urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
2a02:26f0:3500:88c::ebe  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/4eShOY5
Effective URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-e...
Submission: On October 24 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 62 IPs in 4 countries across 40 domains to perform 202 HTTP transactions. The main IP is 2a02:26f0:3500:88c::ebe, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 800176.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 14th 2024. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
5 10 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
20 2a04:fa87:fff... 2635 (AUTOMATTIC)
20 2600:9000:235... 16509 (AMAZON-02)
3 95.101.148.107 16625 (AKAMAI-AS)
18 95.101.150.62 16625 (AKAMAI-AS)
2 192.0.76.3 2635 (AUTOMATTIC)
7 143.204.98.86 16509 (AMAZON-02)
9 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.35.242 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 52.48.129.25 16509 (AMAZON-02)
1 34.241.251.121 16509 (AMAZON-02)
1 63.140.62.17 15224 (OMNITURE)
1 1 52.212.56.148 16509 (AMAZON-02)
7 18.172.112.83 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
4 2620:1ec:33::10 8075 (MICROSOFT...)
2 142.250.186.34 15169 (GOOGLE)
1 13.32.99.67 16509 (AMAZON-02)
1 2600:9000:264... 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 3.163.248.4 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 146.75.120.157 54113 (FASTLY)
2 35.201.112.186 396982 (GOOGLE-CL...)
2 104.19.147.8 13335 (CLOUDFLAR...)
2 2600:9000:236... 16509 (AMAZON-02)
1 18.172.103.101 16509 (AMAZON-02)
3 2a04:4e42:600... 54113 (FASTLY)
1 35.71.131.137 16509 (AMAZON-02)
2 2a04:4e42:200... 54113 (FASTLY)
4 18.244.18.12 16509 (AMAZON-02)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
2 172.66.0.227 13335 (CLOUDFLAR...)
2 104.244.42.131 13414 (TWITTER)
1 2a04:4e42::396 54113 (FASTLY)
2 151.101.129.140 54113 (FASTLY)
1 34.199.178.113 14618 (AMAZON-AES)
1 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
4 35.190.43.134 15169 (GOOGLE)
3 216.58.206.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:224... 16509 (AMAZON-02)
2 4 142.250.186.166 15169 (GOOGLE)
2 172.217.16.134 15169 (GOOGLE)
1 34.49.241.189 396982 (GOOGLE-CL...)
8 23.206.208.183 16625 (AKAMAI-AS)
1 2600:9000:266... 16509 (AMAZON-02)
1 35.186.194.58 15169 (GOOGLE)
3 142.250.186.98 15169 (GOOGLE)
1 142.250.185.78 15169 (GOOGLE)
3 6 142.250.181.226 15169 (GOOGLE)
2 172.175.234.12 8075 (MICROSOFT...)
1 2600:1901:0:7... 15169 (GOOGLE)
3 6 142.250.184.196 15169 (GOOGLE)
4 142.250.185.131 15169 (GOOGLE)
2 63.140.62.222 15224 (OMNITURE)
2 15.197.193.217 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.48.72.162 16509 (AMAZON-02)
202 62
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
10    2a02:26f0:3500:88c::ebe (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.heraldsun.com.au
2    2a02:26f0:3500:891::ebe (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tags.news.com.au
20    2a04:fa87:fffd::c000:423a (Ireland)

ASN2635 (AUTOMATTIC, US)
dsf.newscorpaustralia.com
20    2600:9000:235a:2200:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
3    95.101.148.107 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-107.deploy.static.akamaitechnologies.com
content.api.news
commerceapi.news.com.au
18    95.101.150.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-150-62.deploy.static.akamaitechnologies.com
subscriptions.heraldsun.com.au
login.newscorpaustralia.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
7    143.204.98.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net
subscriptions.news.com.au
9    2a02:26f0:3500:89b::ebe (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tags.news.com.au
1    2606:4700::6812:4139 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.optimizely.com
1    104.18.35.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn3.optimizely.com
1    2606:4700::6812:4239 (United States)

ASN13335 (CLOUDFLARENET, US)
a20352597942.cdn.optimizely.com
3    52.48.129.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-129-25.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.241.251.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-251-121.eu-west-1.compute.amazonaws.com
newscorpau.demdex.net
1    63.140.62.17 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-17.data.adobedc.net
newscorpau.sc.omtrdc.net
1    52.212.56.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-56-148.eu-west-1.compute.amazonaws.com
cm.everesttech.net
7    18.172.112.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-83.fra60.r.cloudfront.net
js.stripe.com
6    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
4    2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net
1    13.32.99.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-67.fra60.r.cloudfront.net
au.tags.newscgp.com
1    2600:9000:2646:2200:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    3.163.248.4 (United States)

ASN16509 (AMAZON-02, US)
sc-static.net
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
2    104.19.147.8 (None, )

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    2600:9000:236e:7a00:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com
1    18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net
js.adsrvr.org
3    2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
2    2a04:4e42:200::84 (United States)

ASN54113 (FASTLY, US)
s.pinimg.com
4    18.244.18.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-12.fra56.r.cloudfront.net
au-script.dotmetrics.net
2    2620:1ec:29:1::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)
t.co
2    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
2    151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    34.199.178.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-178-113.compute-1.amazonaws.com
ping.chartbeat.net
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
4    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
3    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a2d9d570c666f8b5664093812d2aefa0.safeframe.googlesyndication.com
1    2600:9000:2240:3800:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com
4    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
14643376.fls.doubleclick.net
2    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net
ad.doubleclick.net
1    34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com
logx.optimizely.com
8    23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com
ct.pinterest.com
1    2600:9000:266e:1400:d:5ce3:a4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rm-script.dotmetrics.net
1    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
3    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
www.googleadservices.com
1    142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net
google.com
6    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads.g.doubleclick.net
2    172.175.234.12 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
n.clarity.ms
1    2600:1901:0:7628:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
tr6.snapchat.com
6    142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net
www.google.com
4    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
www.google.de
www.gstatic.com
2    63.140.62.222 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-222.data.adobedc.net
metrics.heraldsun.com.au
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
2    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    52.48.72.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-72-162.eu-west-1.compute.amazonaws.com
secure-sdk.imrworldwide.com
Apex Domain
Subdomains		 Transfer
29 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 800176
subscriptions.heraldsun.com.au
metrics.heraldsun.com.au
631 KB
21 newscorpaustralia.com
dsf.newscorpaustralia.com — Cisco Umbrella Rank: 585111
login.newscorpaustralia.com — Cisco Umbrella Rank: 183475
462 KB
20 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1314
83 KB
20 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 109561
subscriptions.news.com.au — Cisco Umbrella Rank: 604641
commerceapi.news.com.au — Cisco Umbrella Rank: 786052
385 KB
14 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
14643376.fls.doubleclick.net — Cisco Umbrella Rank: 191953
ad.doubleclick.net — Cisco Umbrella Rank: 150
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
184 KB
13 google.com
news.google.com — Cisco Umbrella Rank: 6789
marketingplatform.google.com Failed
google.com — Cisco Umbrella Rank: 1
www.google.com — Cisco Umbrella Rank: 3
80 KB
8 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 930
6 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1102
329 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
a2d9d570c666f8b5664093812d2aefa0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
41 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 321
px4.ads.linkedin.com — Cisco Umbrella Rank: 6828
3 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 893
tr6.snapchat.com — Cisco Umbrella Rank: 1360
613 B
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 65274
rm-script.dotmetrics.net — Cisco Umbrella Rank: 7039
36 KB
4 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 634
n.clarity.ms — Cisco Umbrella Rank: 15771
29 KB
4 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1442
insight.adsrvr.org — Cisco Umbrella Rank: 945
6 KB
4 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 3652
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 6854
63 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
17 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 243
newscorpau.demdex.net — Cisco Umbrella Rank: 174159
5 KB
4 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 971
cdn3.optimizely.com — Cisco Umbrella Rank: 4525
a20352597942.cdn.optimizely.com — Cisco Umbrella Rank: 195375
logx.optimizely.com — Cisco Umbrella Rank: 1669
135 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 11271
192 B
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 89
9 KB
3 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 1994
alb.reddit.com — Cisco Umbrella Rank: 1330
836 B
3 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1063
13 KB
3 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 1985
rs.fullstory.com — Cisco Umbrella Rank: 2089
82 KB
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 962
1 KB
2 t.co
t.co — Cisco Umbrella Rank: 859
1 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 982
25 KB
2 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2568
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
180 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3409
pixel.wp.com — Cisco Umbrella Rank: 3394
3 KB
1 gstatic.com
www.gstatic.com
217 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1492
201 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 960
15 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1089
24 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 784
14 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1731
15 KB
1 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 183164
48 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1371
490 B
1 omtrdc.net
newscorpau.sc.omtrdc.net — Cisco Umbrella Rank: 190062
271 B
1 api.news
content.api.news — Cisco Umbrella Rank: 81072
15 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 7196
872 B
202 40
Domain Requested by
20 tags.tiqcdn.com www.heraldsun.com.au
subscriptions.heraldsun.com.au
tags.tiqcdn.com
20 dsf.newscorpaustralia.com www.heraldsun.com.au
dsf.newscorpaustralia.com
subscriptions.heraldsun.com.au
17 subscriptions.heraldsun.com.au www.heraldsun.com.au
subscriptions.heraldsun.com.au
11 tags.news.com.au 2 redirects tags.tiqcdn.com
au.tags.newscgp.com
10 www.heraldsun.com.au 5 redirects www.heraldsun.com.au
subscriptions.heraldsun.com.au
8 ct.pinterest.com s.pinimg.com
tags.tiqcdn.com
7 js.stripe.com subscriptions.heraldsun.com.au
js.stripe.com
7 subscriptions.news.com.au client
subscriptions.news.com.au
6 www.google.com 3 redirects subscriptions.heraldsun.com.au
www.gstatic.com
6 googleads.g.doubleclick.net 3 redirects www.heraldsun.com.au
6 news.google.com subscriptions.heraldsun.com.au
news.google.com
5 px.ads.linkedin.com 1 redirects snap.licdn.com
www.heraldsun.com.au
4 14643376.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 tr.snapchat.com tags.tiqcdn.com
sc-static.net
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
4 bat.bing.com tags.tiqcdn.com
bat.bing.com
www.heraldsun.com.au
3 www.google.de www.heraldsun.com.au
3 www.googleadservices.com www.googletagmanager.com
3 pagead2.googlesyndication.com tags.tiqcdn.com
securepubads.g.doubleclick.net
3 insight.adsrvr.org www.heraldsun.com.au
js.adsrvr.org
3 www.redditstatic.com tags.tiqcdn.com
www.redditstatic.com
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 dpm.demdex.net tags.news.com.au
www.heraldsun.com.au
2 commerceapi.news.com.au subscriptions.heraldsun.com.au
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 metrics.heraldsun.com.au tags.news.com.au
2 n.clarity.ms www.clarity.ms
2 ad.doubleclick.net www.heraldsun.com.au
2 alb.reddit.com www.heraldsun.com.au
2 analytics.twitter.com www.heraldsun.com.au
2 t.co www.heraldsun.com.au
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 s.pinimg.com tags.tiqcdn.com
s.pinimg.com
2 script.crazyegg.com tags.tiqcdn.com
script.crazyegg.com
2 edge.fullstory.com tags.tiqcdn.com
edge.fullstory.com
2 www.googletagmanager.com tags.tiqcdn.com
www.googletagmanager.com
2 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
1 secure-sdk.imrworldwide.com
1 www.gstatic.com www.google.com
1 tr6.snapchat.com sc-static.net
1 google.com www.googletagmanager.com
1 rs.fullstory.com edge.fullstory.com
1 rm-script.dotmetrics.net www.heraldsun.com.au
1 logx.optimizely.com cdn.optimizely.com
1 a2d9d570c666f8b5664093812d2aefa0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 px4.ads.linkedin.com www.heraldsun.com.au
1 ping.chartbeat.net www.heraldsun.com.au
1 pixel-config.reddit.com www.redditstatic.com
1 js.adsrvr.org tags.tiqcdn.com
1 static.ads-twitter.com tags.tiqcdn.com
1 sc-static.net tags.tiqcdn.com
1 snap.licdn.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 cm.everesttech.net 1 redirects
1 newscorpau.sc.omtrdc.net tags.news.com.au
1 newscorpau.demdex.net tags.news.com.au
1 a20352597942.cdn.optimizely.com cdn.optimizely.com
1 cdn3.optimizely.com cdn.optimizely.com
1 cdn.optimizely.com tags.tiqcdn.com
1 login.newscorpaustralia.com www.heraldsun.com.au
1 pixel.wp.com www.heraldsun.com.au
1 stats.wp.com www.heraldsun.com.au
1 content.api.news www.heraldsun.com.au
1 bit.ly 1 redirects
0 marketingplatform.google.com Failed www.heraldsun.com.au
202 66

This site contains links to these domains. Also see Links.

Domain
www.newscorporatesubscriptions.com.au
preferences.news.com.au
Subject Issuer Validity Valid
news.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-14 -
2025-10-14		 a year crt.sh
dsf.newscorpaustralia.com
E6		 2024-09-09 -
2024-12-08		 3 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02		 2024-03-19 -
2025-04-17		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
subscriptions.news.com.au
Amazon RSA 2048 M03		 2024-04-05 -
2025-05-03		 a year crt.sh
cdn.optimizely.com
WE1		 2024-10-21 -
2025-01-19		 3 months crt.sh
cdn3.optimizely.com
WE1		 2024-10-10 -
2025-01-08		 3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-25 -
2025-10-26		 a year crt.sh
*.sc.omtrdc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-07 -
2025-03-09		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-08-29 -
2024-12-05		 3 months crt.sh
*.news.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
au.tags.newscgp.com
Amazon RSA 2048 M02		 2024-01-23 -
2025-02-19		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2024-05-15 -
2025-06-06		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
sc-static.net
Amazon RSA 2048 M03		 2023-12-21 -
2025-01-18		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
edge.fullstory.com
WR3		 2024-10-20 -
2025-01-18		 3 months crt.sh
script.crazyegg.com
Cloudflare Inc ECC CA-3		 2024-08-02 -
2024-12-31		 5 months crt.sh
*.imrworldwide.com
GlobalSign RSA OV SSL CA 2018		 2024-05-16 -
2025-02-02		 9 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-06 -
2025-04-03		 6 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-05 -
2025-08-07		 a year crt.sh
*.dotmetrics.net
Amazon RSA 2048 M03		 2024-07-23 -
2025-08-20		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
t.co
E5		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-30 -
2025-09-29		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-13 -
2025-04-11		 6 months crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-10-14 -
2025-04-14		 6 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-23 -
2025-07-22		 a year crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
logx.optimizely.com
WR3		 2024-09-16 -
2024-12-15		 3 months crt.sh
rs.fullstory.com
WR3		 2024-10-22 -
2025-01-20		 3 months crt.sh
*.googleadservices.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
metrics.heraldsun.com.au
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-20 -
2025-07-21		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 23 frames:

Primary Page: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
Frame ID: 879AEE45BC1532D9D1E6F5E2A3CBB714
Requests: 154 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=-GYnldb8u2QDf93Q4o8u9VHVXa2yZeK3&nonce=lJqjRVTg.Gl~jYr8iqCtbRneVi0o7Nu_&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4xIn0%3D
Frame ID: 699A78419E92FD4E314D995B8B5DF131
Requests: 1 HTTP requests in this frame

Frame: https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Frame ID: BF9BA7D3E2424F95112F38DA8AF688FB
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: CEF916B7AAD0938BDFAB70D8A775969F
Requests: 1 HTTP requests in this frame

Frame: https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc
Frame ID: 4FD49486E263C9E4BEB170C20C6F16EE
Requests: 29 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1729739937735&publicationId=heraldsun.com.au
Frame ID: 27E6BCE201A8BAD321DFCAFEAE9188F4
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-f7e699adf48128d47a494d033dd86869.html
Frame ID: 49192061C376175DE9E084D01FEF9B51
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-44be013cde9863510f175e29826c0005.html
Frame ID: F670EF557B1B838E67539A39DF56A700
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-f94518fb029009e1195545f92ae12e6a.html
Frame ID: A7FAE4DECB7D96192331E6C32ED4F242
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=63f03fde-185c-4ae3-a0c6-3741b8da74a5&u_scsid=298acd5d-b83c-439d-b9c0-ad1bd3842046&u_sclid=4ea2ada8-d90b-4664-9734-8168c444e309
Frame ID: 064128250C1D8C9FFAAC2C50CFC8C95E
Requests: 1 HTTP requests in this frame

Frame: https://a2d9d570c666f8b5664093812d2aefa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D5723AA701AE0E6DE4280D520A1E5EF9
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 39FAE65E127993D8488132CF945F5DF6
Requests: 1 HTTP requests in this frame

Frame: https://14643376.fls.doubleclick.net/activityi;dc_pre=CKPR0bSHpokDFdmqgwcd_-kkAQ;src=14643376;type=hs;cat=hs_03;ord=5486836592727;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=642669250;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101794737~101823847;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE
Frame ID: 06FE371ADF212CACD1C9DD4799BEC089
Requests: 1 HTTP requests in this frame

