOcy50e3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ Frame 430B 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=462871&publicationId=heraldsun.com.au
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f138.1e100.net
Software
sffe /
Resource Hash
a9e322e104caf61653b1595f938d5c774c6bc0ac2799aff3538fedaee835c8ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 18:18:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 08:08:05 GMT
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame C5CA 		44 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=docbrdnxrwlkhr2sfqaftkimxsr2k1666336703&c16=sdkv,bj.6.0.0&uoo=&fp_id=mpeweztqpiahgnlsachmxyzddeg8p1666336703&fp_cr_tm=1666336703811&fp_acc_tm=1666336703811&fp_emm_tm=1666336703811&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.205.213 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-205-213.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:24 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
docbrdnxrwlkhr2sfqaftkimxsr2k1666336703.nuid.imrworldwide.com/ Frame C5CA 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://docbrdnxrwlkhr2sfqaftkimxsr2k1666336703.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-79.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:45:47 GMT
via
1.1 5230066306741527c1870ae028182b78.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
27158
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
mFwIgA3YsqhA8wZ5MKr1Z16v0jBulXzak6WE7XqEIg5WMBsX8u7jVQ==
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XZUYitrYgFo.es5.O/am=ygAAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABX... Frame 430B 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XZUYitrYgFo.es5.O/am=ygAAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6e32LXr_LoSCdLUMA9G_idyh6gIw/m=_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=462871&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
2f7ed0b460acef78d3d8b2e72354bd6bfa7523e646a1be5a195c68619b5b70bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61740
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 00:02:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 15:45:42 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 430B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=462871&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 22:33:12 GMT
x-content-type-options
nosniff
age
290712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 22:33:12 GMT
Serving
bs.serving-sys.com/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=4675586157159429993&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D5632451826240052043$$&ns=0&rnd=7564559386958378&uinadv=%7B%7D
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.8.38 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-8-38.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d80818dcdbc7a963663b33c1c1c87add4fa272b6337ef0a0bf475ce1680c4085

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:25 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
2469
expires
Sun, 05-Jun-2005 22:00:00 GMT
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMwNjIsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS8iLCJydXJsIjoiIiwicHZpZCI6IjQwZGY1MTFiLTIxODMtNDgyMy1iNDRjLTU5M2M1Mjc3NzM2ZCIsInR6T2Zmc2V0IjowLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1666336704476
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-4.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
6fecdf7036818ed6c569101d40ba6541f6aaecb05e63c4ff6bd8d47e521f041b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:24 GMT
content-encoding
br
via
1.1 b4ef37917b36c601eeeeb55cdda4288c.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
dbEuS3LHf4gqPzdDonHLemjuGvBnyn-_xfv8JeRQ8L-72WVEmrQngA==
m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XZUYitrYgFo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XzRXQSkFNKY.L... Frame 430B 		135 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XZUYitrYgFo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XzRXQSkFNKY.L.B1.O/am=ygAAAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6cidVYk7s0hAA48drDGCeJkf8GvQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XZUYitrYgFo.es5.O/am=ygAAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6e32LXr_LoSCdLUMA9G_idyh6gIw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
170dc3ff2819ba7afa6542392a5ac334f08e355dae68ea9b0b0471c00f86f529
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 17:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222851
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46260
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 00:02:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 17:24:14 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame E401 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 22:38:06 GMT
Via
1.1 a4e03b25c402f8e111eba098232bf16e.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
31220
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
VIm57bnA4hnzvp0-x2Cqz4gUe9cYEs78pf8OHgsaJ8IdrxGPKDkPNA==
uwt.js
static.ads-twitter.com/ Frame 71DB 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.108.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:25 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 14:35:09 GMT
etag
"d4de8398858246712016031c834bb061+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15317
x-served-by
cache-iad-kcgs7200143-IAD, cache-tyo11960-TYO
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 873F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.211 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-211.pacnet.net
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:25 GMT
content-encoding
gzip
last-modified
Wed, 19 Oct 2022 18:56:33 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=33842
accept-ranges
bytes
content-length
3063
js
www.googletagmanager.com/gtag/ Frame BE58 		118 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c4b90d5951ef6431b90aa6db58ffde3e72ef6f916cba44c9ea3ef71f5e024de0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47831
x-xss-protection
0
last-modified
Fri, 21 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Oct 2022 07:18:25 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 0DF4 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 22:38:06 GMT
Via
1.1 988e86815669491446c291c607aeb5e8.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
31220
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
3jUp0KN-sNkyveOX2Ye53VNYKjq6qUp8T3kLruPFh1L4orw368DJJA==
pixie.js
acdn.adnxs.com/dmp/up/ Frame F420 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
Fri, 01 Oct 2021 05:45:37 GMT
Date
Fri, 21 Oct 2022 07:18:25 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
4777
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21930-LGA, cache-syd10176-SYD
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1666336705.433630,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
21, 1190
activityi;dc_pre=CJa3s_vj8PoCFeJLfAodGU4NZg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7136558380504.514
8228261.fls.doubleclick.net/ Frame F27A
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7136558380504.514?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CJa3s_vj8PoCFeJLfAodGU4NZg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=713655838050...
402 B
441 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJa3s_vj8PoCFeJLfAodGU4NZg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7136558380504.514?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
cafe /
Resource Hash
1188da9ac9933fdf4b99e79721135aa21aea2127f6821934ea8f8f4931c5da8d
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
330
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 07:18:26 GMT
expires
Fri, 21 Oct 2022 07:18:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 07:18:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJa3s_vj8PoCFeJLfAodGU4NZg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7136558380504.514?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CIDLs_vj8PoCFUJLfAodNUsNtg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7624486489236.71
8228261.fls.doubleclick.net/ Frame CD1D
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7624486489236.71?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CIDLs_vj8PoCFUJLfAodNUsNtg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=762448648923...
401 B
398 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIDLs_vj8PoCFUJLfAodNUsNtg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7624486489236.71?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
cafe /
Resource Hash
bcb531098396b976571d7b43e30caae00574fcd6e95b817ada16a77502981748
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
328
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 07:18:26 GMT
expires
Fri, 21 Oct 2022 07:18:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 07:18:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIDLs_vj8PoCFUJLfAodNUsNtg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7624486489236.71?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame 175D 		118 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6f1c6593e29355875dfb228a89cfdb33a84c6e542558b3430a65cf43d366176d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47833
x-xss-protection
0
last-modified
Fri, 21 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Oct 2022 07:18:25 GMT
conversion.js
www.googleadservices.com/pagead/ Frame 1F66 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
4d6e0aa6e1362f6a81b2e6e1e55cb7b5b3a619e5167a682b11d5d3fadd90501f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16833
x-xss-protection
0
server
cafe
etag
10343576281968999152
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 21 Oct 2022 07:18:25 GMT
generic
match.adsrvr.org/track/cmf/ Frame 384B
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e8b3d358-e78e-4c33-b377-0defa5253141&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=e8b3d358-e78e-4c33-b377-0defa5253141&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=e8b3d358-e78e-4c33-b377-0defa5253141&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ChumoopE2uL6tLsIjlFaXd4nTUqzTkw-~A&gdpr=0&gdpr_consent=
70 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ChumoopE2uL6tLsIjlFaXd4nTUqzTkw-~A&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Oct 2022 07:18:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ChumoopE2uL6tLsIjlFaXd4nTUqzTkw-~A&gdpr=0&gdpr_consent=
date
Fri, 21 Oct 2022 07:18:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
activity
au-gmtdmp.mookie1.com/t/v2/ Frame A105 		43 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.202.227.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:25 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
px
secure.adnxs.com/ Frame D877 		43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 07:18:25 GMT
AN-X-Request-Uuid
5f956932-8e0f-4118-b07a-f49c9da60648
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.129; 173.245.209.129; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 07:18:25 GMT
AN-X-Request-Uuid
9647bbec-479f-4d11-bb34-fb7fa7b1fd3d
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.129; 173.245.209.129; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 07:18:26 GMT
AN-X-Request-Uuid
1b012567-8713-4cc1-9da3-dc6c8e7f3fb6
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.129; 173.245.209.129; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixie
ib.adnxs.com/ Frame F420 		42 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1666336705487&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1666336705486&et=1666336705487&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 07:18:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
173.245.209.129; 173.245.209.129; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XZUYitrYgFo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XzRXQSkFNKY.L... Frame 430B 		1 KB
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XZUYitrYgFo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XzRXQSkFNKY.L.B1.O/am=ygAAAg/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6cidVYk7s0hAA48drDGCeJkf8GvQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XZUYitrYgFo.es5.O/am=ygAAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6e32LXr_LoSCdLUMA9G_idyh6gIw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
758d5a18d576e73a20ac09c43df46f7ae407f06a25f41585bdde4786162dd1a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
703
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 00:02:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Oct 2023 02:00:42 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 430B 		583 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=8420053020941930961&bl=boq_subscribewithgoogleclientserver_20221017.07_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=26306&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XZUYitrYgFo.es5.O/am=ygAAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6e32LXr_LoSCdLUMA9G_idyh6gIw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f138.1e100.net