Frame: https://14643376.fls.doubleclick.net/activityi;dc_pre=CKjU0bSHpokDFfuhgwcdmAwsBg;src=14643376;type=hs;cat=hs_02;ord=8040240705841;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=1224200976;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101794737~101823847;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE
Frame ID: A24E7313080D89394B48DD5C0ED0542F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20241022/r20110914/abg_lite_fy2021.js
Frame ID: 41E6816DA16D4CA184C054E37BBD5049
Requests: 3 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&upid=trk7f24&upv=1.1.0&paapi=1
Frame ID: 8C401F6B9FC3EEDCEE71053B4983381C
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&upid=ekg5qxt&upv=1.1.0&paapi=1
Frame ID: E9454358914DC32037B457667C685DF7
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 0329B59A2FF949EE2163939CC4A4D2ED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: A64237F142B69909075F448B67E45638
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-f7e699adf48128d47a494d033dd86869.html
Frame ID: 2C0B21A6A17D1D64D189AF15C6CED7F6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly9zdWJzY3JpcHRpb25zLmhlcmFsZHN1bi5jb20uYXU6NDQz&hl=de&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=nggxts4svx0d
Frame ID: 5DE59A094E27626B178CF95558067A56
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly9zdWJzY3JpcHRpb25zLmhlcmFsZHN1bi5jb20uYXU6NDQz&hl=de&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&badge=inline&cb=p59fz5lpjksv
Frame ID: 77BB6953405E5C73CB25E5CA0EF17544
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 21B5668297677464E77ECFE3D7F09F67
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Heraldsun.com.au | Subscribe to the Herald Sun for exclusive stories

Page URL History Show full URLs

  1. https://bit.ly/4eShOY5 HTTP 301
    https://www.heraldsun.com.au/victoria-education/catholic-school-girls-from-sacre-coeur-in-glen-iris-dress... HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fvictoria-e... HTTP 302
    https://www.heraldsun.com.au/victoria-education/catholic-school-girls-from-sacre-coeur-in-glen-iris-dress... HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fvict... HTTP 302
    https://www.heraldsun.com.au/victoria-education/catholic-school-girls-from-sacre-coeur-in-glen-iris-dress... HTTP 302
    https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun... HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubs... HTTP 302
    https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

202
Requests

96 %
HTTPS

36 %
IPv6

40
Domains

66
Subdomains

62
IPs

4
Countries

3154 kB
Transfer

9349 kB
Size

74
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/4eShOY5 HTTP 301
    https://www.heraldsun.com.au/victoria-education/catholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank/news-story/2f4d1308d564d35c660ba81d9fd83830?utm_campaign=EditorialSB&utm_source=Herald+Sun&utm_medium=Facebook%2BTwitter&utm_content=SocialBakers HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fvictoria-education%2fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2fnews-story%2f2f4d1308d564d35c660ba81d9fd83830%3futm_campaign%3dEditorialSB%26utm_source%3dHerald+Sun%26utm_medium%3dFacebook%252BTwitter%26utm_content%3dSocialBakers HTTP 302
    https://www.heraldsun.com.au/victoria-education/catholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank/news-story/2f4d1308d564d35c660ba81d9fd83830?utm_campaign=EditorialSB&utm_source=Herald%20Sun&utm_medium=Facebook%2BTwitter&utm_content=SocialBakers HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fvictoria-education%2fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2fnews-story%2f2f4d1308d564d35c660ba81d9fd83830%3futm_campaign%3dEditorialSB%26utm_source%3dHerald%2520Sun%26utm_medium%3dFacebook%252BTwitter%26utm_content%3dSocialBakers&1729739932788511858 HTTP 302
    https://www.heraldsun.com.au/victoria-education/catholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank/news-story/2f4d1308d564d35c660ba81d9fd83830?utm_campaign=EditorialSB&utm_source=Herald%20Sun&utm_medium=Facebook%2BTwitter&utm_content=SocialBakers&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739932 HTTP 302
    https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3danonymous%26mode%3dpremium%26v21%3dGROUPA-Segment-1-NOSCORE&1729739933903691131 HTTP 302
    https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://cm.everesttech.net/cm/dd?d_uuid=42164209520822380192820789273780214176 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zxm8oQAAAGC06ANn
Request Chain 124
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6080524&time=1729739938102&conversionId=16990442&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6080524&time=1729739938102&conversionId=16990442&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&e_ipv6=AQJdnY9Zx-eDQAAAAZK8iNnXblp4KUVElE_iAKz7FVgcBPagY84LSB-8ch2OB33LtnnZdKHvdgOdig
Request Chain 133
  • https://14643376.fls.doubleclick.net/activityi;src=14643376;type=hs;cat=hs_03;ord=5486836592727;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=642669250;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101794737~101823847;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE HTTP 302
  • https://14643376.fls.doubleclick.net/activityi;dc_pre=CKPR0bSHpokDFdmqgwcd_-kkAQ;src=14643376;type=hs;cat=hs_03;ord=5486836592727;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=642669250;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101794737~101823847;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE
Request Chain 134
  • https://14643376.fls.doubleclick.net/activityi;src=14643376;type=hs;cat=hs_02;ord=8040240705841;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=1224200976;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101794737~101823847;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE HTTP 302
  • https://14643376.fls.doubleclick.net/activityi;dc_pre=CKjU0bSHpokDFfuhgwcdmAwsBg;src=14643376;type=hs;cat=hs_02;ord=8040240705841;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=1224200976;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101794737~101823847;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE
Request Chain 150
  • https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst9npQyY9BSJ3fsO4T6ECXFX16RBaq73osXTZUksmN5OLrgOCCC9c8QJ-ZadWPKYjUbAXqaHhVUlCfeH_97GLV2Vd2stjUwn91BBIoQK_vDPqSqkd5n7h_Sn-08iU32_HWE--rxO6TzfwSVhHBkJpBkeEBN2CyHPAsBjYkQMw6D8aaq7G8qTp5eGILFbvHQ5vBlu6NfaELTpyiAno7OTz3Eyl0juro21Rs1kvv5qI95vUT-Jnw3MhCfajv8tQPy5NiGQC1rtRmGPYVsQAIJGp-5LeuQIjBdIoTOdkrezbER3RMmNdzW8omace1n77YUyOywLe0Kz9E8ksWy8ffH5WOkM2OUss0rdqZhQjmu2wejk-6M-OjqDjJQgwma&sig=Cg0ArKJSzARSFL47YbPcEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=http://m.doubleclick.net HTTP 302
  • https://m.doubleclick.net/ HTTP 301
  • https://marketingplatform.google.com/about/enterprise/
Request Chain 163
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994679518/?random=923558901&cv=11&fst=1729739938485&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EWnBCMmk4P0DEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&did=dYmQxMT&gdid=dYmQxMT&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSidldmVudC1zb3VyY2UsIHRyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI8obetIemiQMVZomDBx3THgazMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1L0JYQ2hFSThMM2l1QVlRcXNIeG9QaTU5Wm55QVJJdEFJWEVSNGJhNlNqT3pLOVhPS3hyRlBIQ0V0R3h1Vm9pTGVCVmNlZG9TenpKWmlBWnlpTVVLS0E5d2FGNw HTTP 302
  • https://www.google.com/pagead/1p-conversion/994679518/?random=923558901&cv=11&fst=1729739938485&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EWnBCMmk4P0DEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&did=dYmQxMT&gdid=dYmQxMT&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSidldmVudC1zb3VyY2UsIHRyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI8obetIemiQMVZomDBx3THgazMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1L0JYQ2hFSThMM2l1QVlRcXNIeG9QaTU5Wm55QVJJdEFJWEVSNGJhNlNqT3pLOVhPS3hyRlBIQ0V0R3h1Vm9pTGVCVmNlZG9TenpKWmlBWnlpTVVLS0E5d2FGNw&is_vtc=1&cid=CAQSKQDpaXnflxbJ_n0quUN-KJoHaPGpVkTU_JgRk4uJN9NKFIkwq7Pl9Wd2&random=612493173 HTTP 302
  • https://www.google.de/pagead/1p-conversion/994679518/?random=923558901&cv=11&fst=1729739938485&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EWnBCMmk4P0DEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&did=dYmQxMT&gdid=dYmQxMT&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSidldmVudC1zb3VyY2UsIHRyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI8obetIemiQMVZomDBx3THgazMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1L0JYQ2hFSThMM2l1QVlRcXNIeG9QaTU5Wm55QVJJdEFJWEVSNGJhNlNqT3pLOVhPS3hyRlBIQ0V0R3h1Vm9pTGVCVmNlZG9TenpKWmlBWnlpTVVLS0E5d2FGNw&is_vtc=1&cid=CAQSKQDpaXnflxbJ_n0quUN-KJoHaPGpVkTU_JgRk4uJN9NKFIkwq7Pl9Wd2&random=612493173&ipr=y
Request Chain 164
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994679518/?random=1760990111&cv=11&fst=1729739938498&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EWnBCMmk4P0DEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&did=dYmQxMT&gdid=dYmQxMT&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJDJsQJKJ2V2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMIm4betIemiQMVbo6DBx1rGxUCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1L0JYQ2hFSThMM2l1QVlRcXNIeG9QaTU5Wm55QVJJdEFJWEVSNFlpLTI1Sld6NlFPMHdBS1RVcXp6MWhEU29QUzRLUDBXUlJlXzNGWDhMWEkwQUxUVUVzR3dwQQ HTTP 302
  • https://www.google.com/pagead/1p-conversion/994679518/?random=1760990111&cv=11&fst=1729739938498&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EWnBCMmk4P0DEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&did=dYmQxMT&gdid=dYmQxMT&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJDJsQJKJ2V2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMIm4betIemiQMVbo6DBx1rGxUCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1L0JYQ2hFSThMM2l1QVlRcXNIeG9QaTU5Wm55QVJJdEFJWEVSNFlpLTI1Sld6NlFPMHdBS1RVcXp6MWhEU29QUzRLUDBXUlJlXzNGWDhMWEkwQUxUVUVzR3dwQQ&is_vtc=1&cid=CAQSKQDpaXnf7DLN0Mw2hP1Qwk9emrEG6y70DHj5JUGiFs83DKndp-1tvQMR&random=2165163364 HTTP 302
  • https://www.google.de/pagead/1p-conversion/994679518/?random=1760990111&cv=11&fst=1729739938498&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EWnBCMmk4P0DEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&did=dYmQxMT&gdid=dYmQxMT&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJDJsQJKJ2V2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMIm4betIemiQMVbo6DBx1rGxUCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1L0JYQ2hFSThMM2l1QVlRcXNIeG9QaTU5Wm55QVJJdEFJWEVSNFlpLTI1Sld6NlFPMHdBS1RVcXp6MWhEU29QUzRLUDBXUlJlXzNGWDhMWEkwQUxUVUVzR3dwQQ&is_vtc=1&cid=CAQSKQDpaXnf7DLN0Mw2hP1Qwk9emrEG6y70DHj5JUGiFs83DKndp-1tvQMR&random=2165163364&ipr=y
Request Chain 165
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994679518/?random=1786628489&cv=11&fst=1729739938501&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EgqJCNeJ1tgBEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&userId=merkletest&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dgenerate_lead&em=tv.1&fmt=3&ct_cookie_present=false&eoid=Cj8KEAjwveK4BhC33p6y7fSW_kMSKwB8d7b8A1Qv7BBZqRQjqC486w6f38-Xkod-jw2v1b2O-_0oLRiuE2dPJnLw_wcB&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIg4HetIemiQMVLYmDBx2G_wk-MmAIAyIGCAEQARgBKABKEwgTEAMaAUgwqZr17Us4AUBUWABKEwgTEAIaAUgwuIzSukc4AUBUWAFKEwgTEAIaAUgwtYzSukc4AUBUWABKEwgTEAIaAUgwtYzSukc4AUBUWAAyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLMgIIFTICCB8yAggTMgIIEjodaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS9CWENoRUk4TDNpdUFZUXFzSHhvUGk1OVpueUFSSXRBSVhFUjRiZGFPeFBnLWxaV0VSZGF5TEpSRVpMQXQ5OWVzZVVZUHktOUU4eF9PenVRa2RPcnR4dFY2WEs HTTP 302
  • https://www.google.com/pagead/1p-conversion/994679518/?random=1786628489&cv=11&fst=1729739938501&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EgqJCNeJ1tgBEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&userId=merkletest&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dgenerate_lead&em=tv.1&fmt=3&ct_cookie_present=false&eoid=Cj8KEAjwveK4BhC33p6y7fSW_kMSKwB8d7b8A1Qv7BBZqRQjqC486w6f38-Xkod-jw2v1b2O-_0oLRiuE2dPJnLw_wcB&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIg4HetIemiQMVLYmDBx2G_wk-MmAIAyIGCAEQARgBKABKEwgTEAMaAUgwqZr17Us4AUBUWABKEwgTEAIaAUgwuIzSukc4AUBUWAFKEwgTEAIaAUgwtYzSukc4AUBUWABKEwgTEAIaAUgwtYzSukc4AUBUWAAyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLMgIIFTICCB8yAggTMgIIEjodaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS9CWENoRUk4TDNpdUFZUXFzSHhvUGk1OVpueUFSSXRBSVhFUjRiZGFPeFBnLWxaV0VSZGF5TEpSRVpMQXQ5OWVzZVVZUHktOUU4eF9PenVRa2RPcnR4dFY2WEs&is_vtc=1&cid=CAQSKQDpaXnfAP1ggFjNIyH-9mIfYdO8iqFeSleJX3mM0hbtvmRBME70LxqY&random=2489318493 HTTP 302
  • https://www.google.de/pagead/1p-conversion/994679518/?random=1786628489&cv=11&fst=1729739938501&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EgqJCNeJ1tgBEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&userId=merkletest&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dgenerate_lead&em=tv.1&fmt=3&ct_cookie_present=false&eoid=Cj8KEAjwveK4BhC33p6y7fSW_kMSKwB8d7b8A1Qv7BBZqRQjqC486w6f38-Xkod-jw2v1b2O-_0oLRiuE2dPJnLw_wcB&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIg4HetIemiQMVLYmDBx2G_wk-MmAIAyIGCAEQARgBKABKEwgTEAMaAUgwqZr17Us4AUBUWABKEwgTEAIaAUgwuIzSukc4AUBUWAFKEwgTEAIaAUgwtYzSukc4AUBUWABKEwgTEAIaAUgwtYzSukc4AUBUWAAyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLMgIIFTICCB8yAggTMgIIEjodaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS9CWENoRUk4TDNpdUFZUXFzSHhvUGk1OVpueUFSSXRBSVhFUjRiZGFPeFBnLWxaV0VSZGF5TEpSRVpMQXQ5OWVzZVVZUHktOUU4eF9PenVRa2RPcnR4dFY2WEs&is_vtc=1&cid=CAQSKQDpaXnfAP1ggFjNIyH-9mIfYdO8iqFeSleJX3mM0hbtvmRBME70LxqY&random=2489318493&ipr=y

202 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain
  • https://bit.ly/4eShOY5
  • https://www.heraldsun.com.au/victoria-education/catholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank/news-story/2f4d1308d564d35c660ba81d9fd83830?utm_cam...
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fvictoria-education%2fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-...
  • https://www.heraldsun.com.au/victoria-education/catholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank/news-story/2f4d1308d564d35c660ba81d9fd83830?utm_cam...
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fvictoria-education%2fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-fo...
  • https://www.heraldsun.com.au/victoria-education/catholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank/news-story/2f4d1308d564d35c660ba81d9fd83830?utm_cam...
  • https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-...
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com...
  • https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-...
54 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:88c::ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
0cd8060cc7dcd8427cb9d58db194859cf55968c2a0bb981f5c56bf4126ae9a9f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

akamai-grn
0.8aa12417.1729739934.17f0075e
cache-control
max-age=1198
content-encoding
gzip
content-length
10379
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Thu, 24 Oct 2024 03:18:56 GMT
expires
Thu, 24 Oct 2024 03:38:54 GMT
host-header
a9130478a60e5f9135f765b23f26593b
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 55327 0 pmb=mTOE,2
x-powered-by
WordPress VIP <https://wpvip.com>
x-robots-tag
noindex, nofollow
x-rq
bom1 123 243 443

Redirect headers

cache-control
max-age=0, no-cache
content-length
154
content-type
text/html
date
Thu, 24 Oct 2024 03:18:54 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1692680720.184261"
expires
Thu, 24 Oct 2024 03:18:54 GMT
location
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
pragma
no-cache
server
AkamaiGHost
vary
Accept-Encoding
style.min.css
dsf.newscorpaustralia.com/heraldsun/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dsf.newscorpaustralia.com/heraldsun/wp-includes/css/dist/block-library/style.min.css?m=1729616441g
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-rq
hhn1 111 253 443
etag
W/"6717da39-19824"
accept-ranges
bytes
x-cache
HIT
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
text/css
last-modified
Tue, 22 Oct 2024 17:00:41 GMT
server
nginx
vary
Accept-Encoding
/
dsf.newscorpaustralia.com/heraldsun/_static/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dsf.newscorpaustralia.com/heraldsun/_static/??-eJzTLy/QzcxLzilNSS3WzyrWz01NyUxMzUnNTc0rQeEU5CRWphbp5qSmJyZX6uVm5uklFxfr6OPTDpRD5sM02efaGpobWZoZmpmYGAEARNgu5Q==
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a9280ea4c5ff1e3e7bc88fa14041c82cf6381f026c4c99409ecf9d370d0a324b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-rq
hhn1 111 253 443
accept-ranges
bytes
x-cache
HIT
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Tue, 22 Oct 2024 17:00:42 GMT
/
dsf.newscorpaustralia.com/heraldsun/_static/ 		228 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dsf.newscorpaustralia.com/heraldsun/_static/??/wp-content/plugins/dynamic-shop-front/assets/dist/css/blocks/dailytelegraph/front.2aa912a3b5.css,/wp-content/themes/dynamic-shopfront-child/style.css?m=1728360697
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
66920d1fad3e8362a720ecb1ebbbe752e9ccc0a085e72bb31099745e6f84242c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-rq
hhn1 111 253 443
accept-ranges
bytes
x-cache
HIT
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Tue, 08 Oct 2024 04:11:37 GMT
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		303 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js?ver=6.3.5
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:88c::ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
11364eb0ccb375ed954d862763a554376a7d9b7ee2b5a79557e86db70a362311
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=225
content-encoding
gzip
etag
"e8aea58bbee8a4349ffb5a86d1d68bff:1726465208.047997"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
expires
Thu, 24 Oct 2024 03:22:41 GMT
akamai-grn
0.8aa12417.1729739936.17f00a30
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
application/x-javascript
vary
User-Agent, Accept-Encoding
server
AkamaiNetStorage
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.sync.js?ver=6.3.5
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7003c4401d8a0b59cf3edeeff5459da4f1393c3049074f83493c2e367d0d8605

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=300
content-encoding
br
etag
W/"17d91ed7f7f9609682f3b23e6286cfe0"
x-amz-version-id
MxTJ_R49TBamyECDM35dZn_KJfJY_qSi
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
PjP-6x_e7EOQ_gvGkklXRw8mynPYyyKl8fsChQulBZwA-rj-s9rvDw==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
/
dsf.newscorpaustralia.com/heraldsun/_static/ 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsf.newscorpaustralia.com/heraldsun/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraG5kaWZoZmJiVEWAK+SIiI=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ea15eb7f6c01551306baad1fc7ceab62fa63a26cba6c52acb925e9dc1537637c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-rq
hhn1 111 253 443
accept-ranges
bytes
x-cache
HIT
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 22 Oct 2024 17:00:42 GMT
29205fbe
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/29205fbe
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:88c::ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5c3d1d4bf784b2a06b40d51ce7f80b00e7736a1d7884b8e493fc5c0aaa070f69
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934

Response headers

blaizehappened
true
content-encoding
gzip
etag
"86768eeb0a7e70c03ca4bed86bb0e3d6d737952ebb1c841e0821e9d6c22de384"
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f29205fbe&blaizehost=v4-news-au-heraldsun.cdn.zephr.com&content_id=&session=8064d63502ec111a3a539c7ecd7a9e89
x-arrrg4
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
expires
Thu, 24 Oct 2024 03:18:56 GMT
date
Thu, 24 Oct 2024 03:18:56 GMT
last-modified
Thu, 22 Feb 2024 19:34:45 GMT
content-type
application/javascript
vary
User-Agent
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=21600
pragma
no-cache
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-length
8777
akamai-grn
0.8aa12417.1729739936.17f00a31
stored-attribute-sha-checksum
5c3d1d4bf784b2a06b40d51ce7f80b00e7736a1d7884b8e493fc5c0aaa070f69
x-pathqs
TRUE
icon-rth.svg
dsf.newscorpaustralia.com/heraldsun/wp-content/plugins/dynamic-shop-front/assets/common/images/ 		333 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsf.newscorpaustralia.com/heraldsun/wp-content/plugins/dynamic-shop-front/assets/common/images/icon-rth.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
748aee7b92736c7faa89d929ff4f700dc9039bba68ca185a1580e007c95e7f52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=300, must-revalidate
x-rq
hhn1 111 253 443
etag
"65cdafdb-14d"
accept-ranges
bytes
x-cache
HIT
content-length
333
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
image/svg+xml
last-modified
Thu, 15 Feb 2024 06:31:55 GMT
server
nginx
24eae53bfae62da60ba3b58512f6fa07
content.api.news/v3/images/bin/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/24eae53bfae62da60ba3b58512f6fa07?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-107.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6898e044beecfb5653944365327b03fa3b36e780bffd20a2cc2bafa2d55b7975

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
24eae53bfae62da60ba3b58512f6fa07
cache-control
private, no-transform, max-age=4927396
x-o
CF
etag
52818e38b7141c1c3e0120fe52f5f17a-24eae53bfae62da60ba3b58512f6fa07-320
access-control-allow-methods
GET
expires
Fri, 20 Dec 2024 04:02:12 GMT
access-control-allow-origin
*
content-length
14951
date
Thu, 24 Oct 2024 03:18:56 GMT
last-modified
Mon, 21 Oct 2024 04:04:56 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		295 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7b51daa2b58be074aa96fcf2bff13469142662c58b70ff6b9f18955b9448e842
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=600
cache-control
max-age=916
content-encoding
gzip
etag
"668e23290a0d8ba3b14356655bd43c3a"
accept-ranges
bytes
content-length
82241
x-amz-cf-id
vBq67Yag44bxJWebXUWx8vtpHOZU5z4WOyGqjHooG6MQaq8P-iWyiA==
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
text/javascript
last-modified
Mon, 09 Sep 2024 05:20:39 GMT
vary
Accept-Encoding
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
loader.js
subscriptions.heraldsun.com.au/loader/ 		298 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/loader/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
152aec432f70a0e048222c6638b2a2dfa46f61fc49a7f62e462f8975adc73fd8
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=600
cache-control
max-age=1
content-encoding
gzip
etag
"f10afc348943fe39fe7288bb448e8cbc"
accept-ranges
bytes
content-length
90357
x-amz-cf-id
w0jBo16mDkt098dpxnmLhG6hUebKiY46u6oVTgDBOIse7bhwMG4b_A==
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
text/javascript
last-modified
Mon, 09 Sep 2024 05:21:17 GMT
vary
Accept-Encoding
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
/
dsf.newscorpaustralia.com/heraldsun/_static/ 		105 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsf.newscorpaustralia.com/heraldsun/_static/??-eJylzs0KwjAQBOAXMtmmxVQP4rPEzaZNaH5w04pvb6B4qFdvAzN8DLyKwJwqpQplWSefGOw7mehR8JyLcM/WgmGm2hrPxxwYMMeYk3ysfrFyUFajo04GPsHftGW3j7762ZLqEX/1OlOkI77bzUhm85Opvl0MfI83NfaXQXf6OoYPqw1clA==
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
518bb445de9d8742594e4c1319c2ffec2a1cc4fdadf5eeed8d3ce8203fd1ddf8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-rq
hhn1 111 253 443
accept-ranges
bytes
x-cache
HIT
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 08 Oct 2024 04:11:37 GMT
e-202443.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202443.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE&nk=8064d63502ec111a3a539c7ecd7a9e89-1729739934
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-nc
HIT hhn
etag
W/14421-1717166113344.7605
x-minify
t
x-minify-cache
hit
access-control-allow-methods
GET, HEAD
expires
Fri, 17 Oct 2025 16:15:03 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
SourceSansPro-SemiBold.woff2
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/SourceSansPro-SemiBold.woff2
Requested by
Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/heraldsun/_static/??/wp-content/plugins/dynamic-shop-front/assets/dist/css/blocks/dailytelegraph/front.2aa912a3b5.css,/wp-content/themes/dynamic-shopfront-child/style.css?m=1728360697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0b3376aa27741ca90899fed12bcccbf1ea22edb596846ba6b26e263463686590

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://dsf.newscorpaustralia.com/heraldsun/_static/??/wp-content/plugins/dynamic-shop-front/assets/dist/css/blocks/dailytelegraph/front.2aa912a3b5.css,/wp-content/themes/dynamic-shopfront-child/style.css?m=1728360697

Response headers

cache-control
max-age=300, must-revalidate
x-rq
hhn1 111 253 443
etag
"63da08bf-14808"
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
83976
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
application/font-woff2
last-modified
Wed, 01 Feb 2023 06:37:51 GMT
server
nginx
charter_bold-webfont.woff
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/charter_bold-webfont.woff
Requested by
Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/heraldsun/_static/??/wp-content/plugins/dynamic-shop-front/assets/dist/css/blocks/dailytelegraph/front.2aa912a3b5.css,/wp-content/themes/dynamic-shopfront-child/style.css?m=1728360697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8640916aba1207e4fcff9c894252543689989434cd9fc0dabd4cee60b3e763a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://dsf.newscorpaustralia.com/heraldsun/_static/??/wp-content/plugins/dynamic-shop-front/assets/dist/css/blocks/dailytelegraph/front.2aa912a3b5.css,/wp-content/themes/dynamic-shopfront-child/style.css?m=1728360697

Response headers

cache-control
max-age=300, must-revalidate
x-rq
hhn1 111 254 443
etag
"63da08bf-6f0c"
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
28428
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
application/font-woff
last-modified
Wed, 01 Feb 2023 06:37:51 GMT
server
nginx
SourceSansPro-Regular.woff2
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 		83 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/SourceSansPro-Regular.woff2
Requested by
Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/heraldsun/_static/??/wp-content/plugins/dynamic-shop-front/assets/dist/css/blocks/dailytelegraph/front.2aa912a3b5.css,/wp-content/themes/dynamic-shopfront-child/style.css?m=1728360697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f2696e8eb9d876987998374c51e4d14a24f6f24a23fe697493ebf761c3bcc4b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://dsf.newscorpaustralia.com/heraldsun/_static/??/wp-content/plugins/dynamic-shop-front/assets/dist/css/blocks/dailytelegraph/front.2aa912a3b5.css,/wp-content/themes/dynamic-shopfront-child/style.css?m=1728360697

Response headers

cache-control
max-age=300, must-revalidate
x-rq
hhn1 111 254 443
etag
"63da08bf-14aec"
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
84716
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
application/font-woff2
last-modified
Wed, 01 Feb 2023 06:37:51 GMT
server
nginx
SourceSansPro-Bold.woff2
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/SourceSansPro-Bold.woff2
Requested by
Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/heraldsun/_static/??/wp-content/plugins/dynamic-shop-front/assets/dist/css/blocks/dailytelegraph/front.2aa912a3b5.css,/wp-content/themes/dynamic-shopfront-child/style.css?m=1728360697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6d422eaf41ab920c8ce99379cec61f704b1710b183c0a0523986906851e0a0ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://dsf.newscorpaustralia.com/heraldsun/_static/??/wp-content/plugins/dynamic-shop-front/assets/dist/css/blocks/dailytelegraph/front.2aa912a3b5.css,/wp-content/themes/dynamic-shopfront-child/style.css?m=1728360697

Response headers

cache-control
max-age=300, must-revalidate
x-rq
hhn1 111 253 443
etag
"63da08bf-1460c"
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
83468
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
application/font-woff2
last-modified
Wed, 01 Feb 2023 06:37:51 GMT
server
nginx
SourceSansPro-Italic.woff2
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/SourceSansPro-Italic.woff2
Requested by
Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/heraldsun/_static/??/wp-content/plugins/dynamic-shop-front/assets/dist/css/blocks/dailytelegraph/front.2aa912a3b5.css,/wp-content/themes/dynamic-shopfront-child/style.css?m=1728360697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c33c60d014227b42c513820e6d750cced736cda305beb7d6a20e35afe502648c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://dsf.newscorpaustralia.com/heraldsun/_static/??/wp-content/plugins/dynamic-shop-front/assets/dist/css/blocks/dailytelegraph/front.2aa912a3b5.css,/wp-content/themes/dynamic-shopfront-child/style.css?m=1728360697

Response headers

cache-control
max-age=300, must-revalidate
x-rq
hhn1 111 254 443
etag
"63da08bf-8aa8"
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
35496
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
application/font-woff2
last-modified
Wed, 01 Feb 2023 06:37:51 GMT
server
nginx
charter_italic-webfont.woff
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/charter_italic-webfont.woff
Requested by
Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/heraldsun/_static/??/wp-content/plugins/dynamic-shop-front/assets/dist/css/blocks/dailytelegraph/front.2aa912a3b5.css,/wp-content/themes/dynamic-shopfront-child/style.css?m=1728360697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0fc8a6e495e7cd447608aea7e0cd59b0e79bd4e74822d428c53880ac0db6c469

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://dsf.newscorpaustralia.com/heraldsun/_static/??/wp-content/plugins/dynamic-shop-front/assets/dist/css/blocks/dailytelegraph/front.2aa912a3b5.css,/wp-content/themes/dynamic-shopfront-child/style.css?m=1728360697

Response headers

cache-control
max-age=300, must-revalidate
x-rq
hhn1 111 254 443
etag
"63da08bf-72d4"
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
29396
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
application/font-woff
last-modified
Wed, 01 Feb 2023 06:37:51 GMT
server
nginx
we-are-for-you.svg
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/we-are-for-you.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
86e8ed098febe4691b72980ac9bb22f6370cd6fb7fd50f2fc3ca41f5a24c6ed7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=300, must-revalidate
content-encoding
br
x-rq
hhn1 111 254 443
etag
W/"63da08bf-1177"
accept-ranges
bytes
x-cache
HIT
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
image/svg+xml
last-modified
Wed, 01 Feb 2023 06:37:51 GMT
server
nginx
vary
Accept-Encoding
logo.svg
dsf.newscorpaustralia.com/heraldsun/wp-content/plugins/dynamic-shop-front/assets/mastheads/identity/images/heraldsun/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsf.newscorpaustralia.com/heraldsun/wp-content/plugins/dynamic-shop-front/assets/mastheads/identity/images/heraldsun/logo.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8a9bdf4334da3cfdb98da986e99e81b53a63c18720e099c71a9b785ff6b7feea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=300, must-revalidate
content-encoding
br
x-rq
hhn1 111 253 443
etag
W/"63da08bf-d3b"
accept-ranges
bytes
x-cache
HIT
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
image/svg+xml
last-modified
Wed, 01 Feb 2023 06:37:51 GMT
server
nginx
vary
Accept-Encoding
avatar.svg
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/ 		264 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/avatar.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e30565d344697a80f05882c11755c6d6a71626791bbc124df343b5edc7901312

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=300, must-revalidate
x-rq
hhn1 111 253 443
etag
"63da08bf-108"
accept-ranges
bytes
x-cache
HIT
content-length
264
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
image/svg+xml
last-modified
Wed, 01 Feb 2023 06:37:51 GMT
server
nginx
Masthead-Digital.png
dsf.newscorpaustralia.com/heraldsun/wp-content/uploads/sites/67/2021/05/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsf.newscorpaustralia.com/heraldsun/wp-content/uploads/sites/67/2021/05/Masthead-Digital.png?w=251
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6b214604855c1eb69b60f85893074a0a075a15473729bca9cc3dde3b5d1009ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
x-rq
hhn1 109 32 443
etag
"6d3b646563b0b108"
accept-ranges
bytes, bytes
x-cache
HIT
content-length
1038
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
image/webp
last-modified
Sun, 18 Aug 2024 09:32:41 GMT
server
nginx
vary
Accept
Masthead-Digital.png
dsf.newscorpaustralia.com/heraldsun/wp-content/uploads/sites/67/2021/05/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsf.newscorpaustralia.com/heraldsun/wp-content/uploads/sites/67/2021/05/Masthead-Digital.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6b214604855c1eb69b60f85893074a0a075a15473729bca9cc3dde3b5d1009ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
x-rq
hhn1 109 88 443
etag
"6d3b646563b0b108"
accept-ranges
bytes, bytes
x-cache
HIT
content-length
1038
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
image/webp
last-modified
Sun, 18 Aug 2024 09:32:41 GMT
server
nginx
vary
Accept
Masthead-7-Day-Bundle.png
dsf.newscorpaustralia.com/heraldsun/wp-content/uploads/sites/67/2021/05/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsf.newscorpaustralia.com/heraldsun/wp-content/uploads/sites/67/2021/05/Masthead-7-Day-Bundle.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
49ec9a4452db3faaf5515fd6dbf2a349cedcbb04bdff0eea5b7b2e67df0149ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
x-rq
hhn1 109 150 443
etag
"7eac4f1faa805f3f"
accept-ranges
bytes, bytes
x-cache
HIT
content-length
3024
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
image/webp
last-modified
Sun, 08 Sep 2024 16:32:35 GMT
server
nginx
vary
Accept
SourceSansPro.css
subscriptions.news.com.au/media/fonts/SourceSansPro/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-86.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d886b38df75e0e31e14bfbfd444470546e74c6be57c1d5e4652b8effe846983c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Origin
x-amz-version-id
gbkjv9x2vhJcKqF8bDiP7FOYD4BAHoHs
etag
"5289602bbafeb24bced6718ca4e935c4"
age
79821
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2642
x-amz-cf-id
ybbEHlHM5OWaywEA1jOa4VvOJND_eGS0jsBA1ry4GZAi-h1lcdHLoQ==
date
Wed, 23 Oct 2024 05:08:36 GMT
content-type
text/css
last-modified
Fri, 31 May 2024 00:52:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
Charter.css
subscriptions.news.com.au/media/fonts/Charter/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-86.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70c32349ed6edbf5028afe181f10230e0d5e62c4f4fada36ed28d2043acc3318