Software
ESF /
Resource Hash
ec52df584928478e0107130be985be8bf597cb67e716fcf0f5b772c9a2917f8d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 21 Oct 2022 07:18:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XZUYitrYgFo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XzRXQSkFNKY.L... Frame 430B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XZUYitrYgFo.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XzRXQSkFNKY.L.B1.O/am=ygAAAg/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6cidVYk7s0hAA48drDGCeJkf8GvQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XZUYitrYgFo.es5.O/am=ygAAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6e32LXr_LoSCdLUMA9G_idyh6gIw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
d29484006eb921978f997aefe86cdbf4aa01c79a8f7392995a48915cfff53062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 22:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7223
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 00:02:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Oct 2023 22:02:52 GMT
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=mpeweztqpiahgnlsachmxyzddeg8p1666336703&fp_cr_tm=1666336703811&fp_acc_tm=1666336703811&fp_emm_tm=1666336703811&ve_id=&sessionId=docbrdnxrwlkhr2sfqaftkimxsr2k1666336703&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,q9miey4nft7vg5r49lrla2fxtkeaz1666336704&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16663367038081909&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1666336695948&c3=st,c&c64=starttm,1666336705&adid=1666336695948&c58=isLive,false&c59=sesid,&c61=createtm,1666336705&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&sdd=&c62=sendTime,1666336705&rnd=11508
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.205.213 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-205-213.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:25 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
log
play.google.com/ Frame 430B 		131 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XZUYitrYgFo.es5.O/am=ygAAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6e32LXr_LoSCdLUMA9G_idyh6gIw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f102.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 21 Oct 2022 07:18:26 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 21 Oct 2022 07:18:26 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f102.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 21 Oct 2022 07:18:26 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 430B 		131 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XZUYitrYgFo.es5.O/am=ygAAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6e32LXr_LoSCdLUMA9G_idyh6gIw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f102.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 21 Oct 2022 07:18:26 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 21 Oct 2022 07:18:26 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f102.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 21 Oct 2022 07:18:26 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 430B 		131 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XZUYitrYgFo.es5.O/am=ygAAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6e32LXr_LoSCdLUMA9G_idyh6gIw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f102.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 21 Oct 2022 07:18:26 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 21 Oct 2022 07:18:26 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f102.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 21 Oct 2022 07:18:26 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
/
p.adsymptotic.com/d/px/ Frame 873F
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1666336705906&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1666336705906&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1666336705906%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1666336705906&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true&liSync=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ac6f64ab-f21e-46e7-8c4f-35962f6f8be8
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ac6f64ab-f21e-46e7-8c4f-35962f6f8be8&_expected_cookie=0a029f603cb7395ac0412cd3...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ac6f64ab-f21e-46e7-8c4f-35962f6f8be8&_expected_cookie=0a029f603cb7395ac0412cd33cce8a9a
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
104.18.100.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Fri, 21 Oct 2022 07:18:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75d838279fefa89e-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ac6f64ab-f21e-46e7-8c4f-35962f6f8be8&_expected_cookie=0a029f603cb7395ac0412cd33cce8a9a
date
Fri, 21 Oct 2022 07:18:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75d838264eb0a89e-SYD
content-length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 1F66 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1666336705943&cv=9&fst=1666336705943&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
99b0beb381d7b021bd8c743720187a7858b9a13785b1355d923cedfb12402248
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
987
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ Frame 71DB 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=e9975d4c-7823-4bf9-8bd8-b0e702d74a24&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f1731b7a-05c9-490a-b93d-41cb1d800928&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.27
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
158
date
Fri, 21 Oct 2022 07:18:26 GMT
strict-transport-security
max-age=0
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
9cc70fd000de38ab
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
c323e7d00ae5c63a8ef5b7f9944ecf27a59d7c9eee198c951d7f3751c35bc62a
content-length
43
adsct
analytics.twitter.com/i/ Frame 71DB 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e9975d4c-7823-4bf9-8bd8-b0e702d74a24&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f1731b7a-05c9-490a-b93d-41cb1d800928&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.27
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
145
date
Fri, 21 Oct 2022 07:18:25 GMT
strict-transport-security
max-age=631138519
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
0f1687cf7beb5678
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
e60bc27f225c737c12182a4bff38eaeeb9625ee64950f7c2fe6572d8094aef86
content-length
43
log
play.google.com/ Frame 430B 		131 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.XZUYitrYgFo.es5.O/am=ygAAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6e32LXr_LoSCdLUMA9G_idyh6gIw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f102.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 21 Oct 2022 07:18:26 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 21 Oct 2022 07:18:26 GMT
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.196.126 -, , ASN (),
Reverse DNS
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
up
insight.adsrvr.org/track/ Frame D519 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
16092bcf38423d74f349e6034706c0792fa4885f7b4443d2c6575eb6a41940b9

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Fri, 21 Oct 2022 07:18:26 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
up
insight.adsrvr.org/track/ Frame 9FA3 		946 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
b6caf338af2bd9ec294d9b3f536d6734151af681a4269f4cf51f037698edb12c

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Fri, 21 Oct 2022 07:18:26 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
conversion_async.js
www.googleadservices.com/pagead/ Frame BE58 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
6eb1a85c484ea6b5692b2846247099262ca28243d78e5ee99077f3f7a0ecc77a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15180
x-xss-protection
0
server
cafe
etag
6306170824501671363
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 21 Oct 2022 07:18:26 GMT
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.196.126 -, , ASN (),
Reverse DNS
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame D519 		487 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 22:20:15 GMT
Via
1.1 988e86815669491446c291c607aeb5e8.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
32291
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
hROEAjHcoBr9fk3aFsrznubz3ekIl9ODa80_8Lk64ARDDDg9iO-umQ==
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 9FA3 		487 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 22:20:15 GMT
Via
1.1 a4e03b25c402f8e111eba098232bf16e.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
32291
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
Kx3x7tqRWbfnCCgyecFUvNiO04gqViwOglVRJLy76tGU3rQdq_M3hA==
conversion_async.js
www.googleadservices.com/pagead/ Frame 175D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
6eb1a85c484ea6b5692b2846247099262ca28243d78e5ee99077f3f7a0ecc77a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15180
x-xss-protection
0
server
cafe
etag
6306170824501671363
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 21 Oct 2022 07:18:26 GMT
dc_pre=CJa3s_vj8PoCFeJLfAodGU4NZg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7136558380504.514
adservice.google.com/ddm/fls/z/ Frame F27A 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJa3s_vj8PoCFeJLfAodGU4NZg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7136558380504.514
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJa3s_vj8PoCFeJLfAodGU4NZg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7136558380504.514?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame BDD7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZThiM2QzNTgtZTc4ZS00YzMzLWIzNzctMGRlZmE1MjUzMTQx&gdpr=0&gdpr_consent=&ttd_tdid=e8b3d358-e78e-4c33-b377-0defa...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=e8b3d358-e78e-4c33-b377-0defa5253141&google_gid=CAESEJcqVShhduTH3_IeHERfWIw&google_cver=1
70 B
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=e8b3d358-e78e-4c33-b377-0defa5253141&google_gid=CAESEJcqVShhduTH3_IeHERfWIw&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 21 Oct 2022 07:18:26 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 07:18:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=e8b3d358-e78e-4c33-b377-0defa5253141&google_gid=CAESEJcqVShhduTH3_IeHERfWIw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame 9E7B
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=e8b3d358-e78e-4c33-b377-0defa5253141&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
70 B
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 21 Oct 2022 07:18:26 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 21 Oct 2022 07:18:26 GMT
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Server
nginx
generic
match.adsrvr.org/track/cmf/ Frame F659
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=e8b3d358-e78e-4c33-b377-0defa5253141&r=https%3A%2F%2Fmatch.adsrvr.org%2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
70 B
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 21 Oct 2022 07:18:26 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 21 Oct 2022 07:18:26 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
dc_pre=CIDLs_vj8PoCFUJLfAodNUsNtg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7624486489236.71
adservice.google.com/ddm/fls/z/ Frame CD1D 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIDLs_vj8PoCFUJLfAodNUsNtg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7624486489236.71
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIDLs_vj8PoCFUJLfAodNUsNtg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7624486489236.71?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 2C37
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZThiM2QzNTgtZTc4ZS00YzMzLWIzNzctMGRlZmE1MjUzMTQx&gdpr=0&gdpr_consent=&ttd_tdid=e8b3d358-e78e-4c33-b377-0defa...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=e8b3d358-e78e-4c33-b377-0defa5253141&google_gid=CAESEJcqVShhduTH3_IeHERfWIw&google_cver=1
70 B
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=e8b3d358-e78e-4c33-b377-0defa5253141&google_gid=CAESEJcqVShhduTH3_IeHERfWIw&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 21 Oct 2022 07:18:26 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 07:18:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=e8b3d358-e78e-4c33-b377-0defa5253141&google_gid=CAESEJcqVShhduTH3_IeHERfWIw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 10B1 		43 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e8b3d358-e78e-4c33-b377-0defa5253141&expiration=1668928706&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Oct 2022 07:18:26 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
generic
match.adsrvr.org/track/cmf/ Frame 344A
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=e8b3d358-e78e-4c33-b377-0defa5253141&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
70 B
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 21 Oct 2022 07:18:26 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 21 Oct 2022 07:18:26 GMT
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Server
nginx
/
www.google.com/pagead/1p-user-list/859754747/ Frame 1F66 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1666336705943&cv=9&fst=1666335600000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=907022999&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/859754747/ Frame 1F66 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/859754747/?random=1666336705943&cv=9&fst=1666335600000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=907022999&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame BE58 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1666336706742&cv=9&fst=1666336706742&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&auid=1379204765.1666336706&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
03c3d1f5e33e84e14dc0708b617dc21ce9b7b7531c94577b7a4823513db210a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1019
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 22 Oct 2022 07:18:27 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame 175D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1666336706825&cv=9&fst=1666336706825&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&auid=1379204765.1666336706&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ac7ae694d33bc455ae1816b59445a63ff526c972c31d186a85e11ff88542b3b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1020
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13726
check.analytics.rlcdn.com/check/ 		25 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-112.sin2.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 07:18:27 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
x-amzn-trace-id
Root=1-635247c3-74da429161a725670ffcba83
x-amzn-requestid
62935e11-83c9-48ba-8516-2e5bbd2e8cf9
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
aWAmkGufDoEF62Q=
content-length
25
x-amz-cf-id
QR4eFj8ilIjIcCnkXyvuzrZMGjXdukWP0J-cSkB8Pev5zhx0E4vGiQ==
integrator.js
adservice.google.com.au/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		118 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1603687905668296&correlator=2645946710692318&hxva=1&scor=90612944221206&eid=31070473%2C31068825%2C31069101%2C31062930&output=ldjh&gdfp_req=1&vrg=2022101901&ptt=17&impl=fifs&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ifi=1&adks=1616217045%2C2956706420%2C1415436295%2C1982096792%2C3785065344%2C3544675803&sfv=1-0-38&ists=1&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D8cccec6a-5110-11ed-a2af-0264d93e907e%26hb_format_inskin%3Dbanner%26hb_size_inskin%3D980x300%26hb_pb_inskin%3D14.50%26hb_adid_inskin%3D4177be1fddb8c9f%26hb_bidder_inskin%3Dinskin%26hb_format_rubicon%3Dbanner%26hb_deal_rubicon%3D886696%26hb_size_rubicon%3D970x250%26hb_pb_rubicon%3D13.50%26hb_adid_rubicon%3D4024807b0d0b70a%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D980x300%26hb_pb%3D14.50%26hb_adid%3D4177be1fddb8c9f%26hb_bidder%3Dinskin%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D8cccec6b-5110-11ed-a2af-0264d93e907e%26vw%3D40%2C50%2C60%26vw05%3D40%2C50%26vw15%3D40%26grm%3D40%26vw10%3D40%26pub%3D40%26hb_format_criteo%3Dbanner%26hb_size_criteo%3D300x600%26hb_pb_criteo%3D0.70%26hb_adid_criteo%3D38f7f6f9fa44de5%26hb_bidder_criteo%3Dcriteo%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.70%26hb_adid%3D38f7f6f9fa44de5%26hb_bidder%3Dcriteo%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D8cccec6c-5110-11ed-a2af-0264d93e907e%7Cpos%3D1%26refreshed%3Dfalse%26id%3D8cccec6d-5110-11ed-a2af-0264d93e907e%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D8cccec6e-5110-11ed-a2af-0264d93e907e%7Cpos%3D1%26id%3D8cccec6f-5110-11ed-a2af-0264d93e907e&eri=1&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3Db41fdad1ee972853801a1edf83b61665%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26pid%3Dnone%26adl%3Dfalse%26abtest%3Db%26pvid%3Db41fdad1ee972853801a1edf83b61665-00000000000000000000000000000000-1666336695337-909860%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_1506123_PG%252CIAS_3006644_PG%252CIAS_1507080_PG%252CIAS_1507653_PG&sc=1&cookie_enabled=1&abxe=1&dt=1666336706903&lmt=1666336706&dlt=1666336691635&idt=11129&adxs=436%2C1123%2C1124%2C0%2C176%2C0&adys=48%2C462%2C10421%2C11665%2C4258%2C12386&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=20&vis=1&psz=1600x134%7C300x276%7C300x250%7C1600x720%7C1248x0%7C1600x12403&msz=728x93%7C300x276%7C300x250%7C1600x0%7C1248x0%7C1600x0&fws=512%2C512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1138667627.1666336707&ga_sid=1666336707&ga_hid=474182465&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
9ee2fe8a37f9567ba9ed176bef41bd5ec9380bb1385d84b151839fce37547e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25883
x-xss-protection
0
google-lineitem-id
6137590224,6137590224,5275743052,-2,6137590224,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138409096256,138409095932,138407741791,-2,138409096166,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
379c407406341424da9c52e0b7d5a5b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D16B 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://379c407406341424da9c52e0b7d5a5b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 07:18:27 GMT
expires
Sat, 21 Oct 2023 07:18:27 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/707564276/ Frame BE58 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1666336706742&cv=9&fst=1666335600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=532920482&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/707564276/ Frame BE58 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/707564276/?random=1666336706742&cv=9&fst=1666335600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=532920482&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/820018408/ Frame 175D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820018408/?random=1666336706825&cv=9&fst=1666335600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=2530254075&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/820018408/ Frame 175D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/820018408/?random=1666336706825&cv=9&fst=1666335600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=2530254075&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E095 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSFQe51NcdSvSLDeuKkqlmfKxtiq2s9964SmDWcJMvYfOae-7qIi3A920f7QkRo4WluNhh0M1BR0xe1iwNnH6mWEx-xFCIiADE3wLgPsEaftUh0tI0vXSzAsDbd09uO_2DPbc-piw-IZ1TEW3cPHGVt_GKc8pqEN3_AnwFDiPOlrzf1y7M-wmwjxVWlqc1ki7zGQTkWDMIuw3O5PFtGMWajhp18apNi_1_WAU9z81JJ6_LCBsLIrqzaQf0D9tOZfvXSPGY3ZR0v_lvnnUnvyT2WYO0ZuHtcuAwErGYnlvFJrnYkjqAKfYBvgLAz8bxFw&sai=AMfl-YRFQ61b5HADnENy6Gt55fIIhQ_jli_Mp6OJemuqRW8WUZ3oPbbwXKk2xM7AjsFVvK7ZcHlDKYDgwuxNx-QbTcifGIlcpS4izvhFYLbvQxOZdTabGhSxj6r2SrTUHF-tlw&sig=Cg0ArKJSzJnLoy5OVtAJEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
dcmads.js
www.googletagservices.com/dcm/ Frame E095 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 06:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 21 Oct 2022 07:49:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E095 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 07:18:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2B6B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzhaWWmitClsg5Ohq6RgC-BM-Fyx3bQONcPlQ4cG9kJrpQ9E5QPxw_mmdpwCEsYwxx0pd-htedumT9OoAM-cpiwzLDcxMS1_9MksFdBdr2fc5xvf_Y-vs7eR_uw7Uswt9nvkK4XQ-KefJVAExkBv6wQjY_-5DxuZ8A8jjjkPx6pvolc262wM-dcKy94vQ8B4JE5NRBPYqJNOaW2qDKT73s82seqavRXLiWrgIuX9e9BVKoIyI9HnNZ8SNTw9ZE3OJIO5GxtivUyX0wect533OcL19BLGVbRMv-a496qxZdlem6OQDF9AKnDwT-ZPo25A&sai=AMfl-YToW21cwZt5pmuf70TUv9_MgbcAnOmLkxBBIui3VK9MTiXc60iZPglGNJ9qkuw8eieLJ9uTMNzl99F-0hTcuf-jHVzAaEqCmBn0YRNr7q-KtzVa5E4iHxPGN_pdyWdmWw&sig=Cg0ArKJSzO2leT1jASjxEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
dcmads.js
www.googletagservices.com/dcm/ Frame 2B6B 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 06:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 21 Oct 2022 07:49:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2B6B 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 07:18:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B693 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBuznzNb-VuWb2VsFy0WdzsqnoXzOjP5acsZnA15NXIcF5vTk28o2vLS3vGnMNiq_PRgxCOjUNWtFQrwsP_miuFrcf295gbKDh-2ovQ0NCoe9H53tGkauFFfdv5rYQR3DGKgN_C_MGXrIKQCcUgaoM3N5jGzfkNByQp0lpHP9veYbfVP27eGZrkSScIGAUksXDVpQrXUg5R335M6N9m7Lbg3rYPdwOgt9mn1iX8YRbHWgPZb6AEzQg52-vsy2Ad_7E9D5HuBbF9Vu6JhqvWb51C6mvSI7tKWCxHoQDQD44wGYUb9np6BPj0dqk6tXNMg&sai=AMfl-YTC8lnQ3RjUEo8CbZAA9C9lW4J_jaH6RS6DB0SLwK1QY7ZK-9K7ClfBLpg3E6ZZvda0CwRTX3tSID3EkE154B1JJYps5oxD--sV1TbZ-sCLZHQJ81nBHK3gNSV2VyGZcw&sig=Cg0ArKJSzLtsHBlN8RpNEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame B693 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:42:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45372
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9571
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Nov 2022 18:42:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame B693 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:19:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43137
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Nov 2022 19:19:31 GMT
l
www.google.com/ads/measurement/ Frame B693 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQK81AUP1m_DkNVbDSjzCMOwdWpbxslDZEN69H63zjn7FsfzXEKqgPR0IbjLHFRrlEJ2xRMu6Cq0kNJktqZvoiGlpyHaw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B693 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 07:18:28 GMT
11304420799037586704
tpc.googlesyndication.com/simgad/ Frame B693 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11304420799037586704
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
d931ef77f2ca20ef444c9362ff45c01b62d92db7d6df97219a3e4b9cf85fd9d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 08:58:38 GMT
x-content-type-options
nosniff
age
166790
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38686
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 03:48:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 19 Oct 2023 08:58:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B4CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWSotLXZbc-tP9cam2CDb66kXGfmelZfwMjc_8OIbD8-0tsOMK9iY5KM2UhbH0f-FFC3tyUOzq2pd24hEUIHgPJ-toqMTc-cdI1OriV8y2g-vrMqVZZnU54gBfK1x7ZlMwoTVD9Te4oHWfgIUWdUrcoAcrJbFjAl5gVE5jJoCTeeO5QfnsMq9nMxOrA3yFIdmMBrSrn-_mCmjBeN9FubfbMY-Am4DB-P8EBMQDi-0SZ17oZom1u0SjD3gv-dx_G4W5zTXhtGKaZ2mzCXW3Gv7guDqZmD_TdliLRgR2xeTe1hJOwVQlLcX_FvS8H69iyA&sai=AMfl-YSj6vIv4ir1fipYNn_UTyXp8cBjzFfRFOMWsiMwewGqhKXSW8uaeXCnrib_WFsTXisGhmp6zM7JZPTFJRnpgeK14ZVSoHslcUny8F-yb69JEkok5jVyubSP7CBa0z14bw&sig=Cg0ArKJSzE154I8jixAYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b41fdad1ee972853801a1edf83b61665-1666336690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
dcmads.js
www.googletagservices.com/dcm/ Frame B4CB 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 06:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 21 Oct 2022 07:49:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B4CB 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 07:18:28 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 22 Oct 2022 07:18:28 GMT
701.json
id5-sync.com/g/v2/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
de23346525a6d28d2a224d27cf844ad7443c8abddfb3cf5dcea364f0f9904bdc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 07:18:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 07:18:28 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
event
prebid-a.rubiconproject.com/ 		61 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.230.111.91 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 21 Oct 2022 07:18:29 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.230.111.91 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 21 Oct 2022 07:18:29 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C91A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=125315
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 07:18:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 22 Oct 2022 18:07:02 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8445 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
10169
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 21 Oct 2022 07:18:27 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