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Origin
x-amz-version-id
5LZh10zvFmjqMtgo4ho1Nab5GjdOy0Gi
etag
"e2289b49ba965fcb93f8dc7216f535e8"
age
79466
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2050
x-amz-cf-id
17SbZ7Cj-Hlgvf0AtTLunlcIxNocdXLBqix_nkkZTdlinYmUPXcUQA==
date
Wed, 23 Oct 2024 05:14:38 GMT
content-type
text/css
last-modified
Fri, 31 May 2024 00:42:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=187954703&post=5&tz=11&srv=dsf.newscorpaustralia.com&hp=vip&j=1%3A13.1.4&host=www.heraldsun.com.au&ref=&fcp=5041&rand=0.12035603410272944
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
access-control-allow-origin
*
content-length
50
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
image/gif
server
nginx
authorize
login.newscorpaustralia.com/ Frame 699A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=-GYnldb8u2QDf93Q4o8u9VHVXa2yZeK3&nonce=lJqjRVTg.Gl~jYr8iqCtbRneVi0o7Nu_&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4xIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js?ver=6.3.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8d76d28f3cb3dcb0-FRA
content-encoding
gzip
content-length
941
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Thu, 24 Oct 2024 03:18:57 GMT
expires
Thu, 24 Oct 2024 03:18:57 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 543 0 pmb=mTOE,4
x-auth0-requestid
f9ded78fab95deeece3c
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1729739938
adobe_visitor.js
tags.news.com.au/prod/visitor/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/visitor/adobe_visitor.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.sync.js?ver=6.3.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89b::ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1bc3625c4e923d79a85677113b548e5444129ead716d43e10e2a6e9d56939143

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=29535
content-encoding
gzip
etag
"762b36524699d0c801c527b6e71f35e4:1593471758.804374"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-length
19871
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
AkamaiNetStorage
20352597942.js
cdn.optimizely.com/js/ 		452 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/20352597942.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.sync.js?ver=6.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1d90f878be7d34531027fbbf59189dca9eed0604b4be11bd61a905da712502e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-max-age
86400
access-control-expose-headers
x-amz-meta-revision
content-encoding
gzip
cf-cache-status
HIT
etag
"d55d9308a2bde5533b7f25ff599d0844"
x-amz-version-id
V8rCQd5CQnPHY8u2wvx10Yp1VLmYH6BI
age
379
access-control-allow-methods
GET, HEAD
date
Thu, 24 Oct 2024 03:18:57 GMT
x-amz-meta-revision
5855
content-type
text/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 02:52:17 GMT
vary
Accept-Encoding
x-amz-id-2
A1RbQyA5C8CzFIKHMWFWZVIT5dGnMLf5Ql+10SZWPTBsYxOJTdxGhGXn6Rq/02PWjw14RPkXNlg=
access-control-allow-headers
*
x-amz-replication-status
PENDING
cache-control
max-age=120
timing-allow-origin
*
x-amz-meta-pci_enabled
False
access-control-allow-credentials
false
x-amz-request-id
J5PJX9RY1YS10SA8
cf-ray
8d76d28eff06d292-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
136735
server
cloudflare
x-amz-server-side-encryption
AES256
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
geo4.js
cdn3.optimizely.com/js/ 		307 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.optimizely.com/js/geo4.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9876c83da252e0f8decdb2ea33f2bbd8d9f398b3f04e5b3b64aee809d834c647

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cf-ray
8d76d29058e24480-TXL
content-encoding
br
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
a20352597942.html
a20352597942.cdn.optimizely.com/client_storage/ Frame BF9B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
546
cache-control
max-age=120
cf-cache-status
HIT
cf-ray
8d76d2907853a040-FRA
content-encoding
gzip
content-length
1001
content-type
text/html; charset=utf-8
date
Thu, 24 Oct 2024 03:18:57 GMT
etag
"9c5251f47a6e3efb0007b008b540d51f"
last-modified
Thu, 24 Oct 2024 02:52:07 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="HIT"
vary
Accept-Encoding
x-amz-id-2
OBGA2OFLFk4V91f6sqgytbk+cn2tBCZllieFf/Er3QbfAfuNmSy+uUwVct9VQoYaFxe/oLuy4jo=
x-amz-meta-pci_enabled
False
x-amz-replication-status
PENDING
x-amz-request-id
3RN3S0K0PPAH5S90
x-amz-server-side-encryption
AES256
x-amz-version-id
J4jMcueWL7uxLbvJgv.SZj6vzsPEafNc
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.5.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1729739937306
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.48.129.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-129-25.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
efa356790d5aa0999afdc22753df1fb05d2d233f38d0d47473686557bf983b92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-1-v067-0ca0e3ee6.edge-irl1.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
x-tid
xbMRIlRSQM0=
expires
Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin
https://www.heraldsun.com.au
content-length
1562
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/json;charset=utf-8
vary
Origin
dest5.html
newscorpau.demdex.net/ Frame CEF9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.241.251.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-251-121.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 24 Oct 2024 03:18:57 GMT
dcs
dcs-prod-irl1-2-v067-045b3c43c.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 16 Oct 2024 09:34:58 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
Aew5Fh61Tbs=
id
newscorpau.sc.omtrdc.net/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newscorpau.sc.omtrdc.net/id?d_visid_ver=4.5.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=42185201781804306812823187017016641722&ts=1729739937475
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.17 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-17.data.adobedc.net
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
content-length
2
date
Thu, 24 Oct 2024 03:18:57 GMT
x-xss-protection
1; mode=block
content-type
application/x-javascript;charset=utf-8
vary
Origin
server
jag
ibs:dpid=411&dpuuid=Zxm8oQAAAGC06ANn
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=42164209520822380192820789273780214176
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zxm8oQAAAGC06ANn
42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zxm8oQAAAGC06ANn
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Server
52.48.129.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-129-25.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-1-v067-08052b706.edge-irl1.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
pwGSoK5AQmM=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
image/gif

Redirect headers

Cache-Control
no-cache
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zxm8oQAAAGC06ANn
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length
0
Date
Thu, 24 Oct 2024 03:18:57 GMT
Connection
keep-alive
Server
AMO-cookiemap/1.1
csp-reports
login.newscorpaustralia.com/ 		0
0
utag.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		129 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/loader/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9bdd3f602ccd3e7353d16569b7fe80980e89af70e4e5e55af6489ef15fcf968e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=300
content-encoding
gzip
etag
W/"253e397465f20fcc5d4eafb4d36be339"
x-amz-version-id
apGBFZFp3qLj5yrcBKKN8xn0KLn7S0LO
age
228
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
xa18fUto3NFzIh3-BeyDW6u-ecGx_5s2KMaQ0UNeB-hV8h80HYlyoA==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
index.html
subscriptions.heraldsun.com.au/caas/ Frame 4FD4 		827 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/loader/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4d2ee91ad2be624f224c50562ea43c494df48ebd9fc660fef963bf739862c6f4
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store
content-length
827
content-type
text/html
date
Thu, 24 Oct 2024 03:18:57 GMT
etag
"7027a69845b4c78903292a305a0462ef"
expires
Thu, 24 Oct 2024 03:18:57 GMT
last-modified
Mon, 09 Sep 2024 05:12:36 GMT
pragma
no-cache
strict-transport-security
max-age=600
x-amz-cf-id
aaIA7YjosR7y0RR94ehn-Yzmhj9V2KX01YGodHQScG2dvLog3747EQ==
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
/
js.stripe.com/v3/ 		673 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/loader/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
326a12752cac5fbcda173445c3e88f1017cb3864d5d5bcebcd23493bfb113845
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
W/"eac459705d35efc44a690251345e2ad3"
age
13
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Bgbz7rxRU5l_2bLeVofrgbHk9K5BLdq9lPflr0UKZbNY9C2oBV4cPQ==
date
Thu, 24 Oct 2024 03:18:45 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 23 Oct 2024 20:47:45 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 da9618575b838f6c05697fe3f723a49e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P8
server
Cloudfront
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		295 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/loader/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7b51daa2b58be074aa96fcf2bff13469142662c58b70ff6b9f18955b9448e842

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=916
content-encoding
gzip
etag
"668e23290a0d8ba3b14356655bd43c3a"
accept-ranges
bytes
content-length
82241
x-amz-cf-id
vBq67Yag44bxJWebXUWx8vtpHOZU5z4WOyGqjHooG6MQaq8P-iWyiA==
date
Thu, 24 Oct 2024 03:18:56 GMT
content-type
text/javascript
last-modified
Mon, 09 Sep 2024 05:20:39 GMT
vary
Accept-Encoding
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
swg.js
news.google.com/swg/js/v1/ 		245 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0f04dec43134913ad8a1da87ca1cb4eb30753050a2d0d2e5f0c0dc5ba941c30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
age
2329
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 03:30:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 02:40:08 GMT
last-modified
Wed, 23 Oct 2024 22:47:48 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3000
cross-origin-opener-policy
same-origin; report-to="news-frontend"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
accept-ranges
bytes
content-length
72573
x-xss-protection
0
server
sffe
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=17297399375750.8536216168096407
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89b::ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
pragma
no-cache
expires
Thu, 24 Oct 2024 03:18:57 GMT
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-length
831
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
AkamaiNetStorage
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89b::ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=83726
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
akamai-loopback-request
8096267
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-length
666
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/x-javascript
server
AkamaiNetStorage
pixel_29205fbe
www.heraldsun.com.au/akam/13/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_29205fbe
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/29205fbe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:88c::ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
blaizehappened
true
x-arrrg4
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_29205fbe&blaizehost=v4-news-au-heraldsun.cdn.zephr.com&content_id=&session=8064d63502ec111a3a539c7ecd7a9e89
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-length
0
akamai-grn
0.8aa12417.1729739937.17f00b5f
x-pathqs
TRUE
content-type
text/html
vary
User-Agent
date
Thu, 24 Oct 2024 03:18:57 GMT
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3EB708B66CB6438CB736E467EAEC3A40 Ref B: FRA31EDGE0510 Ref C: 2024-10-24T03:18:57Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
metrics.vendors.bundle.js
tags.news.com.au/prod/metrics/ 		155 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89b::ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f4cd2b3a7ecd9e189a4335aca67202ddd4803525c0d56d51ea80f3f247e946fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=66051
content-encoding
gzip
etag
"7998b9ac20c7937bf25e2ea217c3c839:1719187365.552355"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
AkamaiNetStorage
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89b::ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
875e2dbb46ed3ac5de6ffb948be3670674574c75bf0c963ad68edb8832f06d44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=77904
content-encoding
gzip
etag
"fb68340e5f23d55e9dd6f9e882195c13:1695883768.293004"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-length
9944
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
AkamaiNetStorage
tad.js
tags.news.com.au/prod/tad/ 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89b::ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
725cedf861f5608cc6a06e27059bb7647efe1d7af01a49744997a58dc2f79d1d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=76661
content-encoding
gzip
etag
"38575df658f06595d0460dd76367f16a:1729574655.176356"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-length
37524
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
AkamaiNetStorage
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
1e3d1bc73eb71767adf6cd2196912fe1acc92e15abf418edd8d0f11b71abd6d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
75 / 20020 / m202410210101 / config-hash: 9692308689602569677
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 03:18:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33493
x-xss-protection
0
server
cafe
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-67.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Content-Encoding
gzip
ETag
W/"d9de38d1900dec018a46f90cc70a48b7"
Age
3580
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
KAoWl-tFzRHRkd8DJc_54zNoR2yPkxY75k6cBT8206QqiZva98kMKQ==
Date
Thu, 24 Oct 2024 02:19:18 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
Last-Modified
Tue, 16 May 2023 02:16:02 GMT
Transfer-Encoding
chunked
Cache-Control
max-age=3600
Connection
keep-alive
Via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P3
Server
AmazonS3
x-amz-server-side-encryption
AES256
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89b::ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d5f1eaba202b7ce2050eeaf685c53727f235a13b397403ea980fa7d272debda3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=30441
content-encoding
gzip
etag
"433d9a2cc084df02a9ee99936310b420:1727661020.403789"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-length
3582
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
AkamaiNetStorage
utag.5.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.5.js?utv=ut4.46.202101180416
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
524bb2cee6fdc5e3657222b820942a036c6b46cf6a2372266fbb27f061a464a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"cae22d0693b3b0421d42836582b60804"
x-amz-version-id
Qgyy2p5Ud.pmu2wSu0chN5xu8l7x_z99
age
191
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
nxV6a2-5fnijKNrG-k3oce3lOjLm2xZHBZsQZsdNytyQIYy_SA039Q==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.680.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.680.js?utv=ut4.46.201911242359
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9975bb034362b04a958152f840e5789314724c1d526dcd9f599a06ccbbadcc2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"bf945d2a459eacbfe6f4390ce68f5c9b"
x-amz-version-id
ohEG8JCxM1lHvKLsxUwNO4D39q5yuAw9
age
191
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
HQ6vMzsbUvCYOblaBIeHVEmlwWm7vDduNOSq0FVDxWIkOlkAmiOhAg==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.732.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.732.js?utv=ut4.46.202405240213
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e25ea478e68dfab214c1f12fb44f482ed6e13f201212a588cc59d248015f812

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"d9eb9e94da10758dca08cc3693a788c5"
x-amz-version-id
ooJN8xji0eyJdLfmxdVjQSMvC45DA6wV
age
191
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
koHO3qFZd9GNuRSrV98mp7RIZUkoqVEqJzaKOzzm01FNGStjI_2TFg==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.738.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.738.js?utv=ut4.46.202403150214
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
032845857dde18bfe2a0e82b1752216fc1723dfd615b7760026e48af6e06ac5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"8d67f2af5bb3bfc894ba4fa3502bfeb8"
x-amz-version-id
U147V6cN.8W_JuxQmtrgFPbvamTBAJYJ
age
191
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
zDgBJtRgQxRfkKuY7Qr7e_-ozv8mK_mbt6vWeft4vKvGfQhKjvdxDg==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.747.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		611 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.747.js?utv=ut4.46.202404100230
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e649bb87b97864d0fe15dd2300849d3a4e26068a8a2cc0a641760384f11129a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-version-id
4.RDAHb9cvJKE6QM0Vc8h2O1BLf79Wmh
etag
"a137a230cfe1b0bb3da3b3f16b45a9c1"
age
191
x-cache
Hit from cloudfront
x-amz-cf-id
78oaW2D3cLb7hewrKrH7vQ46AibhDrk7kVQTBCv3qiQVCxWZjncJeg==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Fri, 20 Sep 2024 03:36:48 GMT
cache-control
max-age=1296000
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
611
x-amz-cf-pop
FRA60-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
utag.764.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.764.js?utv=ut4.46.202405200514
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c29af249f7d9168908c6ad155b882555f8ec2ed7800c824e6ec45904f84040e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"f3232a25ed33b91caef122507a630acf"
x-amz-version-id
EraHwCFuFDPbqqWHB7a4idz_uIUoLWEc
age
191
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
R4ur_9Jp6Av7yV2CcDhpef-A5Wf8u73l7NwRk-3eUf7eCWm-LKEqzg==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.765.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.765.js?utv=ut4.46.202407222347
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
383a6476ad4d112b859aef3b8b12456cbd253d1b88fa523e8b2692bfc583183d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"a683dac25476e1f2873dcfaa27c61a29"
x-amz-version-id
WEXqonj883RQQRPoxUSduJKc2Er3FDFM
age
191
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
-p2aMhRyKf2Jaw5tAOB3Mugq2U8YaMozn-e-RzG4u1JZEXhTJbX37w==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.842.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.842.js?utv=ut4.46.202407222347
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c5ac58bbd548149e5e5fad192c36edfc2e65d1fa1ec9fe064e5adf172db0d32

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"06865e04a0c3722a8f07c1282338220a"
x-amz-version-id
Z2cNe8ByqTHWwr5HN_w5Fw.K6tSteTWJ
age
191
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
78pHUQ_xF7RePsR4dxQCIZvWb_puzgw_XURyJAAm_gkJGI3BKXgeyA==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.843.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.843.js?utv=ut4.46.202407030411
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e5379e3ffad0010d5bad17e26b900bda96a012c3501c6cc2f84c6af49ea0044

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"cd109e97fea5b945642f5f07fd9eada9"
x-amz-version-id
vMw0yINB8PJHKVd36hwI0udle6yUy74X
age
164
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
cVrHAcVlQBqVJV3kj5iC-LjSkiIxLlDxE1YKq2aFONfgKz4ME-DZRg==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.848.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.848.js?utv=ut4.46.202406240042
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dad6b3c7a603cd523cffcfec1af9789953881454129fc3d9962f767e855901b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"3708d5525f98d7520ba5b549ba33d042"
x-amz-version-id
aVKPwVg366ZnsgyY5wfleLNw._5IDAlC
age
191
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
s1wJxh43CveziIGc3d_b3bQ6WQNdF3Ej2HAqCEsXQR0i-MiiiT0p2g==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.849.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.849.js?utv=ut4.46.202406240042
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fdb638e3cd8a5597cdfe92befc64d36147ac4fcba9e58474091a3ce59a3e0333