52, 15848
X-Served-By
cache-lga13626-LGA, cache-syd10176-SYD
X-Timer
S1666336708.939035,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 0923 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Oct 2022 07:18:28 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame BB84 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1130
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
75d83829f956aaf6-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 07:18:28 GMT
expires
Fri, 21 Oct 2022 11:18:28 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame A32F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f4b48ad842a80aa64a2c701105c98d52591b75b44ff5ec127b955575f3ffa01

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75d8382a0916a819-SYD
content-encoding
br
content-type
text/html
date
Fri, 21 Oct 2022 07:18:28 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PUtJ6%2BQovQEywcNx9fUXJ6hhUDkWKrnmVC3VICxJVpuuCmrV472CmopW%2FcSkry%2BPDxn90Hb7QZDhA4%2BTPmLgu%2FgyiKywPLJ9gIosljz4OQgEclUFo2lTWjlw34YFivozK5hHHZsd%2FZruQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=4556601905268206534
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=4556601905268206534
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:28 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
c6737023-a5a4-4488-8925-8ed30ab7b1e4

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 07:18:28 GMT
AN-X-Request-Uuid
c01ae065-ae6f-45fb-8beb-42ab13a69b64
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.playground.xyz/usersync?partner=appnexus&uid=4556601905268206534
Connection
keep-alive
X-Proxy-Origin
173.245.209.129; 173.245.209.129; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8445 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 07:18:28 GMT
AN-X-Request-Uuid
bba7b7cc-c02c-4b70-b8a7-836be24d0709
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.129; 173.245.209.129; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C91A 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21352573&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d95996871a816e94d023d6667a7b9cb1324efbac283f2c668eb8f36ff9a4ec78

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 07:18:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
impl_v91.js
www.googletagservices.com/dcm/ Frame E095 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 18:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
479564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Oct 2023 18:05:44 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2BAD 		2 KB
913 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0787012d19d383b931afb6b627ac18dba6729d20aa91a32b7c53b1f4b96a3e8b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75d8382ab9f3a819-SYD
content-encoding
br
content-type
text/html
date
Fri, 21 Oct 2022 07:18:28 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjAg8Wcs0tGJOgCDlUtAaHBvnYQIc4jtoUaDHsJxfewvliRBYDtM1%2BrVzfXywzJGgLyLCU8xkskIOzezce3bHJMMHqXulXF8j5W3bXjcGnYoPy4zHeUR35bNBc1stD1v2eardPxyFnlHCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame B693 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
090ec84476b554a2f84538e4cd9334d73d82c2e6786ac3e9b6127d86ffd6fd0a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
impl_v91.js
www.googletagservices.com/dcm/ Frame B4CB 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 18:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
479564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Oct 2023 18:05:44 GMT
impl_v91.js
www.googletagservices.com/dcm/ Frame 2B6B 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 18:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
479564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Oct 2023 18:05:44 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A32F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0gua6Xwe3vV0aMYlr-XVU&google_cver=1
43 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0gua6Xwe3vV0aMYlr-XVU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E44pXrP5Gt6GoqadrSRL1ZG5fzP7%2BoPxOv2xAbJlb5r3%2Fi1qL5eDa1XsmblIy7H7FAsPXeg3yNWcNI%2FCnh0eyx%2FzdssXBJEwn5Pwr8oJBQj6HAX3SaLd7wxhUNaiTHcyw6ErnVSnraDtZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75d8382eabf1aae4-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0gua6Xwe3vV0aMYlr-XVU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A32F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1JHu7a3Dx9xUVjqxdRI8QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJXc6ENeRNbIMWGori60-BA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJXc6ENeRNbIMWGori60-BA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 07:18:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJXc6ENeRNbIMWGori60-BA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A32F 		0
0
crum
dsum-sec.casalemedia.com/ Frame A32F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4556601905268206534
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4556601905268206534
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 07:18:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 07:18:28 GMT
AN-X-Request-Uuid
5ad9f09e-99f7-4120-91f3-9e373408b26a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4556601905268206534
Connection
keep-alive
X-Proxy-Origin
173.245.209.129; 173.245.209.129; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
ad.turn.com/r/ Frame A32F 		0
0
rum
dsum-sec.casalemedia.com/ Frame A32F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=8xmmUPEd8FfoGqFQ_Ey-VPBOoFToSasBoUzGoAOD
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=8xmmUPEd8FfoGqFQ_Ey-VPBOoFToSasBoUzGoAOD
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 07:18:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=8xmmUPEd8FfoGqFQ_Ey-VPBOoFToSasBoUzGoAOD
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
us.php
gu.dyntrk.com/adx/ie/ Frame A32F
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_635247c55dc7b&knw=0
0
0
Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A32F 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.146.178 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
i.gif
mfad.inskinad.com/udb/9874/sync/ Frame A32F 		43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=Y1JHu7a3Dx9xUVjqxdRI8QAA%264717
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.104.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-104-205.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Fri, 21 Oct 2022 07:18:28 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
undefined
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
43
x-served-by
bifrost-production-shard001-us-east-1e-i-00bba2b5ade8b381f
img
sync.mathtag.com/sync/ Frame 2BAD 		0
0
ie
match.prod.bidr.io/cookie-sync/ Frame 2BAD
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
0
0
Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2BAD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
54.169.146.178 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB
date
Fri, 21 Oct 2022 07:18:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 2BAD
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=3C47F33B6C8F4C98A96EC531F9EBF7F6
0
0
ibs:dpid=23728&dpuuid=Y1JHu7a3Dx9xUVjqxdRI8QAA%264717
dpm.demdex.net/ Frame 2BAD 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1JHu7a3Dx9xUVjqxdRI8QAA%264717?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v040-08f8a2879.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Ti+tjoi4TAw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
usermatchredir
ssum-sec.casalemedia.com/ Frame 2BAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0gua6Xwe3vV0aMYlr-XVU&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0gua6Xwe3vV0aMYlr-XVU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jenBioDZncd4BbYiqxM75QdojAqAZfAY5Dz9GRJnP3JqmgNflxsA4g6RfHc3aJ%2Bs2Oh4Ei0xzDtVuajbd6e6t%2FRG84xSrDLfCuN3FyDXZS6e0wPAU2ZqBzVMYJth7nbqCswLtWVCC6bl9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75d8382eabf3aae4-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0gua6Xwe3vV0aMYlr-XVU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 2BAD 		0
0
Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2BAD 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.146.178 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
htw-pixel.gif
cdn.indexww.com/ht/ Frame 2BAD 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y1JHu7a3Dx9xUVjqxdRI8QAA%264717
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:28 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
31684
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
75d8382ead7ca8b2-SYD
content-length
43
expires
Sat, 22 Oct 2022 07:18:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B693 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1D6xiUI5xtSTWFthsKPCbkzs352QWhYffuqesNUsn0D5KDEJTQvwQBZTHNRnVFQtMfIbgbTQxmEtlp-lVoiRJdV1NKSWwgc8ittkmdr5YrJZzhizmeLX6LtYIdvNgZzYl9osMuQihvZhSv7RBVOSxfIHQRxO3g6V8vfzY7H7SvW1vAwlr92wSXGaAWsgU7xgeDRGU3w8gPdlwoH0qCElIm1rP85Za7kU4a3drRLLV2vy7PgU9MV9Uo0ePgYb3AjybmgJgLj-CZDhl5-fmWxNaDIWkXuA7p76UaWt1Oa6EvAXHPgVzZf0l-IXCOie03MG1&sai=AMfl-YRnD8Jo756Tq6vpFDy5mvWBhTNTzX2SSJZjZBFYnMwpFEwaoSVTDu38bIeUEWGAfDeD9xYmtpqEreftzBFqroiWyQ26Ev6gkKmxgNJSTbcshGEyuJxtg-0Od_9LotbHFQ&sig=Cg0ArKJSzCb836j9TQjVEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 21 Oct 2022 07:18:28 GMT
jload
pixel.adsafeprotected.com/ Frame 9DF2 		7 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138407741791&pubOrder=2553375348&cb=1537156564&custom=homepage&custom3=168400391&adsafe_par&impId=8cccec6c-5110-11ed-a2af-0264d93e907e
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.225.18 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-225-18.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:29 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
usync.js
eus.rubiconproject.com/ Frame 0923 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
258ebf3a7e5cbad2732d4243241c20f23722008c773d164985f2d0fd829d3902

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 07:18:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83346
Connection
keep-alive
Content-Length
9457
Expires
Sat, 22 Oct 2022 06:27:35 GMT
B23684303.349527673;dc_ver=91.268;sz=970x250;u_sd=1;dc_adk=3492570194;ord=dyvrc6;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvRrWQ6uGoneUDl1xVteVQGigdS2e_wIVaxco_vseFu...
ad.doubleclick.net/ddm/adj/N62301.138233HERALDSUN.COM.AU/ Frame E095 		57 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N62301.138233HERALDSUN.COM.AU/B23684303.349527673;dc_ver=91.268;sz=970x250;u_sd=1;dc_adk=3492570194;ord=dyvrc6;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvRrWQ6uGoneUDl1xVteVQGigdS2e_wIVaxco_vseFuNZDAmXiLeF2Bwe2pRFCykY5sffGvwzx1NvZxhhZMuof7tXA79qhTWxjHpbcnqg2YYa3QCuewNSkqw3EEuSyXQYr4O1Tg2jDKWOkpihsw2iWfg-rPNreBO94E3bsukFT_ZNjoWZVbg0WDIedNOM2PYCrccbk_rOuksDDOHmENRomcZU09hH2Y-gIhLKF3-tljTpdj-BVW53xL4XaAJO34oPyH9D_OWBXGDdDZ_nC8EaptN4M5_E9htIhdxmFwdf8VMJwjWIlzSXrAsO_mWQ%26sai%3DAMfl-YRFn8qyLUoSHiKJr8RsbA6tNX3PGM9BzAVw32O_3VvZNYEaaoQxP7V4mdL25thpp1WDj0dxYrkAiOjyDQ0wbejPRgarb3OfCRV-rh3EfuGEaQxLU8t7FZ6MTr08O7SSPQ%26sig%3DCg0ArKJSzAOhjcpTvMFCEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=XK!t(Ya96g;stc=1;chaa=1;sttr=706;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
cafe /
Resource Hash
79a61545aadd3c09f80d215e3e879ce29f2b2bc95e0859d6d62db1371da57246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26755
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B23684303.349527679;dc_ver=91.268;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2682109654;ord=6ulz55;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvdKB97erNF-_ONHjmIZnIFzvMxT...
ad.doubleclick.net/ddm/adj/N62301.138233HERALDSUN.COM.AU/ Frame B4CB 		30 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N62301.138233HERALDSUN.COM.AU/B23684303.349527679;dc_ver=91.268;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2682109654;ord=6ulz55;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvdKB97erNF-_ONHjmIZnIFzvMxTS-D00tZHyK4-QCRcdmgFbOkDD3kviLCcQO6K2ezE8KTqvFYLfpWqsdVnvQYVMG8S4SC1QUDBnOoNGag1snnNB-ItQR8eQP9KTE-EHCWbpPWyOV8nP0BSpjN6wQApCJbrLeCZ9tkXfVHqmPQjWehBUmXGxWMY4KiMaCvd7XaYoBQnEfVNbJgvzxJoX93gxkYcJqBQSP-j0BoahshYJmb6BvJ61Hk-oH0KIRbZlg5O2oXz3PiyH0hIyrrtcugHrkVGoA4A1M-r0RXZIJ96TCFgy51JeGRzjiVaA%26sai%3DAMfl-YQnyOZ9Xy4ObKaYbwbBQt5nX2OjfADVo4n2uWveg_t8ui-RzBdI3W7To6K41Hh3ZICpCodkOSnz8z4QjBtLI1d5g5VpY40oZ6L_zPa7oKD_uHQoCh9yGvm5trRQRoc07g%26sig%3DCg0ArKJSzObYujtug5nzEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=XK!t(Ya96g;stc=1;chaa=1;sttr=607;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26720
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B23684303.349208813;dc_ver=91.268;sz=300x600;u_sd=1;dc_adk=1601075553;ord=1wqllu;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvM5FWLARG5PVXLSTpYbfNCLXe6vcPcImP7D9l_nhvT...
ad.doubleclick.net/ddm/adj/N62301.138233HERALDSUN.COM.AU/ Frame 2B6B 		0
0
async_usersync
ib.adnxs.com/ Frame 8445 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 07:18:29 GMT
AN-X-Request-Uuid
4f2c00ba-d157-4396-ae31-96b671ea31de
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.129; 173.245.209.129; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame EF68 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1D40
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ffd16352-47c5-4700-8592-83221c587532&gdpr=0&gdpr_consent=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 00C0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1JHvAAB7aM5RAAr&gdpr=0&gdpr_consent=
1 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1JHvAAB7aM5RAAr&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 21 Oct 2022 07:18:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 21 Oct 2022 07:18:29 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1JHvAAB7aM5RAAr&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-syd10155-SYD
x-timer
S1666336709.118017,VS0,VE0
send
cm.ambientdsp.com/cm/ Frame 3CC4 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 6E0B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B23FAQVpkwYcbJFRU2rdUAhvwVIcbMUHAmpofNqP
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 4314
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4556601905268206534&gdpr=0&gdpr_consent=
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C91A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=D_xnQBfQQIWdlf0vW9tbzA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
0
0
420486.gif
idsync.rlcdn.com/ Frame C91A 		0
0
img
sync.mathtag.com/sync/ Frame C91A 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame C91A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEZGQzY3NDAtMTdEMC00MDg1LTlEOTUtRkQyRjVCREI1QkND&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame C91A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC268UEu4xB1r27BjVYEc-s&google_cver=1
0
0
Pug
image2.pubmatic.com/AdServer/ Frame C91A
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0F79FDE0276B4E6281D630D8DAE8CC61
0
0
0FFC6740-17D0-4085-9D95-FD2F5BDB5BCC
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C91A 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0FFC6740-17D0-4085-9D95-FD2F5BDB5BCC?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.146.178 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:18:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame C91A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e8b3d358-e78e-4c33-b377-0defa5253141
42 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e8b3d358-e78e-4c33-b377-0defa5253141
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 07:18:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 07:18:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e8b3d358-e78e-4c33-b377-0defa5253141
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
313
tap.php
pixel.rubiconproject.com/ Frame 0923
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e8b3d358-e78e-4c33-b377-0defa5253141&gdpr=0&gdpr_consent=&expires=30
0
0
pixel
cm.g.doubleclick.net/ Frame 0923
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlJNVVJREYtUS1HWjZW
0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0923 		0
0
token
token.rubiconproject.com/ Frame 0923 		0
0
token
token.rubiconproject.com/ Frame 0923 		0
0
token
token.rubiconproject.com/ Frame 0923 		0
0
tap.php
pixel.rubiconproject.com/ Frame 0923
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIxZvvVJsPH-h_-SQ47NQvk&google_cver=1
0
0
dcm
s.amazon-adsystem.com/ Frame 0923 		0
0
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/ Frame E095 		0
0
view
googleads4.g.doubleclick.net/pcs/ Frame E095 		0
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E095 		0
0
13045320391290542157
s0.2mdn.net/simgad/ Frame E095 		0
0
truncated
/ Frame E095 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 734A 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/13/2721378e
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/z2kS_CMre0bUoWs3cyGU/Y77bSXztabrO/TisvAQ/TWMU/WDsaFxgB
Domain
syd-1-apex.go.sonobi.com
URL
https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%227ed01afc8f66f3%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%22801d4e6d38d324%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%229549ad1709fdc%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%22107d363450f0528%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=6e73660f-d5d4-4d1c-a82b-d61cd69e71ca&pv=08c65670-f582-4f0a-9788-6600bdbe5dc7&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=21
Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_635247c55dc7b&knw=0
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=3C47F33B6C8F4C98A96EC531F9EBF7F6
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1JHu7a3Dx9xUVjqxdRI8QAAEm0AAAIB
Domain
ad.doubleclick.net
URL
https://ad.doubleclick.net/ddm/adj/N62301.138233HERALDSUN.COM.AU/B23684303.349208813;dc_ver=91.268;sz=300x600;u_sd=1;dc_adk=1601075553;ord=1wqllu;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvM5FWLARG5PVXLSTpYbfNCLXe6vcPcImP7D9l_nhvTaSaoyQGEl1fsVwN59lJ0FFH9p2RtJSruZEM8v0XX48QiclIF3K0Uo4LZfo6DIowP-298qoCsAeP6YGqJJQ0Ubqb8AIiOZ-3iX-fNUQTfIqTMON5ATdZcQYsGguMPVal4bNtcHO_Nh7R_V88FhtYA0oVFWS5A3Q-ywEXVVcPeft0VSsecr-0gC0YB4uAXDjOnRH9bh2vQHouTwRIoLVPGGpqN-sO5Ik203ckayHmpKTenwOHaRoY4UHA4LutqwbAYwZZQ7kAZhemfTVAA7g%26sai%3DAMfl-YRTmid1Sn3QZHe9iLsypDkIrolqOBwRW--81nh9cUSgMkMkgKze-Zna8Aj4ykYEQyskkTcIB7f5Tfd0Y7w5pEgvKpuzGi5VoKDuC3nqb2I_OdGXwzSLTHr_g55m9eC3jg%26sig%3DCg0ArKJSzHfLaGZq33sREAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=XK!t(Ya96g;stc=1;chaa=1;sttr=589;prcl=s
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&cid=0FFC6740-17D0-4085-9D95-FD2F5BDB5BCC
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ffd16352-47c5-4700-8592-83221c587532&gdpr=0&gdpr_consent=
Domain
cm.ambientdsp.com
URL
https://cm.ambientdsp.com/cm/send?vc=pmj
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B23FAQVpkwYcbJFRU2rdUAhvwVIcbMUHAmpofNqP
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4556601905268206534&gdpr=0&gdpr_consent=
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/420486.gif?partner_uid=0FFC6740-17D0-4085-9D95-FD2F5BDB5BCC
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC268UEu4xB1r27BjVYEc-s&google_cver=1
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0F79FDE0276B4E6281D630D8DAE8CC61
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e8b3d358-e78e-4c33-b377-0defa5253141&gdpr=0&gdpr_consent=&expires=30
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlJNVVJREYtUS1HWjZW
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=36584
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2249&pt=n
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIxZvvVJsPH-h_-SQ47NQvk&google_cver=1
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/omrhp.js
Domain
googleads4.g.doubleclick.net
URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjoffWjgenbFopQRnFFWABtgBCkhXb7G7-ASCqZBRQZ3sFI3KUF0E-Jc-qGo2NAxKfPjcwy247e140NJ2gqXdKyoELdh0wryA-pJE-RGiE5Z1PLEjZVgZSK5u4TRd50xBBD4rTSvIaf-1gugrxcBE80R9MFVsY8R1z41zX&sai=AMfl-YS7kpnJkv17xdk5uiKXUWiLAcIeEzYlpgYo2ZtdDPk0BC4UrJDeIjukPIIi_E_H4h9WZ6gk1DMRrMUXHLygv9cjkoAhmEsj_01aGj7G&sig=Cg0ArKJSzIJd-WSxFqZ8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221019.12026&adurl=
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/simgad/13045320391290542157
Domain
pixel.adsafeprotected.com
URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=211156751&chanId=171638111&placementId=6137590224&pubCreative=138409096256&pubOrder=3099570905&cb=1180514138&custom=homepage&custom3=168400391&adsafe_par&impId=8cccec6a-5110-11ed-a2af-0264d93e907e

Verdicts & Comments Add Verdict or Comment

324 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| _taboola object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr function| toggleShowMore object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg object| COMSCORE function| udm_ object| ns_p undefined| $ function| jQuery function| admiral object| googletag number| taboola_view_id function| loadjs boolean| isLoadedIndiesJs string| urhehlevkedkilrobacf object| __AMP_LOG object| __AMP_MODE function| AmpStoryPlayer object| placementData string| nam object| lazySizes object| ads_api function| algoliasearch function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise function| 4dm1r11545242527 object| auth object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| fetchGDPR function| _tealium_old_error boolean| __tealium_twc_switch object| nb undefined| rea_site_short string| site_short string| pathname string| loc object| theseAddresses object| notTheseAddresses object| nrm_sites object| sectionData number| _sf_endpt function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker object| app object| vidora function| vidoraTrackExtraElements object| vidoraHelper boolean| isFetchedIndies function| parcelRequire object| m function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc function| GeaLoader object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| KAMPYLE_EMBED function| setImmediate function| clearImmediate object| ID5 number| interval object| npt object| ads_core object| ads_extra string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig boolean| excludeKargo object| adUnits object| pbjs object| __iasPET number| AMAZON_APS_TIMEOUT object| kw_ignore function| pbjsChunk object| _pbjsGlobals object| apsUnits boolean| isAlloyConfigured object| ggeac boolean| apstagLOADED object| atsenvelopemodule object| ats string| s_tnt function| cookieWrite function| cookieRead string| g string| f0 object| s_i_newscorpau-hsweb_newscorpau-global object| nca_ipsos object| dm object| brandmetrics function| __assign object| vidora_ns function| omrhp function| __spreadArrays object| _brandmetrics object| UrlCache object| SUBSCRIPTIONS object| SWG undefined| google_measure_js_timing object| Criteo boolean| hasApsUnits object| ads_ready object| diagPixSentCodes object| __iasAdRefreshConfig object| tbopt function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| $jscomp function| $jscomp$lookupPolyfilledValue object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData boolean| DotMetricsInitScript object| DotMetricsSettings object| DotmetricsJSON object| CryptoJS object| DotMetricsObj undefined| oneTagObj function| ebDecode object| bsResponseObj object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