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"1c8b17a8b247eaf22abaf6d91ec1382f"
x-amz-version-id
OjLieUoNHb6XVbaTueZ5p_ep7qGFvFcm
age
191
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
asZ4DLvL6CTeg8uxsL9PuzqegQFrA8d7jspPHDqSjMvtwl0EdJYfxQ==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.852.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.852.js?utv=ut4.46.202406240042
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c916b9c461fbe3d85c760ce6a1fd8dbbcdd63a575e25c2c98078a31a99614ea7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"552fa5e49d18ea8acd65f1fbebff92b6"
x-amz-version-id
NkaqYV4fRSfPyiiFCd5n6aMMFiLpcs8i
age
191
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
9SMrCJeZah_gDdcpbo7AOJmEg7L8-flz3r526yjKnKgYmT6fQXHpSw==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.851.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.851.js?utv=ut4.46.202406240042
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eac38be006a6ceb74388b4cee7ec1d8ad4f67a10517296c76a48a61651e9fe1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"3fd4026d0a615c4912373117b3683733"
x-amz-version-id
WydWjVCkkyRKjVCc3Uhec6_X4U2qdoQG
age
191
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
chFZrmlmZbCCHdNHaiu6_oBdyQhzl_ai4I_bwgpVEa_fL8RG6qoG-Q==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.855.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.855.js?utv=ut4.46.202406240042
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c1993c1c2ed8fd57cc0dd8894bf8f2c97884d6a143dfbd875c3f0ca25f92242

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"895b361f1ddf5ebe1380fb348d696c5c"
x-amz-version-id
GwiIfR4ngp1S7k5e8bZCHqNDej.7NUcl
age
191
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
ae_BB94EIk2wt3q4cYcm1bYWKh3EBfZ-ICCFEBUcEme3Sbe_h2wOIA==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.856.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.856.js?utv=ut4.46.202406240042
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb8cacd1ff7df6dbc51357ff84ccc4baa26a5e05fd70fd75881b702b640c5785

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"445272ab992c6ba93b6fd03228c23f75"
x-amz-version-id
TkAb5DkSSfHJ7Uf309PCYfhdIxe720Sh
age
191
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
jbJDQhVvUQUwR1IkmZZYoyH5FYArd_imoVOAl2US817OcS71mglzuw==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.860.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.860.js?utv=ut4.46.202406240042
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70583a0095f54c9965e7bd8a34071782832eacfd0e366c9806939c149cd0140b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"2b7c6f82f165a6eb5c34089b0d87167e"
x-amz-version-id
uA14zLJhhK64Is.xGXIx3INl2wVm..uF
age
191
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
4ZodLneLjrD2BsDDwxPSZB-EvL0Vib7mFvHog5Fjaw25DNiFXXiW5w==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.870.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.870.js?utv=ut4.46.202406260138
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d766d6848b30385acb34076b00f2de9b05bb097ec522b67b515981cf5ac60c91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"813a2d1bafb43bffbd9fe7d044ad6c20"
x-amz-version-id
Wl9SBs_AvE9CqmQ6BfQM8ZrwEH_6EmIB
age
191
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
7bBn5q6dD6hEDArf7d5pgmxdE3HojSPJC0fgqf6LQx3AFiwq9ryzwg==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 03:36:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
swg-button.css
news.google.com/swg/js/v1/ Frame 4FD4 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/

Response headers

content-encoding
gzip
age
2364
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 03:29:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 02:39:33 GMT
last-modified
Wed, 03 Jan 2024 21:19:17 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=3000
cross-origin-opener-policy
same-origin; report-to="news-frontend"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
accept-ranges
bytes
content-length
5195
x-xss-protection
0
server
sffe
runtime~main.js
subscriptions.heraldsun.com.au/caas/1.14.17/ Frame 4FD4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/caas/1.14.17/runtime~main.js?61d4035fcf371e06b2b2
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a29bb26377940dc40a9dc256c230c43dbf95d2179be3f3da3c51570282d55c9a
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc

Response headers

strict-transport-security
max-age=600
cache-control
max-age=1
content-encoding
gzip
etag
"62125d260106966c104140e16778d91b"
accept-ranges
bytes
content-length
1791
x-amz-cf-id
fJUdIXIaIWmNtJIbLEgAJ9Wzjf3m7wPSSQNvybfHN3vL06QMKkV5GA==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
text/javascript
last-modified
Mon, 09 Sep 2024 05:12:36 GMT
vary
Accept-Encoding
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
91.js
subscriptions.heraldsun.com.au/caas/1.14.17/ Frame 4FD4 		255 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/caas/1.14.17/91.js?61d4035fcf371e06b2b2
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
756771edeb4be2746839f8b24b35fab6a4e168bdf95f9b6db6aa70f7a7c861f6
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc

Response headers

strict-transport-security
max-age=600
cache-control
max-age=1
content-encoding
gzip
etag
"7c2a2493f05cb4a8b0e9dd9c2cebfc1f"
accept-ranges
bytes
content-length
83831
x-amz-cf-id
JMOiV3E8iO3xCZCFRHZsq_ye2i5bZ1nxINoNceAg7nAaY8ro7Ro6kA==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
text/javascript
last-modified
Mon, 09 Sep 2024 05:12:36 GMT
vary
Accept-Encoding
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
181.js
subscriptions.heraldsun.com.au/caas/1.14.17/ Frame 4FD4 		217 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/caas/1.14.17/181.js?61d4035fcf371e06b2b2
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
68a1fe014c8c54e55cb71fd69951dbcca806ba4e51f3444fb366acaa08fe86d9
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc

Response headers

strict-transport-security
max-age=600
cache-control
max-age=1
content-encoding
gzip
etag
"b67813ceb951d9de89d828adf14229e1"
accept-ranges
bytes
content-length
43363
x-amz-cf-id
J7-bdUFixmicdq1UjtzQtTMApW2yWtV8nepUrtMSU-uChWYpTePIJA==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
text/javascript
last-modified
Mon, 09 Sep 2024 05:12:36 GMT
vary
Accept-Encoding
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
34.js
subscriptions.heraldsun.com.au/caas/1.14.17/ Frame 4FD4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/caas/1.14.17/34.js?61d4035fcf371e06b2b2
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9e3bd74d6107eb62572af18fc21a64d8ae3699070f7c7db25d7a8ee4afa93c7b
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc

Response headers

strict-transport-security
max-age=600
cache-control
max-age=1
content-encoding
gzip
etag
"98d49c6913c45d1ae139ecd97a69ae27"
accept-ranges
bytes
content-length
1940
x-amz-cf-id
zbbEXrwMD-ieolTUJdZjdi8YnNnFHuBo2SFsaw_x5OTvDEozZAw-qg==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
text/javascript
last-modified
Mon, 09 Sep 2024 05:12:36 GMT
vary
Accept-Encoding
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
main.js
subscriptions.heraldsun.com.au/caas/1.14.17/ Frame 4FD4 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/caas/1.14.17/main.js?61d4035fcf371e06b2b2
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1d0b237fe8783dfe8d419491b1002698ce58ef792a26059ac0b94824243e51bc
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc

Response headers

strict-transport-security
max-age=600
cache-control
max-age=1
content-encoding
gzip
etag
"7dbc085a8a7643b37272e1f9c58b9612"
accept-ranges
bytes
content-length
4956
x-amz-cf-id
WW6srJIQYazfF6alCM27MABBaiJPsZ1l0AWh2Glpu0MMALWV3ZRatw==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
text/javascript
last-modified
Mon, 09 Sep 2024 05:12:36 GMT
vary
Accept-Encoding
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
swg-button.css
news.google.com/swg/js/v1/ 		18 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
age
2364
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 03:29:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 02:39:33 GMT
last-modified
Wed, 03 Jan 2024 21:19:17 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=3000
cross-origin-opener-policy
same-origin; report-to="news-frontend"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
accept-ranges
bytes
content-length
5195
x-xss-protection
0
server
sffe
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
age
2897
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 03:20:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 02:30:40 GMT
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public, max-age=3000
cross-origin-opener-policy
same-origin; report-to="news-frontend"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
accept-ranges
bytes
content-length
1049
x-xss-protection
0
server
sffe
serviceiframe
news.google.com/swg/ui/v1/ Frame 27E6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=1729739937735&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WmDzmWIsvrlbhIiek-7iSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://billing-ads-qa-devel.corp.google.com https://payments.google.com https://payments.sandbox.google.com https://sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-WmDzmWIsvrlbhIiek-7iSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://billing-ads-qa-devel.corp.google.com https://payments.google.com https://payments.sandbox.google.com https://sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Thu, 24 Oct 2024 03:18:57 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/swg/_/SubscribewithgoogleClientUi/web-reports?context=eJzjytHikmJw15BicDa_xRT35xZT1OlHTE0rnzK1APG3Q8-YfgCxxNeXTGpA7JQ-gzUAiFtvnmOdDMRJ_86zFgAx69OLrOxAbKhwidUeiFV7LrEaA3GRxBXWBiB2LL_C6gzEQjwcC38-28EmcODG8SnMSkZJ-YXxxaVJxclFmUmp5ZklGen5-ek5qck5mal5JcWpRWWpRfFGBkYmhgZGRnoGZvEFBgC8IUeu"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
article
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/ 		466 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/article?locked=false&contentType=OPEN
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2498295342cf91eecada436e178c65c534afff2195020e013fcc4d5b739a9ef7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-methods
GET, POST
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/json; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.heraldsun.com.au
x-xss-protection
0
server
ESF
controller-with-preconnect-f7e699adf48128d47a494d033dd86869.html
js.stripe.com/v3/ Frame 4919 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-f7e699adf48128d47a494d033dd86869.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
22
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 24 Oct 2024 03:18:36 GMT
etag
"f7e699adf48128d47a494d033dd86869"
last-modified
Wed, 23 Oct 2024 20:08:23 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 efb576f3260fb935bd57cce721b78428.cloudfront.net (CloudFront)
x-amz-cf-id
TRqo51kGdqEQYQ1f1h1aGpDqL21UKMLRDORQiju-tTG0qjnspNTH4g==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-google-pay-44be013cde9863510f175e29826c0005.html
js.stripe.com/v3/ Frame F670 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-44be013cde9863510f175e29826c0005.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2445
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
408
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 24 Oct 2024 02:38:35 GMT
etag
"44be013cde9863510f175e29826c0005"
last-modified
Wed, 23 Oct 2024 20:08:39 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 efb576f3260fb935bd57cce721b78428.cloudfront.net (CloudFront)
x-amz-cf-id
2RjJ_GyJr7N8feAvl95A_W3kJcqStt0dWnTKw1XTd98KYXVRVYYRCA==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-browser-f94518fb029009e1195545f92ae12e6a.html
js.stripe.com/v3/ Frame A7FA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-f94518fb029009e1195545f92ae12e6a.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
76
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
344
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 24 Oct 2024 03:17:43 GMT
etag
"f94518fb029009e1195545f92ae12e6a"
last-modified
Wed, 23 Oct 2024 20:08:39 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 efb576f3260fb935bd57cce721b78428.cloudfront.net (CloudFront)
x-amz-cf-id
PT2OZfmyzgjiul47ASQx42WT_7dhTrqDtfp69dX1trlUSo7B7kys5Q==
x-amz-cf-pop
FRA60-P8
x-cache
RefreshHit from cloudfront
x-content-type-options
nosniff
chartbeat.js
static.chartbeat.com/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.5.js?utv=ut4.46.202101180416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:2200:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"665fad8c-9895"
age
13600
cross-origin-resource-policy
cross-origin
via
1.1 ce0a6880f9416cb3a7b5da0d937e47be.cloudfront.net (CloudFront)
expires
Thu, 24 Oct 2024 23:32:17 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
Wx9iCTtgmWKhUpw2hkbdT2yhmrE0eJrNUdIX2ny0ecqPuFMZJE7lHg==
date
Wed, 23 Oct 2024 23:32:17 GMT
content-type
application/x-javascript
last-modified
Wed, 05 Jun 2024 00:13:00 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
vary
Accept-Encoding
insight.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=30840
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Thu, 24 Oct 2024 03:18:57 GMT
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
scevent.min.js
sc-static.net/ 		55 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.163.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ffaf3b7f34955e1c40b72cab3f9c84a08869774c525b76cbca16dc4b08593b08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, s-maxage=0, max-age=600
content-encoding
gzip
via
1.1 98845fbd1cb14abbe9d464a4caf17976.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
23694
x-amz-cf-id
olGNuXTSoj07XiTQBewILO3JgWfFF0W3zSFTRDqLR3D0eLH2iN6s4w==
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript;charset=utf-8
x-amz-cf-pop
FRA60-P7
server
CloudFront
access-control-allow-headers
Content-Type
js
www.googletagmanager.com/gtag/ 		225 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-14643376
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5824653e99cf7bd0087793f22bf7eb3f6e229f32fcad77eae2e5c407f6993dc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 24 Oct 2024 03:18:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
82800
x-xss-protection
0
server
Google Tag Manager
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.765.js?utv=ut4.46.202407222347
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15412
date
Thu, 24 Oct 2024 03:18:57 GMT
x-tw-cdn
FT
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-etou8220030-FRA
x-amz-server-side-encryption
AES256
fs.js
edge.fullstory.com/s/ 		285 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.738.js?utv=ut4.46.202403150214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
427cd4ea0b7a5b07204ad1bb9c6d0daa38e8a3faf3565d20f1e7f9b8fa657527

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
br
x-goog-hash
crc32c=QJy1Rg==, md5=e0O2bwAxyh7l77Qm2MDHwg==
etag
"7b43b66f0031ca1ee5efb426d8c0c7c2"
age
3024
x-goog-stored-content-encoding
br
expires
Thu, 24 Oct 2024 03:28:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
78625
date
Thu, 24 Oct 2024 02:28:33 GMT
last-modified
Tue, 22 Oct 2024 14:26:14 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY1QOf5OjcM3XT5TmNXX0ADtoOSityiBc7x4q4Uvwpi7RGcr9TZ3qxdFpMF45LFBhOVvxUxA0u3Lyg
cache-control
public, max-age=3600,no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1729607174161927
content-length
78625
server
UploadServer
2988.js
script.crazyegg.com/pages/scripts/0018/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0018/2988.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.747.js?utv=ut4.46.202404100230
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a66cfd3baa2ceb9836c31d0c9f3cdf55ce4392605ca499cafcfb2f8e2299f21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-expose-headers
CE-Version
content-encoding
gzip
cf-bgj
minify
cf-cache-status
HIT
age
8315
cf-polished
origSize=6996
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
text/javascript
last-modified
Thu, 24 Oct 2024 01:00:22 GMT
vary
Accept-Encoding
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8d76d293d822d262-FRA
access-control-allow-origin
*
ce-version
11.5.299
server
cloudflare
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:7a00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0cb9b953f79237672294c2bb59891fa8feac894ce750f1a875f30e5b41fb1819

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=86400,s-maxage=86400
content-encoding
gzip
x-amz-version-id
AoH.jiVjydvinnHNJtZ8mseqL9URAGVR
etag
W/"2c693994526dc99b803e449d427bb8e1"
age
1418
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
ckgRURp1lAMficOMCTQwqbEMGHxeTA8Re722TAIf5x9Ln7m4AJh3kA==
date
Thu, 24 Oct 2024 02:55:34 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 21:19:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
up_loader.1.1.0.js
js.adsrvr.org/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-103-101.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f3f998edad87e6ad828e47356849d6231bc16230268260d96f644153258fa3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Encoding
gzip
ETag
W/"610112908c0e277cb08859fbefe9e6b8"
Age
8552
Connection
keep-alive
Via
1.1 5f5fdd347d6ea8b242af79ee38a02fae.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
6vbAHtZkZa7-HFvNKZfJRkYy0BRQFLnkReQ734vExZD7VBdK49V5uA==
Date
Thu, 24 Oct 2024 00:56:26 GMT
Content-Type
application/x-javascript
Last-Modified
Thu, 24 Oct 2024 00:39:19 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P8
x-amz-server-side-encryption
AES256
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"5e9ac3a42b557bf8ca38cf2e8baba70b"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12126
date
Thu, 24 Oct 2024 03:18:57 GMT
last-modified
Tue, 15 Oct 2024 19:34:59 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
/
insight.adsrvr.org/track/conv/ 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/conv/?ct=0:ra6cunp&adv=12uiapu&fmt=3
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-length
70
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
image/gif
server
Kestrel
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-max-age
86400
access-control-expose-headers
X-CDN
cache-control
max-age=7200
content-encoding
br
etag
"b37f6fea55e9029c9c9d413c47f69cb7"
x-cdn
fastly
access-control-allow-methods
GET
alt-svc
h3=":443";ma=600
access-control-allow-origin
*
content-length
1878
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt.sops/202409200336&cb=1729739937824
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
etag
"7bc0ee636b3b83484fc3b9348863bd22"
age
184
x-cache
Hit from cloudfront
x-amz-cf-id
k3yzerQXMAJkW2XZU_Rd0APYw7xD7Ig2wm79uUVBAbAjLjggcuYPtw==
date
Thu, 24 Oct 2024 03:15:54 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
cache-control
max-age=300
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2
x-amz-cf-pop
FRA60-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/ 		481 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
dad10a832ba51b5db08691887a58b582022dd25c7849e0dd70f1ff8484d74a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
14283833466912019972
age
60981
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 10:22:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 23 Oct 2024 10:22:36 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
152738
x-xss-protection
0
server
cafe
door.js
au-script.dotmetrics.net/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13063
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-12.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
57f6375a91cd2b99a5283c72b3ce740c50e5172d60a31004d629c7cb65f58d2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private
content-encoding
br
etag
"13063...323.2024102403"
via
1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
x-amz-cf-id
o9oC5whMJBrirQ-35GEzqpMaY9vvvmlaNxy_HhBJS09vO77rDuyUKA==
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Kestrel
x-amz-cf-pop
FRA56-P11
metrics.main.bundle.js
tags.news.com.au/prod/metrics/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.main.bundle.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89b::ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9adf77add5f442574735f5fd2c07d13a3a44572ba1553c77e92f43e6d6c2f25a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=66055
content-encoding
gzip
etag
"39d9814dcba193f6396b3f8540e65c0c:1729563983.411882"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-length
26465
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
AkamaiNetStorage
97081477.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/97081477.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09b36a0f890ab02539bfc07113a7b1b93fca1061b3b2d6cd353a79c5588f0e6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=60
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 69A18C8C2F52404AB97F111D788ADF84 Ref B: FRA31EDGE0510 Ref C: 2024-10-24T03:18:57Z
x-cache
CONFIG_NOCACHE
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		63 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89b::ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiGHost /
Resource Hash
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=0, no-cache
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1712019818.804653"
pragma
no-cache
mime-version
1.0
expires
Thu, 24 Oct 2024 03:18:58 GMT
access-control-allow-origin
https://www.heraldsun.com.au
content-length
63
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
text/plain
vary
Origin, Origin, Origin
server
AkamaiGHost
97081477
www.clarity.ms/tag/uet/ 		907 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/97081477
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/97081477.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
15374af7c1c6e3f387f2fb8570ff638f455d1dfa24194b2d1e08d3de36df758b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
907
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/x-javascript
x-azure-ref
20241024T031858Z-er1787bdbf4kll9c7advumkwxw0000000ahg000000001zz9
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97081477&Ver=2&mid=07abf622-a4b6-467b-9580-91e68a614fe5&bo=1&sid=b509291091b611ef86ff6d3d70afa8df&vid=b509c3d091b611ef9504dfe2835bc97d&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&p=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&r=&lt=5553&evt=pageLoad&sv=1&cdb=AQwT&rn=309528
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 74B1D5478AF7442BB0795B27B8E6B1A9 Ref B: FRA31EDGE0510 Ref C: 2024-10-24T03:18:57Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 24 Oct 2024 03:18:57 GMT
0
bat.bing.com/action/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97081477&Ver=2&mid=07abf622-a4b6-467b-9580-91e68a614fe5&bo=2&sid=b509291091b611ef86ff6d3d70afa8df&vid=b509c3d091b611ef9504dfe2835bc97d&vids=0&msclkid=N&ea=breach&en=Y&p=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F&sw=1600&sh=1200&sc=24&evt=custom&cdb=AQwT&rn=12455
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2D7266FB9C3541569A7CAFCB6B9A3C31 Ref B: FRA31EDGE0510 Ref C: 2024-10-24T03:18:57Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 24 Oct 2024 03:18:57 GMT
SourceSansPro.css
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame 4FD4 		3 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-86.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d886b38df75e0e31e14bfbfd444470546e74c6be57c1d5e4652b8effe846983c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/

Response headers

vary
Origin
x-amz-version-id
gbkjv9x2vhJcKqF8bDiP7FOYD4BAHoHs
etag
"5289602bbafeb24bced6718ca4e935c4"
age
79821
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2642
x-amz-cf-id
ybbEHlHM5OWaywEA1jOa4VvOJND_eGS0jsBA1ry4GZAi-h1lcdHLoQ==
date
Wed, 23 Oct 2024 05:08:36 GMT
content-type
text/css
last-modified
Fri, 31 May 2024 00:52:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
Charter.css
subscriptions.news.com.au/media/fonts/Charter/ Frame 4FD4 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-86.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70c32349ed6edbf5028afe181f10230e0d5e62c4f4fada36ed28d2043acc3318

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/

Response headers

vary
Origin
x-amz-version-id
5LZh10zvFmjqMtgo4ho1Nab5GjdOy0Gi
etag
"e2289b49ba965fcb93f8dc7216f535e8"
age
79466
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2050
x-amz-cf-id
17SbZ7Cj-Hlgvf0AtTLunlcIxNocdXLBqix_nkkZTdlinYmUPXcUQA==
date
Wed, 23 Oct 2024 05:14:38 GMT
content-type
text/css
last-modified
Fri, 31 May 2024 00:42:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
env.json
subscriptions.heraldsun.com.au/caas/1.14.17/config/ Frame 4FD4 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/caas/1.14.17/config/env.json
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/1.14.17/91.js?61d4035fcf371e06b2b2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
684eb8f141eb2662b3cebc68b6280e513e0ca12dbe806c13bbb02e9adf1c7814
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc

Response headers

strict-transport-security
max-age=600
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
etag
"952d958928fdede5666c47ffe6c7f722"
pragma
no-cache
expires
Thu, 24 Oct 2024 03:18:58 GMT
accept-ranges
bytes
content-length
871
x-amz-cf-id
-qjULvCNWto-PNJ18qchN-NVd2tYAIMqohHNv09EW0BSvClnDEQuiQ==
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/json
last-modified
Mon, 09 Sep 2024 05:12:36 GMT
vary
Accept-Encoding
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
www.heraldsun.com.au.json
script.crazyegg.com/pages/data-scripts/0018/2988/site/ 		1 KB
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0018/2988/site/www.heraldsun.com.au.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edeece3f4ceab0c62abf9fbf0c65233784c5a7acd733c2405c3ea9e3bcf21077

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-expose-headers
CE-Version
content-encoding
gzip
cf-cache-status
HIT
age
8313
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/json
last-modified
Thu, 24 Oct 2024 01:00:25 GMT
vary
Accept-Encoding
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8d76d294c965994e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
472
ce-version
11.5.299
server
cloudflare
adsct
t.co/1/i/ 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=d108b091-e9a0-48a2-a7d8-a0b6ed0f489c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=90b6320d-451e-483d-b9c2-7569a4e22ebd&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&tw_iframe_status=0&txn_id=olqt8&type=javascript&version=2.3.30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=0
x-transaction-id
d5047131b9dc48d2
cache-control
no-cache, no-store, max-age=0
x-connection-hash
7779c2f8ce313edf546846930218bfeed9a235f28126ebaa4c6b4c0438066f9f
cf-cache-status
DYNAMIC
cf-ray
8d76d294fdd21d9a-FRA
x-response-time
178
content-length
43
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_o
adsct
analytics.twitter.com/1/i/ 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=d108b091-e9a0-48a2-a7d8-a0b6ed0f489c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=90b6320d-451e-483d-b9c2-7569a4e22ebd&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&tw_iframe_status=0&txn_id=olqt8&type=javascript&version=2.3.30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
a263a09ecfb50637
cache-control
no-cache, no-store, max-age=0
x-connection-hash
c5b3015ccfcba8463f343f3bb806c889ba46970bbca16640d62a398b560c84e9
x-response-time
102
content-length
43
date
Thu, 24 Oct 2024 03:18:57 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_o
adsct
t.co/1/i/ 		43 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=4&event=%7B%7D&event_id=56e18ebc-a988-4499-a030-832b5401af78&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=90b6320d-451e-483d-b9c2-7569a4e22ebd&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&tw_iframe_status=0&txn_id=tw-olqt8-olqta&type=javascript&version=2.3.30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=0
x-transaction-id
716c1181c01ddaa4
cache-control
no-cache, no-store, max-age=0
x-connection-hash
a48c9c97bf2011bbb0c4570f4fe8b22e6e9a588cc8ab5d4292e377f0393bbe91
cf-cache-status
DYNAMIC
cf-ray
8d76d294fdd01d9a-FRA
x-response-time
101
content-length
43
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_o
adsct
analytics.twitter.com/1/i/ 		43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=4&event=%7B%7D&event_id=56e18ebc-a988-4499-a030-832b5401af78&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=90b6320d-451e-483d-b9c2-7569a4e22ebd&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&tw_iframe_status=0&txn_id=tw-olqt8-olqta&type=javascript&version=2.3.30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
66bc0d158caccb67
cache-control
no-cache, no-store, max-age=0
x-connection-hash
c5b3015ccfcba8463f343f3bb806c889ba46970bbca16640d62a398b560c84e9
x-response-time
105
content-length
43
date
Thu, 24 Oct 2024 03:18:57 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_o
config
pixel-config.reddit.com/pixels/t2_vrvmwxuz/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_vrvmwxuz/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/json
t2_vrvmwxuz_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_vrvmwxuz_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1729739938014&id=t2_vrvmwxuz&event=Lead&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=c523e86ffbab94e64e80b8b1ba3bcedd9f2c10a77d3fd96bfb5ed70278241821&m.customEventName=&m.products=&m.conversionId=8f285169bfefabd1a1ba663076d756507750c599960f2673f793ba8688adb5af&uuid=1cc2a38e-ae76-4592-89e5-b80da617d2ca&aaid=&em=&external_id=1802cd3dda7d601a5c6751b94d8b7edb72f7efdf45830ae9805ff41a4286efb2&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
image/gif
server
Varnish
t2_vrvmwxuz_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_vrvmwxuz_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		42 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1729739938017&id=t2_vrvmwxuz&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=b201e5859ed66d0e57775c1b0eae5f365bb00ee639f645edd391c8d005f40d78&uuid=1cc2a38e-ae76-4592-89e5-b80da617d2ca&aaid=&em=&external_id=1802cd3dda7d601a5c6751b94d8b7edb72f7efdf45830ae9805ff41a4286efb2&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
image/gif
server
Varnish
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=newspaywall.com.au&p=%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%3A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&u=DoM0tXwop1MCVrupT&d=heraldsun.com.au&g=36976&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2573&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&b=6506&t=xyPzbFQX4DDoJ9c64w7ZaBMikDC&V=147&i=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&tz=-120&_acct=anon&sn=1&sv=CWDGKrBsG8hYD79OBgCRmelDBuThi0&sr=external&sd=1&im=0e030c7a&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.199.178.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-178-113.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

expires
0
cache-control
no-cache, no-store, must-revalidate
content-length
43
date
Thu, 24 Oct 2024 03:18:58 GMT
pragma
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		199 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:7a00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
x-amz-version-id
Aabpvbg3ktgBmwIqp1b4kZ3V88L5QhMx
etag
W/"2be1fe7a43ef5ba626afab2ceddfc177"
age
441
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Hit from cloudfront
x-amz-cf-id
gvvngdiT483X1_Uwb189sMXrhHIagqAheMHvQd_WqGqKMrD1jmjDhA==
date
Thu, 24 Oct 2024 03:11:38 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 06 Sep 2023 13:04:53 GMT
cache-control
max-age=86400
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
attribution_trigger
px.ads.linkedin.com/ 		2 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=&time=1729739938101&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Referer
https://www.heraldsun.com.au/

Response headers

x-li-pop
afd-prod-lva1-x
content-encoding
gzip
x-fs-uuid
00062530769284118cd311a2e9e68016
x-msedge-ref
Ref A: 243728BD827D495A93C2E5BE86214623 Ref B: FRAEDGE2011 Ref C: 2024-10-24T03:18:58Z
x-li-fabric
prod-lva1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYlMHaShBGM0xGi6eaAFg==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/json
access-control-allow-headers
*
collect
px.ads.linkedin.com/ 		0
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1729739938101&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 85183580C83E42CAB8070158FF51BA39 Ref B: FRAEDGE1219 Ref C: 2024-10-24T03:18:58Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYlMHaS1bBsE/UVjh2huw==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript
attribution_trigger
px.ads.linkedin.com/ 		2 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=6080524&time=1729739938102&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&conversionId=16990442
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Referer
https://www.heraldsun.com.au/