146 Cookies

Domain/Path Name / Value
.taboola.com/newscorpau-aud-heraldsun/ Name: taboola_session_id
Value: v2_cf2362f619eb4d84cbd3d3339b66f0fb_8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35_1666336693_1666336693_CIi3jgYQgPNHGMC2oMu_MCABKAEwEDiu_QZA8IUQSOaS1wNQlZoCWABgAGi0ovD79tOEkd4BcAE
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: b41fdad1ee972853801a1edf83b61665
.heraldsun.com.au/ Name: nk
Value: b41fdad1ee972853801a1edf83b61665
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1666336690
www.heraldsun.com.au/ Name: lux_uid
Value: 166633669223702614
www.heraldsun.com.au/ Name: _tb_sess_r
Value:
www.heraldsun.com.au/ Name: _tb_t_ppg
Value: https%3A//www.heraldsun.com.au/
.scorecardresearch.com/ Name: UID
Value: 1451eb1fbf5353dfc22ee191666336693
.taboola.com/ Name: t_gid
Value: 8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
www.heraldsun.com.au/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
.heraldsun.com.au/ Name: bm_sv
Value: 9B3E657F4553A33BFE483F3705E397F8~YAAQ9+gyF7S5peSDAQAATB1o+RFPRohDnzTUUGWnRu0bUaeC+/Xpl1gNtm5NzlaXcVzA8V1aYrC0Yo4Lb/AJj/YMjao4foiy2/MqbLGGqsfolODKOyZ5RCSLLPHTx626TErW3xlfnjy/i+8E9d5Gt/2kl1aKj0A7C2iR1l1AYyIIOvT1d0NbWSD9Qek/ECLnB0M8ldKWvZgSx2VahWCKfPH3QH58+RMW2X7OvO4/wlM/qk38Qgt158rkLxFLcwXxSD0JpZAz~1
www.heraldsun.com.au/ Name: AWSALB
Value: FivH5PDJ8tZi6mKTK3YNVQLUwrRojC+IuHeftwHPlEXGI3qQqeT454m9wJ/zEXCwSihi1X0rpcbH4ElFB/VuDJrCSVFmzi2HSOOauM4Cnla1A+PpAMy6KJQY0ofE
.heraldsun.com.au/ Name: ak_bmsc
Value: 0700DA5EA7227809EF386D5AB26E6108~000000000000000000000000000000~YAAQ9+gyF725peSDAQAAKSFo+RH2aQl9/SoViiCf/C/Z0hZ4w5INKQrobt0Cxk6YK20uqKuxOMKOEEP4a6Kj32rOO78kD7ZvDSZBeUWFW4C89dLC59TOjN7Dxso/RQvNf5Wtw2iIfmnOoXmlCI1gZbteBGJlVI15lrJ5au0nXeCIF7fQ5fOfD3X32VRUEbe/B/Xnto9dSde6kY3M8pOm7RtHN/TtWgiVtO+La52y6/yIy1ULrmvXBSrZXppRyaAsycKHYKRxOiZ0pz7ANK3xLSbqXT8H3anGHSLxzpoRqFmg27DBAhv4WeI/dReCMAt3sy9lT3rfLkyVDxxioNYRfWFZBIFO+EoGLRJAvKEi1jQFWxNyiLqgCupQP7oSkgcqbIRuwCaFtZb/8IckYMhhI+zL5soBrSlKGYwK3JtQDqyfLuxAgnvagl4X+BIUjcSh840amLSj2B62o3kVwDR2z2rhgUSvRsiTatTLA3uWWxiLlKK3/yYHh6nfORWk9qfzDDRz
www.heraldsun.com.au/ Name: AWSALBCORS
Value: FivH5PDJ8tZi6mKTK3YNVQLUwrRojC+IuHeftwHPlEXGI3qQqeT454m9wJ/zEXCwSihi1X0rpcbH4ElFB/VuDJrCSVFmzi2HSOOauM4Cnla1A+PpAMy6KJQY0ofE
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3A870ee3e0-5110-11ed-be7a-076e0a6a1631.hrKHpux6dfEISLcICt127Hj2CaeYbxLUropcQlCi1aU
.heraldsun.com.au/ Name: utag_main
Value: v_id:0183f968229c0010abbd4672ab4103074001d06c00b08$_sn:1$_se:1$_ss:1$_st:1666338494941$ses_id:1666336694941%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.6547129905468088
.heraldsun.com.au/ Name: _cb
Value: BDrbcrDYY9O7ZCwDN
.heraldsun.com.au/ Name: _chartbeat2
Value: .1666336695749.1666336695749.1.DutaFMCLeb1LcWIoBDgGsj-jztxn.1
.heraldsun.com.au/ Name: _cb_svref
Value: null
.heraldsun.com.au/ Name: metrics_pcsid
Value: not%20set
.heraldsun.com.au/ Name: _awl
Value: 3.1666336696.0.5-ffd097b498247dc9f4837bc3e2539869-6763652d75732d7765737431-0
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.demdex.net/ Name: demdex
Value: 77688079296075721740729129481305816947
.heraldsun.com.au/ Name: _ncid
Value: b49cede5a013879e66980eec99fcb443
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: 16a8886a-f497-4228-b9e0-57464a1f498b.1666336697.1.1666336698.1666336697.fb51cee0-fa32-43ba-b2a5-0fbf49a9b0f9
.heraldsun.com.au/ Name: s_ecid
Value: MCMID%7C77711952274834134600727030220105461353
www.heraldsun.com.au/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19287%7CMCMID%7C77711952274834134600727030220105461353%7CMCAAMLH-1666941498%7C9%7CMCAAMB-1666941498%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C1183478368%7CMCOPTOUT-1666343898s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.1.1
.heraldsun.com.au/ Name: s_nr30
Value: 1666336698328-New
.heraldsun.com.au/ Name: s_gdslv
Value: 1666336698329
.heraldsun.com.au/ Name: s_gdslv_s
Value: First%20Visit
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Chome%7Chomepage%7Chomepage
.heraldsun.com.au/ Name: tp
Value: 12357
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Chome%257Chomepage%257Chomepage%2C10%2C10%2C1200
.heraldsun.com.au/ Name: s_cc
Value: true
.newscgp.com/ Name: sp
Value: 4c0c5b8c-a28b-41ce-963c-f9abc82f37f4
.doubleclick.net/ Name: IDE
Value: AHWqTUlRb6am4qE363zLrvLir84KLK0wUH5BAhHf_75Thy5Ur8DqwLodsPf3UoI4w8E
.adsrvr.org/ Name: TDID
Value: e8b3d358-e78e-4c33-b377-0defa5253141
.adnxs.com/ Name: uuid2
Value: 4556601905268206534
.dpm.demdex.net/ Name: dpm
Value: 77688079296075721740729129481305816947
.casalemedia.com/ Name: CMID
Value: Y1JHu7a3Dx9xUVjqxdRI8QAA
.casalemedia.com/ Name: CMPS
Value: 4717
.casalemedia.com/ Name: CMPRO
Value: 4717
.turn.com/ Name: uid
Value: 4273321647021922134
.rubiconproject.com/ Name: khaos
Value: L9I5UIDF-Q-GZ6V
.scanscout.com/ Name: uid
Value: CI-143768f338df5f9c091220181e908930
.scanscout.com/ Name: UIAA
Value: 77688079296075721740729129481305816947
.scanscout.com/ Name: UIXX_UPDT
Value: "UIAA=1666336699859"
.eyeota.net/ Name: mako_uid
Value: 183f9683610-2335000001084510
.eyeota.net/ Name: SERVERID
Value: 17680~DM
.demdex.net/ Name: dextp
Value: 358-1-1666336698362|470-1-1666336698463|481-1-1666336698564|771-1-1666336698665|903-1-1666336698766|19566-1-1666336698867|23728-1-1666336698968|30432-1-1666336699069|30064-1-1666336699170|66757-1-1666336699271|134096-1-1666336699371|144230-1-1666336699472|144231-1-1666336699573|144232-1-1666336699674|144233-1-1666336699775|144234-1-1666336699876|144235-1-1666336699977|144236-1-1666336700078|144237-1-1666336700180|147592-1-1666336700280|461447-1-1666336700381
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y1JHvAAB7aM5RAAr
.lijit.com/ Name: ljt_reader
Value: FhE2BQZHPlr0z3pzT8qI3_ZF
.contextweb.com/ Name: V
Value: 89Yvjjld9KlK
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1gs2|5Ql.0.8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 454f0ba5bdeee40d
.smartadserver.com/ Name: pid
Value: 6399194593572795950
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 107:8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
.criteo.com/ Name: uid
Value: 0cc07d74-3174-47b9-9e86-97c3009e8b63
.id5-sync.com/ Name: 3pi
Value: 464#1666336700494#742325672#8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.lijit.com/ Name: _ljtrtb_42
Value: 8f8b1d8a-aaed-4b08-a79f-7a7a95646236-tucta4bcd35
.openx.net/ Name: i
Value: e10be065-51e4-4409-967d-bc57752a30e6|1666336700
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y1JHvAAB7aM5RAAr&KRTB&22978-Y1JHvAAB7aM5RAAr&KRTB&23194-Y1JHvAAB7aM5RAAr&KRTB&23209-Y1JHvAAB7aM5RAAr
www.heraldsun.com.au/ Name: vidoraUserId
Value: jovlmohbs3uch8vq6h2rrfdh64kjli
.krxd.net/ Name: _kuid_
Value: PJpcPGt2
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiY3NzcxMTk1MjI3NDgzNDEzNDYwMDcyNzAzMDIyMDEwNTQ2MTM1M1IOCKj0oMu_MBgBKgNPUjLwAaj0oMu_MA==
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: or2
.bidswitch.net/ Name: tuuid
Value: 60ca4cbf-e072-4758-8229-0c9a732c458e
.bidswitch.net/ Name: c
Value: 1666336700
.3lift.com/ Name: tluid
Value: 570893498019058458180
.semasio.net/ Name: SEUNCY
Value: 9EBBCA3E86A8B757
.bidswitch.net/ Name: tuuid_lu
Value: 1666336701
.spotxchange.com/ Name: audience
Value: 8b4adf9a-5110-11ed-90ff-17a1ae810107
.omnitagjs.com/ Name: ayl_visitor
Value: 0a4f0f24c2307411fc8f6913ccf728a4
.mfadsrvr.com/ Name: tuuid
Value: 717308f6-e304-4299-a9e0-dcf9185eb43a
.mfadsrvr.com/ Name: c
Value: 1666336701
.adx.opera.com/ Name: UID
Value: b64449c90a094a1c973c006585f4cebc
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7cf53f41-fbd9-467d-48b1-8c068f300614.7zQKgRhwEPGu14hDPiJo0U2JKA9WrpKQH2%2BuEgXClfA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AfPU_QfvZRn1IsYwGjzAGFK310YE.yX0nISYGjOGMdAStHPNUZ0U9D3hO0wM6XHq3f757hz4
.mfadsrvr.com/ Name: tuuid_lu
Value: 1666336702
.mfadsrvr.com/ Name: ssh
Value: !taboola,1666336702
.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898%2C17568988%2C17568985
.heraldsun.com.au/ Name: aam_uuid
Value: 77688079296075721740729129481305816947
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1666336702572.180148268
.ad-m.asia/ Name: uid
Value: 19i4FpSr5yI
.id5-sync.com/ Name: callback
Value:
.everesttech.net/ Name: ev_sync_dd
Value: 20221021
.heraldsun.com.au/ Name: nol_fpid
Value: mpeweztqpiahgnlsachmxyzddeg8p1666336703|1666336703811|1666336703811|1666336703811
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=96b6101b-887e-4497-8126-9e8f0f5ddb45&Created=10/21/2022 07:18:23&UserMode=0&guid=906ca6ba-2f55-4e52-9660-0e4a20ac66b2&ver=1
.adnxs.com/ Name: icu
Value: ChgIzrIrEAoYASABKAEwwI_JmgY4AUABSAEQwI_JmgYYAA..