Response headers

x-li-pop
afd-prod-lva1-x
content-encoding
gzip
x-fs-uuid
0006253076927e36684b83885ee4c9e4
x-msedge-ref
Ref A: F08D3B66AC8345D6A11E4FBC89BAE3F9 Ref B: FRAEDGE2011 Ref C: 2024-10-24T03:18:58Z
x-li-fabric
prod-lva1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYlMHaSfjZoS4OIXuTJ5A==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6080524&time=1729739938102&conversionId=16990442&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6080524&time=1729739938102&conversionId=16990442&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%2...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6080524&time=1729739938102&conversionId=16990442&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&e_ipv6=AQJdnY9Zx-eDQAAAAZK8iNnXblp4KUVElE_iAKz7FVgcBPagY84LSB-8ch2OB33LtnnZdKHvdgOdig
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 01A8FE0D270B4D54A07189D04BD87E82 Ref B: FRAEDGE1206 Ref C: 2024-10-24T03:18:58Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYlMHaW7cwGJUpgIAcwPA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Thu, 24 Oct 2024 03:18:57 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6080524&time=1729739938102&conversionId=16990442&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&e_ipv6=AQJdnY9Zx-eDQAAAAZK8iNnXblp4KUVElE_iAKz7FVgcBPagY84LSB-8ch2OB33LtnnZdKHvdgOdig
x-msedge-ref
Ref A: 62FCE2232C084EF980E3E8F7F98D7B9D Ref B: FRAEDGE1219 Ref C: 2024-10-24T03:18:58Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYlMHaS1WEEs8g5TfSiAQ==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Thu, 24 Oct 2024 03:18:57 GMT
63f03fde-185c-4ae3-a0c6-3741b8da74a5.json
tr.snapchat.com/config/au/ 		103 B
391 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/au/63f03fde-185c-4ae3-a0c6-3741b8da74a5.json?v=3.33.0-2409301510
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.738.js?utv=ut4.46.202403150214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
ad301f156a8dd072b3e8cc8d0dab186105642122ed49728fd564305c511f86ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
97
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://www.heraldsun.com.au
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/json
server
API Gateway
i
tr.snapchat.com/cm/ Frame 0641 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=63f03fde-185c-4ae3-a0c6-3741b8da74a5&u_scsid=298acd5d-b83c-439d-b9c0-ad1bd3842046&u_sclid=4ea2ada8-d90b-4664-9734-8168c444e309
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 24 Oct 2024 03:18:58 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
web
edge.fullstory.com/s/settings/KZM2R/v1/ 		17 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/KZM2R/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6ace25381dd11f2003f8cb3c0ed4dc0b3fc0778682e4ff14661dac0ec05d815d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=CqEUcQ==, md5=xsAJnsKuO0S4Px2z5Wq6Wg==
etag
"c6c0099ec2ae3b44b83f1db3e56aba5a"
age
25
x-goog-stored-content-encoding
gzip
expires
Thu, 24 Oct 2024 03:33:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
3629
date
Thu, 24 Oct 2024 03:18:33 GMT
last-modified
Thu, 24 Oct 2024 03:15:54 GMT
content-type
application/json
x-guploader-uploadid
AHmUCY2Hn1VKgtI1MVfBuZf0TVNkxfY1KYx81e3Od2_QT64VgkBpyrpTXfaNpTxjS_DOErdqibtUghImbg
cache-control
public,max-age=900,no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1729739754718441
content-length
3629
server
UploadServer
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ Frame 4FD4 		303 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/1.14.17/main.js?61d4035fcf371e06b2b2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:88c::ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
11364eb0ccb375ed954d862763a554376a7d9b7ee2b5a79557e86db70a362311
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=880
content-encoding
gzip
etag
"e8aea58bbee8a4349ffb5a86d1d68bff:1726465208.047997"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
expires
Thu, 24 Oct 2024 03:33:38 GMT
akamai-grn
0.8aa12417.1729739938.17f00bf2
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/x-javascript
vary
User-Agent, Accept-Encoding
server
AkamaiNetStorage
main.97c41ef3.js
s.pinimg.com/ct/lib/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.97c41ef3.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-max-age
86400
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
content-encoding
br
etag
"e1539e83e14f862d3b381b23e74d63fa"
x-cdn
fastly
access-control-allow-methods
GET
alt-svc
h3=":443";ma=600
access-control-allow-origin
*
content-length
23701
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
ads
pagead2.googlesyndication.com/gampad/ 		31 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=4499531545093443&correlator=597603754189356&hxva=1&scor=3936167527198909&eid=31083342%2C31088328%2C31088330%2C31088368%2C83320949%2C31086810&output=ldjh&gdfp_req=1&vrg=202410210101&ptt=17&impl=fifs&npa=1&iu_parts=5129&enc_prev_ius=%2F0%2F&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&eri=1&sc=1&abxe=1&dt=1729739938215&lmt=1729739938&adxs=0&adys=2573&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&vis=1&psz=1600x2572&msz=1600x0&fws=4&ohw=1600&td=1&egid=27624&tan=9c9970fb-fb31-471d-9638-3b112112d29d&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729739936355&idt=1707&prev_scp=pos%3D1&cust_params=us%3Db%26s%3D0%26co%3D1%26kw%3D%26nk%3D8064d63502ec111a3a539c7ecd7a9e89%26sec1%3Dsops%26sec2%3Dsubscription%26sec3%3Dcustomerdetails%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dbreach%252Cshopfront%26pid%3Dnone%26adl%3Dfalse%26sssw%3Dtrue%26abtest%3Da%26pvid%3D8064d63502ec111a3a539c7ecd7a9e89-00000000000000000000000000000000-1729739937629-514287&adks=14334197&frm=20&eoidce=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.738.js?utv=ut4.46.202403150214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
245bf139eb26662ef31841cb4a133fda493d3e59f48526790d726865dc4e64bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
google-lineitem-id
6767495266
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138386464268
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.heraldsun.com.au
content-length
12880
x-xss-protection
0
server
cafe
container.html
a2d9d570c666f8b5664093812d2aefa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D572 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a2d9d570c666f8b5664093812d2aefa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 03:18:58 GMT
expires
Thu, 24 Oct 2024 03:18:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 39FA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
2530
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Thu, 24 Oct 2024 02:36:49 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 06 Sep 2023 13:04:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-id
avubv6IvHIbOH9_oK2tPaqkbT8osAnQwCaQY4FiJdeXz5CqPyqgCVQ==
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
CTbRZ.5UlARhD4XceMUpZU1V6DSHtB37
x-cache
Hit from cloudfront
activityi;dc_pre=CKPR0bSHpokDFdmqgwcd_-kkAQ;src=14643376;type=hs;cat=hs_03;ord=5486836592727;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=642669250;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
14643376.fls.doubleclick.net/ Frame 06FE
Redirect Chain
  • https://14643376.fls.doubleclick.net/activityi;src=14643376;type=hs;cat=hs_03;ord=5486836592727;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=642669250;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;u...
  • https://14643376.fls.doubleclick.net/activityi;dc_pre=CKPR0bSHpokDFdmqgwcd_-kkAQ;src=14643376;type=hs;cat=hs_03;ord=5486836592727;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=642669250;u...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://14643376.fls.doubleclick.net/activityi;dc_pre=CKPR0bSHpokDFdmqgwcd_-kkAQ;src=14643376;type=hs;cat=hs_03;ord=5486836592727;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=642669250;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101794737~101823847;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-14643376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
590
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 03:18:58 GMT
expires
Thu, 24 Oct 2024 03:18:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 03:18:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://14643376.fls.doubleclick.net/activityi;dc_pre=CKPR0bSHpokDFdmqgwcd_-kkAQ;src=14643376;type=hs;cat=hs_03;ord=5486836592727;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=642669250;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101794737~101823847;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CKjU0bSHpokDFfuhgwcdmAwsBg;src=14643376;type=hs;cat=hs_02;ord=8040240705841;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=1224200976;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
14643376.fls.doubleclick.net/ Frame A24E
Redirect Chain
  • https://14643376.fls.doubleclick.net/activityi;src=14643376;type=hs;cat=hs_02;ord=8040240705841;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=1224200976;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
  • https://14643376.fls.doubleclick.net/activityi;dc_pre=CKjU0bSHpokDFfuhgwcdmAwsBg;src=14643376;type=hs;cat=hs_02;ord=8040240705841;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=1224200976;...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://14643376.fls.doubleclick.net/activityi;dc_pre=CKjU0bSHpokDFfuhgwcdmAwsBg;src=14643376;type=hs;cat=hs_02;ord=8040240705841;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=1224200976;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101794737~101823847;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-14643376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
589
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 03:18:58 GMT
expires
Thu, 24 Oct 2024 03:18:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 03:18:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://14643376.fls.doubleclick.net/activityi;dc_pre=CKjU0bSHpokDFfuhgwcdmAwsBg;src=14643376;type=hs;cat=hs_02;ord=8040240705841;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=1224200976;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101794737~101823847;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		286 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-994679518&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-14643376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b5e2294428a714045da180d9187469fd3fd2787a971cbbe8fc69c0ea66f643d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 24 Oct 2024 03:18:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100227
x-xss-protection
0
server
Google Tag Manager
activity;register_conversion=1;src=14643376;type=hs;cat=hs_03;ord=5486836592727;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=642669250;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl...
ad.doubleclick.net/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=14643376;type=hs;cat=hs_03;ord=5486836592727;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=642669250;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101794737~101823847;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 03:18:58 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"13776317561144267014"}],"aggregatable_trigger_data":[{"filters":[{"14":["102316336"]}],"key_piece":"0x7fa3130239de68f2","source_keys":["12","13","14","15","16","17","18","19","20","21","26299096","26299097","26299098","26299099","640928816","640928817","640928818","640928819","902572844","902572845","902572846","902572847","902581584","902581585","902581586","902581587"]},{"key_piece":"0xe7aa0b6f7049737c","not_filters":{"14":["102316336"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","26299096","26299097","26299098","26299099","640928816","640928817","640928818","640928819","902572844","902572845","902572846","902572847","902581584","902581585","902581586","902581587"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"26299096":655,"26299097":655,"26299098":655,"26299099":63569,"640928816":32,"640928817":32,"640928818":32,"640928819":3177,"902572844":32,"902572845":32,"902572846":32,"902572847":3177,"902581584":32,"902581585":32,"902581586":32,"902581587":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"3803681769520911134","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"13776317561144267014","filters":[{"14":["102316336"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"13776317561144267014","filters":[{"14":["102316336"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"13776317561144267014","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"13776317561144267014","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14643376"]}}
content-type
image/png
x-xss-protection
0
server
cafe
activity;register_conversion=1;src=14643376;type=hs;cat=hs_02;ord=8040240705841;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=1224200976;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscd...
ad.doubleclick.net/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=14643376;type=hs;cat=hs_02;ord=8040240705841;npa=1;auiddc=46759931.1729739938;gdid=dYmQxMT;ps=1;pcor=1224200976;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101794737~101823847;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 03:18:58 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"10254776087144727075"}],"aggregatable_trigger_data":[{"filters":[{"14":["102302385"]}],"key_piece":"0x8505d636978a41ed","source_keys":["12","13","14","15","16","17","18","19","20","21","26299096","26299097","26299098","26299099","640928816","640928817","640928818","640928819","902572844","902572845","902572846","902572847","902581584","902581585","902581586","902581587"]},{"key_piece":"0xe3dd1869b466516f","not_filters":{"14":["102302385"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","26299096","26299097","26299098","26299099","640928816","640928817","640928818","640928819","902572844","902572845","902572846","902572847","902581584","902581585","902581586","902581587"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"26299096":655,"26299097":655,"26299098":655,"26299099":63569,"640928816":32,"640928817":32,"640928818":32,"640928819":3177,"902572844":32,"902572845":32,"902572846":32,"902572847":3177,"902581584":32,"902581585":32,"902581586":32,"902581587":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"14226241597527884448","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"10254776087144727075","filters":[{"14":["102302385"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"10254776087144727075","filters":[{"14":["102302385"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"10254776087144727075","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"10254776087144727075","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14643376"]}}
content-type
image/png
x-xss-protection
0
server
cafe
events
logx.optimizely.com/v1/ 		0
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.241.49.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.heraldsun.com.au/

Response headers

x-request-id
27865508-98b5-4d55-91f9-8cf7514ab7ad
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
via
1.1 google
access-control-allow-origin
https://www.heraldsun.com.au
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
text/plain
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
clarity.js
www.clarity.ms/s/0.7.49/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.49/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/97081477
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-azure-ref
20241024T031858Z-er1787bdbf4kll9c7advumkwxw0000000ahg000000001zzd
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCF0FBF8E94E61"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
490d94a4-501e-0029-41e8-2210af000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Sun, 20 Oct 2024 11:40:18 GMT
/
ct.pinterest.com/user/ 		320 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2612777586108&ov=%7B%22page_name%22%3A%22Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories%22%2C%22page_category%22%3A%22%22%7D&pd=%7B%22opt_out_type%22%3A%22%22%2C%22st%22%3A%22%22%2C%22country%22%3A%22%22%2C%22np%22%3A%22tealium%22%7D&cb=1729739938304&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
96e7ae80e5b8a137dcb39b70dd86d5e0
expires
Sat, 01 Jan 2000 00:00:00 GMT
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPU1qWm1aak5qTXpndE1qbGpNQzAwTXpjNUxUa3hNalF0TkdRd1lUY3lPREZqT1dReg
pinterest-version
4c367255c34ed9223ef8c37450ea65abc9db1e3c
access-control-allow-origin
https://www.heraldsun.com.au
content-length
186
akamai-grn
0.d8d5ce17.1729739938.2d22e6af
x-pinterest-rid
1590322561823059
/
ct.pinterest.com/user/ 		320 B
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=lead&ed=%7B%22lead_type%22%3A%22test%22%2C%22event_id%22%3A%22c2d76688a215f46f12534db58f2b25cc%22%7D&tid=2612777586108&cb=1729739938305&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
aba82d2bbfa8086915794dcae1c6bd39
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=600
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPU16aGhORGd6TmpFdE9UY3dOeTAwTW1NNUxUaGhaVEV0TVdRMk1qQmlNakJpWkdWbA
pinterest-version
4c367255c34ed9223ef8c37450ea65abc9db1e3c
access-control-allow-origin
https://www.heraldsun.com.au
content-length
186
akamai-grn
0.d8d5ce17.1729739938.2d22e6a8
x-pinterest-rid
1547353480745106
/
ct.pinterest.com/user/ 		320 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22lead_type%22%3A%22test%22%2C%22event_id%22%3A%225998d54925e52e513acbaa82cad1b8ec%22%7D&tid=2612777586108&cb=1729739938305&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
5bd182555340bac055e374eaf0b2ba38
expires
Sat, 01 Jan 2000 00:00:00 GMT
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPVpUZ3pPVEUxWW1NdE1EUTBNQzAwTkdVeExUaGtaVEF0TmpjeE5EWXdPV1V4TUdSaQ
pinterest-version
4c367255c34ed9223ef8c37450ea65abc9db1e3c
access-control-allow-origin
https://www.heraldsun.com.au
content-length
186
akamai-grn
0.d8d5ce17.1729739938.2d22e6ae
x-pinterest-rid
6188918865346607
/
ct.pinterest.com/v3/ 		35 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?tid=2612777586108&ov=%7B%22page_name%22%3A%22Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories%22%2C%22page_category%22%3A%22%22%7D&pd=%7B%22opt_out_type%22%3A%22%22%2C%22st%22%3A%22%22%2C%22country%22%3A%22%22%2C%22np%22%3A%22tealium%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1729739938310
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.738.js?utv=ut4.46.202403150214
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-pinterest-rid-128bit
4095a8d972e56e70577f4bebefc0f623
expires
Sat, 01 Jan 2000 00:00:00 GMT
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
image/gif
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pinterest-version
4c367255c34ed9223ef8c37450ea65abc9db1e3c
access-control-allow-origin
https://www.heraldsun.com.au
content-length
35
akamai-grn
0.d8d5ce17.1729739938.2d22e6ad
x-pinterest-rid
6304841480053782
hit.gif
au-script.dotmetrics.net/ 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13063&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&dom=www.heraldsun.com.au&r=1729739938312&pvs=1&ecid=8cad73b4-0e47-4a5e-95fd-0aa7a642864b&c=true&tzOffset=-120&doorUrl=http%3a%2f%2fau-script.dotmetrics.net%2fdoor.js%3fid%3d13063&dfph=&ver=323
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-12.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
dotmetrics-hit-status
01 OK
via
1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
x-amz-cf-id
jm3666LMog2P27RmyGE_4cDWOK-xTzjFQxCLor1dCOcpS77p6NNceQ==
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
image/gif
x-amz-cf-pop
FRA56-P11
server
Kestrel
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13063&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&dom=www.heraldsun.com.au&r=1729739938312&pvs=1&pvid=8cad73b4-0e47-4a5e-95fd-0aa7a642864b&c=true&tzOffset=-120
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1400:d:5ce3:a4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=86400
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
age
51213
via
1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
807
x-amz-cf-id
hAGwmCtRIjMe71EBFmtJHEZkft84AcnC-P44Jhc8R8tzwuB1grfYhA==
date
Wed, 23 Oct 2024 13:05:26 GMT
content-type
image/gif
last-modified
Tue, 18 Apr 2023 12:25:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
page
rs.fullstory.com/rec/ 		89 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
8320c7d5d3bbb039d7c89db27da62c5e89a687b826dd373ebcfc29bc0a6527e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.heraldsun.com.au
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
text/plain; charset=utf-8
messages
dsf.newscorpaustralia.com/dailytelegraph/wp-json/dsf-api/ Frame 4FD4 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dsf.newscorpaustralia.com/dailytelegraph/wp-json/dsf-api/messages
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/1.14.17/91.js?61d4035fcf371e06b2b2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
56bc687b2a58d0145a7ab051dba9a1c8d64ff4bc048122726ed0960686e6d2e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://subscriptions.heraldsun.com.au/

Response headers

x-robots-tag
noindex
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
content-encoding
br
x-content-type-options
nosniff
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
x-cache
EXPIRED
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link
<https://dsf.newscorpaustralia.com/dailytelegraph/wp-json/>; rel="https://api.w.org/"
cache-control
max-age=60
x-rq
hhn1 111 253 443
access-control-allow-credentials
true
allow
GET
accept-ranges
bytes
access-control-allow-origin
https://subscriptions.heraldsun.com.au
server
nginx
/
px.ads.linkedin.com/wa/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 81AAFADB05DE437BA7359E3D38FEF9A5 Ref B: FRAEDGE1219 Ref C: 2024-10-24T03:18:58Z
x-li-fabric
prod-ltx1
access-control-allow-credentials
true
x-li-uuid
AAYlMHaaBWUmfQQr3Pp6Ug==
x-li-proto
http/2
access-control-allow-origin
https://www.heraldsun.com.au
x-cache
CONFIG_NOCACHE
date
Thu, 24 Oct 2024 03:18:58 GMT
vary
Origin
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20241022/r20110914/ Frame 41E6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241022/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
fdadeba727a1fc1ca6763f597ce67219913281b9941dd02b49e235eaed22d602
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
15219943357344529307
age
47193
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 14:12:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 23 Oct 2024 14:12:25 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9340
x-xss-protection
0
server
cafe
/
marketingplatform.google.com/about/enterprise/ Frame 41E6
Redirect Chain
  • https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst9npQyY9BSJ3fsO4T6ECXFX16RBaq73osXTZUksmN5OLrgOCCC9c8QJ-ZadWPKYjUbAXqaHhVUlCfeH_97GLV2Vd2stjUwn91BBIoQK_vDPqSqkd5n7h_Sn-08iU32_HWE--rxO6Tzfw...
  • https://m.doubleclick.net/
  • https://marketingplatform.google.com/about/enterprise/
0
0
truncated
/ Frame 41E6 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2037eed7d5c8f6e3489bd454f920a31bb05633d1a995050fed8e9de6785cacc2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
p
tr.snapchat.com/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
6
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.heraldsun.com.au
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 24 Oct 2024 03:18:58 GMT
server
API Gateway
/
www.googleadservices.com/pagead/conversion/994679518/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/994679518/?random=1729739938485&cv=11&fst=1729739938485&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EWnBCMmk4P0DEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&did=dYmQxMT&gdid=dYmQxMT&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-994679518&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a7a62727b419b1c1bf2bc043ad700dd9c51521427abeea39bb4b92ceddf421e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2899
date
Thu, 24 Oct 2024 03:18:58 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
994679518
google.com/ccm/form-data/ 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://google.com/ccm/form-data/994679518?gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&userId=merkletest&did=dYmQxMT&gdid=dYmQxMT&npa=1&frm=0&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-994679518&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:57:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:57:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.heraldsun.com.au
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
text/plain
server
Golfe2
/
www.googleadservices.com/pagead/conversion/994679518/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/994679518/?random=1729739938498&cv=11&fst=1729739938498&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EWnBCMmk4P0DEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&did=dYmQxMT&gdid=dYmQxMT&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-994679518&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
826011b9e66864e30797060e3d0f6f54195b2c212cea4ceebfde81c5992bb797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2928
date
Thu, 24 Oct 2024 03:18:58 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
/
www.googleadservices.com/pagead/conversion/994679518/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/994679518/?random=1729739938501&cv=11&fst=1729739938501&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EgqJCNeJ1tgBEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&oid=7590808250529597&userId=merkletest&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dgenerate_lead&em=tv.1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-994679518&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
577b3d6e661b973b9fac1caab476349aacac1db31ae1af0dba93a2d4b981c69c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
3098
date
Thu, 24 Oct 2024 03:18:58 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
script.js
au-script.dotmetrics.net/Scripts/ 		73 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=323
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13063
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-12.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
6655ef3bf169f6c264ac3247a09836d290d04bd308c2a8119b637eabfe0a7ba9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-cf-pop
FRA56-P11
content-encoding
br
etag
"1db2085fe7f550e"
via
1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
oSs2KEIXDIq9iNr7VZTfgCOHaPolV-bLroJzS40Ih21ShX71KbGfxg==
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
text/javascript
last-modified
Thu, 17 Oct 2024 11:16:21 GMT
vary
Accept-Encoding
server
Kestrel
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.5.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=42185201781804306812823187017016641722&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=newsnkidcookie%018064d63502ec111a3a539c7ecd7a9e89%011&ts=1729739938549
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.48.129.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-129-25.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
92f937273561bc84c925c82863e1378fdf9019815efcc1e342043b9c74183000
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-2-v067-0467c7a7f.edge-irl1.demdex.com 3 ms
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
x-tid
mxn1eYzKSIY=
expires
Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin
https://www.heraldsun.com.au
content-length
1561
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
application/json;charset=utf-8
vary
Origin
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/999005967/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/999005967/?value=1.00&label=NB48CPnUqQgQj76u3AM&guid=ON&script=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Thu, 24 Oct 2024 03:18:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
ct.pinterest.com/v3/ 		35 B
790 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?event=lead&ed=%7B%22lead_type%22%3A%22test%22%2C%22event_id%22%3A%22c2d76688a215f46f12534db58f2b25cc%22%7D&tid=2612777586108&cb=1729739938564&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22opt_out_type%22%3A%22%22%2C%22st%22%3A%22%22%2C%22country%22%3A%22%22%2C%22np%22%3A%22tealium%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.738.js?utv=ut4.46.202403150214
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-pinterest-rid-128bit
be25ba821652bebaefceafbdfa36fe57
expires
Sat, 01 Jan 2000 00:00:00 GMT
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
image/gif
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pinterest-version
4c367255c34ed9223ef8c37450ea65abc9db1e3c
access-control-allow-origin
https://www.heraldsun.com.au
content-length
35
akamai-grn
0.d8d5ce17.1729739938.2d22e9bd
x-pinterest-rid
1727994205074875
collect
n.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/