ads.playground.xyz/ Name: connect.sid
Value: s%3AXHeFh5yMYGUkgNDPgW4nBqJqcgBzwcKk.hLOVOEREIsqCeNdf6sh3yc15yi4vrJY%2FTdXTOgzRIEE
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13062
Value: 1
.imrworldwide.com/ Name: IMRID
Value: 8d038c61-5110-11ed-9d48-d9a646741c49
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: ufskAdPq/AWSIBxzyH33mE7joZ8l6tDFDZ/aEFEqxtYNDOOuHfo7B/n1C6OsXrFBZqakPKaqDfFd1vz2M5TZVDbrWHMInXBYt0qI5zBWT8CmRT7ITjHbI8G6sCEK
mfad.inskinad.com/ Name: azk
Value: ue1-f95167203802485898afcfca6bac0a9b
mfad.inskinad.com/ Name: azk-ss
Value: true
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 005amuCjJ0_004c3mCjJ0_
.serving-sys.com/ Name: G4
Value: 0009fM00Iy_
.serving-sys.com/ Name: OT2
Value: 0001DC1rpD
.serving-sys.com/ Name: u2
Value: b3e2830c-c79f-4ad4-938a-78de39e848a64Jm050
.admatrix.jp/ Name: uid
Value: 048caf2c-480a-41c2-8859-170df00cd06f
.rubiconproject.com/ Name: audit
Value: 1|KhJvu8SkcDeHyT8Cl6v+38TlQsiIyNNZsbI3Abbg+wecmAZnLQTPdFLGbyn3dshbWFUFyctacUdCqQ3+tQhlLHMDvubSxZCGZ60cWpGl5GR/GuxdKCOxK0p6V9Sqzm2lpmvllXEtYN4=
.mookie1.com/ Name: id
Value: 10528571505674146562
.mookie1.com/ Name: mdata
Value: 1|10528571505674146562|1666336705544
.mookie1.com/ Name: ov
Value: 3ec0318771aec7cb06b57924e8631252
.adnxs.com/ Name: anj
Value: dTM7k!M4/YEVNsVF']wIg2Il`mTD<=!dw=?YiTXL`%)Z+dc%TM/sSjWoag1K#V6NAEwdqu!iohBhA5zJ$`nLw0y=/d!!)MM)CY>X
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.1379204765.1666336706
.yahoo.com/ Name: A3
Value: d=AQABBMJHUmMCEN_98Sdm3zHPR8lDpi5j3yIFEgEBAQGZU2NcYwAAAAAA_eMAAA&S=AQAAAlC6INvzpWvEtW5t9u4ILrI
.linkedin.com/ Name: li_sugr
Value: ac6f64ab-f21e-46e7-8c4f-35962f6f8be8
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&0ef1154b-013c-46bd-860b-cae5ca790109"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2892:u=1:x=1:i=1666336706:t=1666423106:v=2:sig=AQH_DDfPA-f1QuxjCUuLONCpZpD0f_Va"
.analytics.yahoo.com/ Name: IDSYNC
Value: 1769~27u7
.twitter.com/ Name: personalization_id
Value: "v1_VfEkiRWdJfX8jBnfRBqLbA=="
.t.co/ Name: muc_ads
Value: bee4e58e-85b1-41cf-b20c-21461c353a12
.linkedin.com/ Name: UserMatchHistory
Value: AQJuecWE3XfG8AAAAYP5aFAPK3SGLwCB68ItWR4bXRpzm8c284S80rLNo1yRscnlmxrYJIAtYVksvw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIt-zMZ6SpArgAAAYP5aFAP3adXRckKEW9qSCJgJ5XXjAFdid1GPTIbmYAaoK_eJcxgmQ-bZR2oBV4d0EzVvw
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-e8b3d358-e78e-4c33-b377-0defa5253141&KRTB&22918-e8b3d358-e78e-4c33-b377-0defa5253141&KRTB&23031-e8b3d358-e78e-4c33-b377-0defa5253141
.pubmatic.com/ Name: PugT
Value: 1666336706
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCNKw5J7Pz5k7EAUSGQoKcmlnaHRtZWRpYRILCPrs4aHPz5k7EAUSFQoGZ29vZ2xlEgsIvu_YrM_PmTsQBRIVCgZjYXNhbGUSCwjeuuunz8-ZOxAFEhgKCWJpZHN3aXRjaBILCN6666fPz5k7EAUYBSADKAMyCwjesu7U5c-ZOxAFQg8iDQgBEgkKBXRpZXIyEAFaB3ZyZ2VzNm5gAQ..
.google.com/ Name: NID
Value: 511=hTtxoRnnl6-NbYfRLfQWn4GJXiy1NclGrXefjjSaYczk0hc9ZDbgXBj36qt1NVJ2txFOmVWF77zkvnHQGzGa5dlT99-wiHpO9DuofcQXvRBnqdE-dSvO_JTbwM5TATHknwPCspue27YfqvkGYzvnucIzbcoJZ-Qbrjfebv4_ERI
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&20221021071826352d13f4-e9f1-4193-840a-e98473d1e52fAQGZhv4DNqMMaZUnvZ8WbGHIuPyIw8tE"
.heraldsun.com.au/ Name: __gads
Value: ID=d51c8d7079fa6d7a:T=1666336707:S=ALNI_MbKCezNIcylEtFIcIhS6EUGCXCxaA
.heraldsun.com.au/ Name: __gpi
Value: UID=00000b68511087b1:T=1666336707:RT=1666336707:S=ALNI_MaPEh8CFKKBIam_-gjJmU1JdKMowQ
www.heraldsun.com.au/ Name: cbd
Value: 10000
www.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 100
.adsymptotic.com/ Name: U
Value: 0a029f603cb7395ac0412cd33cce8a9a
www.heraldsun.com.au/ Name: _lr_retry_request
Value: true
www.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
.ads.pubmatic.com/ Name: KCCH
Value: YES
.id5-sync.com/ Name: id5
Value: 76e7ab31-c5ec-4230-839e-ec9f95e8c510#1666336700098#4
.casalemedia.com/ Name: CMTS
Value: 4683

12 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=799041791242.0509?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=799041791242.0509?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=799041791242.0509?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://id5-sync.com/c/464/112/6/2.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://www.heraldsun.com.au/
Message:
Access to XMLHttpRequest at 'https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%227ed01afc8f66f3%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%22801d4e6d38d324%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%229549ad1709fdc%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%22107d363450f0528%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=6e73660f-d5d4-4d1c-a82b-d61cd69e71ca&pv=08c65670-f582-4f0a-9788-6600bdbe5dc7&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0' from origin 'https://www.heraldsun.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%227ed01afc8f66f3%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%22801d4e6d38d324%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%229549ad1709fdc%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%22107d363450f0528%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=6e73660f-d5d4-4d1c-a82b-d61cd69e71ca&pv=08c65670-f582-4f0a-9788-6600bdbe5dc7&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Message:
Failed to load resource: net::ERR_FAILED
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://login.newscorpaustralia.com/csp-reports
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

379c407406341424da9c52e0b7d5a5b2.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.com.au
analytics.twitter.com
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-gmtdmp.mookie1.com
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
beacon.krxd.net
bedsberry.com
bh.contextweb.com
bidder.criteo.com
bs.serving-sys.com
c.amazon-adsystem.com
c1.adform.net
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.speedcurve.com
cdn.taboola.com
cdn1.adoberesources.net
cds.taboola.com
ce.lijit.com
check.analytics.rlcdn.com
cm.ambientdsp.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
collector.brandmetrics.com
connect.facebook.net
content.api.news
d.turn.com
dis.criteo.com
docbrdnxrwlkhr2sfqaftkimxsr2k1666336703.nuid.imrworldwide.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.scanscout.com
e1.emxdgt.com
eb2.3lift.com
edge.adobedc.net
edition.pagesuite.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image5.pubmatic.com
image6.pubmatic.com
images.taboola.com
insight.adsrvr.org
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lm.serving-sys.com
login.newscorpaustralia.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
metrics.heraldsun.com.au
mfad.inskinad.com
mhr.talk.news.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news.google.com
newscorpau.demdex.net
origin.go.heraldsun.com.au
p.adsymptotic.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.zprk.io
play.google.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.uuidksinc.net
s0.2mdn.net
sb.scorecardresearch.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
sg-trc-events.taboola.com
simage2.pubmatic.com
snap.licdn.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
subscriptions.heraldsun.com.au
syd-1-apex.go.sonobi.com
sync-dsp.ad-m.asia
sync-t1.taboola.com
sync-tapi.admatrix.jp
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
t.adx.opera.com
t.co
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ts2020-indies-client.web.app
u.openx.net
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
visitor.omnitagjs.com
widget.perfectmarket.com
www.facebook.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.heraldsun.com.au
www.linkedin.com
x.bidswitch.net
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
c1.adform.net
cm.ambientdsp.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
googleads4.g.doubleclick.net
gu.dyntrk.com
idsync.rlcdn.com
image2.pubmatic.com
login.newscorpaustralia.com
match.prod.bidr.io
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
s.amazon-adsystem.com
s0.2mdn.net
simage2.pubmatic.com
syd-1-apex.go.sonobi.com
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
103.229.10.171
103.231.98.193
103.231.98.194
103.71.26.125
104.16.88.20
104.18.100.194
104.18.12.76
104.18.18.126
104.22.53.86
104.244.42.133
104.244.42.67
104.254.148.251
104.254.151.36
104.26.6.155
104.79.97.250
119.9.108.211
13.107.42.14
13.230.111.91
13.251.225.18
13.33.30.231
13.33.33.109
13.33.33.112
13.33.79.24
13.33.88.108
13.33.88.55
13.33.88.94
13.33.91.15
13.54.79.6
139.5.84.243
141.226.229.48
141.226.230.50
141.95.98.67
142.250.4.102
142.250.4.132
142.250.4.148
142.250.4.156
142.250.4.157
142.250.4.94
142.251.10.104
142.251.10.138
142.251.10.156
142.251.10.157
142.251.10.94
151.101.1.108
151.101.108.157
151.101.129.44
151.101.193.175
151.101.65.44
151.101.66.217
151.101.66.49
157.240.235.1
157.240.235.35
162.19.138.116
162.19.138.120
172.217.194.149
172.217.194.155
172.217.194.94
172.253.118.156
172.64.133.15
18.138.205.213
18.140.27.177
18.155.68.27
182.161.73.129
182.161.73.145
182.161.73.146
192.0.66.122
199.127.207.182
199.36.158.100
20.50.2.28
202.131.200.82
202.131.200.84
209.191.163.152
23.106.127.39
23.195.152.111
23.195.152.191
23.54.56.153
23.54.56.214
23.72.44.196
23.72.44.233
23.73.13.201
23.75.85.227
3.82.239.128
3.82.86.176
31.220.27.134
34.102.253.54
34.120.155.137
34.160.169.226
34.98.64.218
35.156.131.180
35.213.12.39
35.227.202.26
35.71.131.137
42.99.140.187
42.99.140.211
50.116.239.135
52.223.2.229
52.26.190.74
52.26.60.1
52.28.196.126
52.55.138.176
52.74.13.196
52.76.8.38
52.76.94.145
52.84.228.218
52.84.45.108
52.88.128.19
52.95.128.178
54.144.104.205
54.169.146.178
54.192.150.12
54.192.150.4
54.192.150.79
54.192.150.8
54.251.194.20
54.80.43.227
63.140.36.117
63.140.36.121
67.199.150.81
69.173.158.64
69.173.158.65
74.118.186.45
74.125.130.154
74.125.24.132
74.125.24.157
74.125.24.97
74.214.196.131
82.145.213.8
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
004cd06307d87dd645930199f68f2f74286e010d777319307355a3ea7398d056
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c
03c3d1f5e33e84e14dc0708b617dc21ce9b7b7531c94577b7a4823513db210a9
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
04f8659b391209197fc7c37603180662b45f55c2ca1d4b4c7d21a94525ea9cf6
05468c17ecb4afc693efe2820a3b8e316fdbcb5057134e24c9b35a2622dfafab
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d36044f1fafdfe8db8a047f8bedcb32906ecddcf9aa93c16dc818407fc6f69
0787012d19d383b931afb6b627ac18dba6729d20aa91a32b7c53b1f4b96a3e8b
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
090ec84476b554a2f84538e4cd9334d73d82c2e6786ac3e9b6127d86ffd6fd0a
098d0c759acc49ed9d0fb0e7d8a1e3676e8eed1898d5d6cf06395f683f0ef1f4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e70ed2a688f8b6c15dcf94ded527001ec9c041d3c54f28de3fdb79da755f28c
0f99405dab4771ddd83989c240c8724fc03ee8e373f05d48b455978b4bbc35ac
1188da9ac9933fdf4b99e79721135aa21aea2127f6821934ea8f8f4931c5da8d
16092bcf38423d74f349e6034706c0792fa4885f7b4443d2c6575eb6a41940b9
170dc3ff2819ba7afa6542392a5ac334f08e355dae68ea9b0b0471c00f86f529
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
196eb4e1c32206100f0e8ad4ec1d25770d5dc9d91acd7b7972ec369440323aaf
1af93a79baedcd0b0141f5ea252e90b09939df173357ac3dbcba632498e5385d
1b05d5b24ddb710dae9541c6e8332baaa69d6fdcdecc4c83b1fa54db2e91359b
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
225d7f8798e8442ff98725d44342d3d07ecb39067ff00e05358462a5e4d3c0bc
24b67a5dd1331f2f3815d918242dbeaf18004999641c13b369078b4387ccdd72
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
258ebf3a7e5cbad2732d4243241c20f23722008c773d164985f2d0fd829d3902
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
277ba12bf62340b1b206fe667f5740223c0d7641137e277726c8c87707952742
289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63
2adf23626aad133ddca790af234b0e5708586c5f4213b381673d75e7b8add800
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b63ef488a84ac4c1ff55278af21da6ec1a0599860d65dc4508e9b540639b80a
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2c712f6165e664d49235ee815886694465e16fc9bdc56222ec34b25816afaa07
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2db566844ca97347c6446345c564d708cd701486a733c08bd1e0b9cbf596374b
2f4b48ad842a80aa64a2c701105c98d52591b75b44ff5ec127b955575f3ffa01
2f7ed0b460acef78d3d8b2e72354bd6bfa7523e646a1be5a195c68619b5b70bc
32510f78ed56e36892d042b84565a0c3f01f11051df509e24ebd0b4c328133f5
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
3b0d471050064de5075a626a90f1008314631b455287ca8f86e4cd180a5f28a6
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3ee455138c5a2ac218dfaef865fb6e8131490ad85d6d63492cebc49a2b335c85
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fea50dfd4cc4c109d86ba77cbb516a24d39c8cd70fa5d91db2ef66c6037a17e
40cb368f045d5452437d16c14a82ceeec9b37204f16b657be49d086106ae4700
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
424b06a23c2fc5c0a49e532a9d11766e3b13c4f2f3e67b3d964d791dd0ee78f5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
463625dd9de1e4bc31d37fb22a0dd092b327e5590707fa3020df235bd7d05661
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a694cff962fd2ccaa8496264e1270c0b4f3faa7bc3c9cc600d20fd4163b1bf3
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba5890c8b4ca896e1ee7984a81a7b8084fbeb978fd9e1e0d7f64b0205f6d591
4d584e2ade180efc39ee1a784a916d173dac9ad3aa4c5596e4542456330f7be0
4d6e0aa6e1362f6a81b2e6e1e55cb7b5b3a619e5167a682b11d5d3fadd90501f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
625537f8f068a9025a4035488041f0ab07889bacd3e572ef7a2dc4141ecf1080
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18
63919867af3995b5bdf26e6d016d1c020d0a79b7d28ba4f397065826b734f432
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
66ecd9d913510bd0c55550a3a627be2f8e355e77fab145021cd82ed1778202d5
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c77d9fedc0a692cdb6cfd3f9f2d9ad7e38f17d11d5d860c86bee2357b1f4bec
6eb1a85c484ea6b5692b2846247099262ca28243d78e5ee99077f3f7a0ecc77a
6eb1bdb532bb20beeedc024a231ff52f7752f36ec35f7f235246cdc994f49c4c
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
6f1c6593e29355875dfb228a89cfdb33a84c6e542558b3430a65cf43d366176d
6fecdf7036818ed6c569101d40ba6541f6aaecb05e63c4ff6bd8d47e521f041b
704de20959867ad7e42c0e25a807e6a87daab17c4e8755cdf36fa105f6a7400f
70f92168133886302a94ef998f1c2f37c35fef164b0ad42f2fe821935d8b20a2
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469
758d5a18d576e73a20ac09c43df46f7ae407f06a25f41585bdde4786162dd1a9
75dc72f6edfcab5e5275c992c7f55f8f1ac3764db858c3d5babd39a7efb01add
79a61545aadd3c09f80d215e3e879ce29f2b2bc95e0859d6d62db1371da57246
79a9b0fad267507bb86a9228ccae612e80fa2c2c2675bb549a05292394b237fa
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e5177bba3c3f74dc41e3ae6300ba0baa8db501b5abccad2daa6a11ac21fccd8
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8138b157c70451fe330fb970f81a5e80d6afe77cf06b78498b5dffeb85db6713
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82e43efcec65dca97879898148c3584520b4ed3900b4201ab6685c66396fed1d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85802b7d129495d4a392bf53185270068dc24974b7be930df25daa3ba40cb61d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e428c071fbe3d580654e99ac80fb928f54551bdffe742f9afc005bdca94aabd
8fee87c7f368d1d466beff2c278c998d8278aa89cf2ebbb71bba2f7659346f64
9089f099538de9e243dac12d181f6a9b23a3ac2e6bc91ebd030f50cf477d576a
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
96c9a396eb11c91e6a42966288fa37b34ec01a036d8cb76453ecc3451c4361a7
96dcaf800ca211b904e1c1a17fb4df8491c7aa08a3098f71e6e7eaefecbe27f3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99b0beb381d7b021bd8c743720187a7858b9a13785b1355d923cedfb12402248
99f2644d5b80b4488b52d2e3eb32b8cd1f2a27e6232cff94fd9434fab88fee18
9c3f3e3a92851510d35e3925f9974ef2fa291b988bfc206f93f75782641a7cef
9e47ed2c15b82499c44e99168ffcaa05c7a2e15ce8d035a52b2ea9bcef036f7d
9ee2fe8a37f9567ba9ed176bef41bd5ec9380bb1385d84b151839fce37547e43
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a274d807ff49c89235376b78c95e39abaa08257a24df13b1f9837bc81ec98116
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5965f42761049cea307e041781eb1e5324fea4dc7d8d92019dd4c8eacfbe08e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8996ae9cba44b0fab413cefcaadaae26b43497f606ca7e2c36dd037a2633bc9
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
a9e322e104caf61653b1595f938d5c774c6bc0ac2799aff3538fedaee835c8ca
aa4769b521bb641f69c6addca70a2e0ea710e0501f5c8fca5f7feb839289e777
ac7ae694d33bc455ae1816b59445a63ff526c972c31d186a85e11ff88542b3b8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b08422bfd44cdfaa840071ee59a1ab11ea900a22ac7cad31a7a1add5099b0e58
b0dde663e56fd874be977f8e8965a6a0ec4a975edf3f90f75db9357992f6596e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b198702ad4dd80291b87e36b9a35bf38c7a405e76ed29660dbfe3ac336e241c5
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b6154759228babffa545b9fbc7a0d0d0ad1bffd6b4abe2e425e61f45f10a51e2
b6caf338af2bd9ec294d9b3f536d6734151af681a4269f4cf51f037698edb12c
b8051b699814854101bcef9e76eae29fd82782892473478215e7a8d63891bf78
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2999530be0665421499572ff8d571b237d5db2c5fd83e8cf758151aadcc1a9
bcb531098396b976571d7b43e30caae00574fcd6e95b817ada16a77502981748
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bfba1067abfd1c6c02b4ba6e897ee9d8f8c550b51fbee7cce21f1cbbd473a8be
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c4b90d5951ef6431b90aa6db58ffde3e72ef6f916cba44c9ea3ef71f5e024de0
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
c6cce6beb8587b0075a75db191541a7370f872c50bcf924bc94d705e5af45cef
c9a2e5dc6c0b4b9aa19a0d414a4e2387a450dc51bbf466f4623e726675b3ff3e
ca642c74ae1ef4365f2c0079aab1c445285887916637dddb71f6d03a3bbcbaee
cce51e57845474d4ff0ae3082f484cac92183d9d89c0e8235378e834d17710e0
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbca4ab1d4fa2f7bc61aef4ced9c3acedeb0d94cc15528b4baa313fa7b61cc5
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d29484006eb921978f997aefe86cdbf4aa01c79a8f7392995a48915cfff53062
d2df272021a91cffac682e6399b8389e01fe7393335200123dd0eeda80d0b469
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
d80818dcdbc7a963663b33c1c1c87add4fa272b6337ef0a0bf475ce1680c4085
d931ef77f2ca20ef444c9362ff45c01b62d92db7d6df97219a3e4b9cf85fd9d1
d95996871a816e94d023d6667a7b9cb1324efbac283f2c668eb8f36ff9a4ec78
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
dbed06d37303d9a2f40a4c7c800d2879e8788cbf872d160593a837fcc9d06603
dc7915fb854d0156e3819a66061fd153d26f4bcc58a65fc81bf12193d455567c
dcb6ca1cd3da04d59b0dd78687da88d8335f34b74333af3157ccfee80fc35c70
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd90aa1d33b85e1f44cfb13f5786ddeac4417f948a706ef5f48b6c7fd0bb09ff
de23346525a6d28d2a224d27cf844ad7443c8abddfb3cf5dcea364f0f9904bdc
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e13d067d9eb0964f0d2cae94917201de23e1cb041cbfc8e49a371a6775dbf155
e2b47f6850e47a047f2dce76569a61df775d7504fe64716ec66af316ab80e489
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5606bf9cab565a9d99ce34c1322abacea8c08b89b1aba830a69acdce98edcfe
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e87455ae95f61cfbc0f7cb6fddf160a4359d212caca78f512ce2fe37dded02e0
e893dee4c64712e807ea6c1ea3b8aa2783af6d9153662e408dfb756f3b1e7a53
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec52df584928478e0107130be985be8bf597cb67e716fcf0f5b772c9a2917f8d
ec80fbb02e805fe57c3c5603aaaa88c8862508ffdcef76082834b4b801a76e6b
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f13fa6991b1cf663c289c9288465a7bbafc60118b9804fb9147737cd34adaa22
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55
f59ff797b78853b110b03a4f27bac47a6d31faa53e47d55a56e3725d013f0d83
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f7cc498562d2ae83a144e0ba1d56bc415bbfb5ae5e6bceb0a6f9cec10d93a45c
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
f887f7a656fdd9e71e07d97ed3b5248d1afb4a00e63c92bf5762985852d2cc33
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fd2c647c1e5d819e20c05b48e06217b99d58ad410396771ad7b949ef92cdfa0a
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
fd70a17701f20f906fcfcab108d8a3724c899cee3e46668f44f4f4f8ada6fe2e