Response headers

Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Thu, 24 Oct 2024 03:18:58 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
p
tr6.snapchat.com/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7628:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.heraldsun.com.au/

Response headers

via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 24 Oct 2024 03:18:58 GMT
x-envoy-upstream-service-time
1
server
API Gateway
/
www.google.de/pagead/1p-conversion/994679518/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994679518/?random=923558901&cv=11&fst=1729739938485&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l...
  • https://www.google.com/pagead/1p-conversion/994679518/?random=923558901&cv=11&fst=1729739938485&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&d...
  • https://www.google.de/pagead/1p-conversion/994679518/?random=923558901&cv=11&fst=1729739938485&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dm...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/994679518/?random=923558901&cv=11&fst=1729739938485&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EWnBCMmk4P0DEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&did=dYmQxMT&gdid=dYmQxMT&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSidldmVudC1zb3VyY2UsIHRyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI8obetIemiQMVZomDBx3THgazMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1L0JYQ2hFSThMM2l1QVlRcXNIeG9QaTU5Wm55QVJJdEFJWEVSNGJhNlNqT3pLOVhPS3hyRlBIQ0V0R3h1Vm9pTGVCVmNlZG9TenpKWmlBWnlpTVVLS0E5d2FGNw&is_vtc=1&cid=CAQSKQDpaXnflxbJ_n0quUN-KJoHaPGpVkTU_JgRk4uJN9NKFIkwq7Pl9Wd2&random=612493173&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H3
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 03:18:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.de/pagead/1p-conversion/994679518/?random=923558901&cv=11&fst=1729739938485&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EWnBCMmk4P0DEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&did=dYmQxMT&gdid=dYmQxMT&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSidldmVudC1zb3VyY2UsIHRyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI8obetIemiQMVZomDBx3THgazMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1L0JYQ2hFSThMM2l1QVlRcXNIeG9QaTU5Wm55QVJJdEFJWEVSNGJhNlNqT3pLOVhPS3hyRlBIQ0V0R3h1Vm9pTGVCVmNlZG9TenpKWmlBWnlpTVVLS0E5d2FGNw&is_vtc=1&cid=CAQSKQDpaXnflxbJ_n0quUN-KJoHaPGpVkTU_JgRk4uJN9NKFIkwq7Pl9Wd2&random=612493173&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 03:18:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.de/pagead/1p-conversion/994679518/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994679518/?random=1760990111&cv=11&fst=1729739938498&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2...
  • https://www.google.com/pagead/1p-conversion/994679518/?random=1760990111&cv=11&fst=1729739938498&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&...
  • https://www.google.de/pagead/1p-conversion/994679518/?random=1760990111&cv=11&fst=1729739938498&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&d...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/994679518/?random=1760990111&cv=11&fst=1729739938498&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EWnBCMmk4P0DEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&did=dYmQxMT&gdid=dYmQxMT&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJDJsQJKJ2V2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMIm4betIemiQMVbo6DBx1rGxUCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1L0JYQ2hFSThMM2l1QVlRcXNIeG9QaTU5Wm55QVJJdEFJWEVSNFlpLTI1Sld6NlFPMHdBS1RVcXp6MWhEU29QUzRLUDBXUlJlXzNGWDhMWEkwQUxUVUVzR3dwQQ&is_vtc=1&cid=CAQSKQDpaXnf7DLN0Mw2hP1Qwk9emrEG6y70DHj5JUGiFs83DKndp-1tvQMR&random=2165163364&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H3
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 03:18:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.de/pagead/1p-conversion/994679518/?random=1760990111&cv=11&fst=1729739938498&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EWnBCMmk4P0DEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&did=dYmQxMT&gdid=dYmQxMT&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJDJsQJKJ2V2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMIm4betIemiQMVbo6DBx1rGxUCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1L0JYQ2hFSThMM2l1QVlRcXNIeG9QaTU5Wm55QVJJdEFJWEVSNFlpLTI1Sld6NlFPMHdBS1RVcXp6MWhEU29QUzRLUDBXUlJlXzNGWDhMWEkwQUxUVUVzR3dwQQ&is_vtc=1&cid=CAQSKQDpaXnf7DLN0Mw2hP1Qwk9emrEG6y70DHj5JUGiFs83DKndp-1tvQMR&random=2165163364&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 03:18:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.de/pagead/1p-conversion/994679518/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994679518/?random=1786628489&cv=11&fst=1729739938501&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2...
  • https://www.google.com/pagead/1p-conversion/994679518/?random=1786628489&cv=11&fst=1729739938501&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&...
  • https://www.google.de/pagead/1p-conversion/994679518/?random=1786628489&cv=11&fst=1729739938501&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&d...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/994679518/?random=1786628489&cv=11&fst=1729739938501&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EgqJCNeJ1tgBEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&userId=merkletest&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dgenerate_lead&em=tv.1&fmt=3&ct_cookie_present=false&eoid=Cj8KEAjwveK4BhC33p6y7fSW_kMSKwB8d7b8A1Qv7BBZqRQjqC486w6f38-Xkod-jw2v1b2O-_0oLRiuE2dPJnLw_wcB&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIg4HetIemiQMVLYmDBx2G_wk-MmAIAyIGCAEQARgBKABKEwgTEAMaAUgwqZr17Us4AUBUWABKEwgTEAIaAUgwuIzSukc4AUBUWAFKEwgTEAIaAUgwtYzSukc4AUBUWABKEwgTEAIaAUgwtYzSukc4AUBUWAAyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLMgIIFTICCB8yAggTMgIIEjodaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS9CWENoRUk4TDNpdUFZUXFzSHhvUGk1OVpueUFSSXRBSVhFUjRiZGFPeFBnLWxaV0VSZGF5TEpSRVpMQXQ5OWVzZVVZUHktOUU4eF9PenVRa2RPcnR4dFY2WEs&is_vtc=1&cid=CAQSKQDpaXnfAP1ggFjNIyH-9mIfYdO8iqFeSleJX3mM0hbtvmRBME70LxqY&random=2489318493&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Protocol
H3
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 03:18:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.de/pagead/1p-conversion/994679518/?random=1786628489&cv=11&fst=1729739938501&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9117567851za200zb9185837162&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&label=EgqJCNeJ1tgBEN61ptoD&hn=www.googleadservices.com&frm=0&tiba=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&userId=merkletest&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&npa=1&pscdl=noapi&auid=46759931.1729739938&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dgenerate_lead&em=tv.1&fmt=3&ct_cookie_present=false&eoid=Cj8KEAjwveK4BhC33p6y7fSW_kMSKwB8d7b8A1Qv7BBZqRQjqC486w6f38-Xkod-jw2v1b2O-_0oLRiuE2dPJnLw_wcB&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIg4HetIemiQMVLYmDBx2G_wk-MmAIAyIGCAEQARgBKABKEwgTEAMaAUgwqZr17Us4AUBUWABKEwgTEAIaAUgwuIzSukc4AUBUWAFKEwgTEAIaAUgwtYzSukc4AUBUWABKEwgTEAIaAUgwtYzSukc4AUBUWAAyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLMgIIFTICCB8yAggTMgIIEjodaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS9CWENoRUk4TDNpdUFZUXFzSHhvUGk1OVpueUFSSXRBSVhFUjRiZGFPeFBnLWxaV0VSZGF5TEpSRVpMQXQ5OWVzZVVZUHktOUU4eF9PenVRa2RPcnR4dFY2WEs&is_vtc=1&cid=CAQSKQDpaXnfAP1ggFjNIyH-9mIfYdO8iqFeSleJX3mM0hbtvmRBME70LxqY&random=2489318493&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 03:18:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
s16143393446586
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.25.0/ 		43 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.25.0/s16143393446586
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.222 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-222.data.adobedc.net
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.heraldsun.com.au/

Response headers

etag
3714588234176724992-4618236753556887318
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 03:18:58 GMT
p3p
CP="This is not a P3P policy"
date
Thu, 24 Oct 2024 03:18:58 GMT
last-modified
Fri, 25 Oct 2024 03:18:58 GMT
vary
*
content-type
image/gif;charset=utf-8
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, max-age=0, no-transform, private
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://www.heraldsun.com.au
content-length
43
x-xss-protection
1; mode=block
server
jag
/
ct.pinterest.com/v3/ 		35 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22lead_type%22%3A%22test%22%2C%22event_id%22%3A%225998d54925e52e513acbaa82cad1b8ec%22%7D&tid=2612777586108&cb=1729739938670&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22opt_out_type%22%3A%22%22%2C%22st%22%3A%22%22%2C%22country%22%3A%22%22%2C%22np%22%3A%22tealium%22%2C%22pin_unauth%22%3A%22dWlkPU1qWm1aak5qTXpndE1qbGpNQzAwTXpjNUxUa3hNalF0TkdRd1lUY3lPREZqT1dReg%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.738.js?utv=ut4.46.202403150214
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-pinterest-rid-128bit
5970d4e2405bf411a9f46ab3c801064a
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=600
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
image/gif
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
quic-version
0x00000001
pinterest-version
4c367255c34ed9223ef8c37450ea65abc9db1e3c
access-control-allow-origin
https://www.heraldsun.com.au
content-length
35
akamai-grn
0.d5d5ce17.1729739938.2a630724
x-pinterest-rid
1224653060711442
275.js
subscriptions.heraldsun.com.au/caas/1.14.17/ Frame 4FD4 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/caas/1.14.17/275.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/1.14.17/runtime~main.js?61d4035fcf371e06b2b2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5bbdd0b14fe08d649a30f8f4ef8056c066d02b9b05d5c5c2b117c4a2c20aa28e
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc

Response headers

strict-transport-security
max-age=600
cache-control
max-age=1
content-encoding
gzip
etag
"260aa097a6a5437bd2ea102b6f07e474"
accept-ranges
bytes
content-length
8741
x-amz-cf-id
pCvFyIuTquaVl3VD4MYRZmDT-tQcRkuvHaxiC-AiAV5kGYU-JZM9wQ==
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
text/javascript
last-modified
Mon, 09 Sep 2024 05:12:36 GMT
vary
Accept-Encoding
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
33.js
subscriptions.heraldsun.com.au/caas/1.14.17/ Frame 4FD4 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/caas/1.14.17/33.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/1.14.17/runtime~main.js?61d4035fcf371e06b2b2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1905a3a51386c37ac4d0e2ee7e879bf91cbd90812085618d1078ead6d2b4e566
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc

Response headers

strict-transport-security
max-age=600
cache-control
max-age=1
content-encoding
gzip
etag
"5399d96cdeff7b8709b57d11a3a76090"
accept-ranges
bytes
content-length
2541
x-amz-cf-id
VFwsF_1U4CrzTnJ_CiNsxYIG5BAMDKg3_MSmYwqZ40uPWl0Gymg_Qw==
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
text/javascript
last-modified
Mon, 09 Sep 2024 05:12:36 GMT
vary
Accept-Encoding
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
598.async.js
subscriptions.heraldsun.com.au/caas/1.14.17/ Frame 4FD4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/caas/1.14.17/598.async.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/1.14.17/runtime~main.js?61d4035fcf371e06b2b2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fbf7a4f784ee3fc893f5c036fdabf5055596322971976baf5758c8477abf229a
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc

Response headers

strict-transport-security
max-age=600
cache-control
max-age=1
content-encoding
gzip
etag
"0f4bca454f3ee439c77c4ce1c7c75375"
accept-ranges
bytes
content-length
5567
x-amz-cf-id
QvyW2LCwOzxy90sTYrx26Djh_GjhBdW1kHie6CCraxXOQiGXDpL-2w==
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
text/javascript
last-modified
Mon, 09 Sep 2024 05:12:36 GMT
vary
Accept-Encoding
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
726.async.js
subscriptions.heraldsun.com.au/caas/1.14.17/ Frame 4FD4 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/caas/1.14.17/726.async.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/1.14.17/runtime~main.js?61d4035fcf371e06b2b2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0d46819b2dc3ae9d345b0e5610efc6c5a31c8456da74dcfadcf9174c1b18b2f4
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc

Response headers

strict-transport-security
max-age=600
cache-control
max-age=1
content-encoding
gzip
etag
"e04ee3a5cbfb96fe55ac47ffaa27f797"
accept-ranges
bytes
content-length
12620
x-amz-cf-id
y_54xHDcl0u82bMRQT3f74S_Xh3AJkqd-UDEUhNTA_D-BEcaD66Ovg==
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
text/javascript
last-modified
Mon, 09 Sep 2024 05:12:36 GMT
vary
Accept-Encoding
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
64.async.js
subscriptions.heraldsun.com.au/caas/1.14.17/ Frame 4FD4 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/caas/1.14.17/64.async.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/1.14.17/runtime~main.js?61d4035fcf371e06b2b2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
48a3f84ea4caa46ac70fbcd875af51f7e49ce32a2a314e8bd74676ff9a952481
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc

Response headers

strict-transport-security
max-age=600
cache-control
max-age=1
content-encoding
gzip
etag
"e854f0f41abef92a6d8871dd4d233d71"
accept-ranges
bytes
content-length
4457
x-amz-cf-id
Jkl6S2kaZ38IQzmTOhRmnkDUIGqaMV7BXciIksk91qLiVFsDlbD1AA==
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
text/javascript
last-modified
Mon, 09 Sep 2024 05:12:36 GMT
vary
Accept-Encoding
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
865.async.js
subscriptions.heraldsun.com.au/caas/1.14.17/ Frame 4FD4 		127 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/caas/1.14.17/865.async.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/1.14.17/runtime~main.js?61d4035fcf371e06b2b2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
33004845b37414421e4a655248d691679f1b66736491efc18d62f6aa9209992a
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc

Response headers

strict-transport-security
max-age=600
cache-control
max-age=1
content-encoding
gzip
etag
"4f751f5e00aaa924d6acc11472d19ebc"
accept-ranges
bytes
content-length
49920
x-amz-cf-id
r5ZMZAv24ivskHEhS3dVLXS6NW5jxcjdS2uoGfQ4XaUwDac2NlkHDg==
date
Thu, 24 Oct 2024 03:18:58 GMT
content-type
text/javascript
last-modified
Mon, 09 Sep 2024 05:12:36 GMT
vary
Accept-Encoding
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
p
tr.snapchat.com/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.heraldsun.com.au
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 24 Oct 2024 03:18:58 GMT
server
API Gateway
up
insight.adsrvr.org/track/ Frame 8C40 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&upid=trk7f24&upv=1.1.0&paapi=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length
0
content-type
text/html
date
Thu, 24 Oct 2024 03:18:58 GMT
server
Kestrel
up
insight.adsrvr.org/track/ Frame E945 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&upid=ekg5qxt&upv=1.1.0&paapi=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length
0
content-type
text/html
date
Thu, 24 Oct 2024 03:18:58 GMT
server
Kestrel
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202410210101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
22c5b58d15f97ac4eafde7ab33f8904d47f71736d86c68ff0e4b9929ac07ad96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12988
date
Thu, 24 Oct 2024 03:18:58 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
token_create.js
ct.pinterest.com/static/ct/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=7200
content-encoding
gzip
etag
"16d5d552603d86726ae439fc61299d42"
x-cdn
akamai
quic-version
0x00000001
alt-svc
h3=":443"; ma=600
content-length
2114
date
Thu, 24 Oct 2024 03:18:58 GMT
akamai-grn
0.d5d5ce17.1729739938.2a63099f
content-type
application/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
ct.html
ct.pinterest.com/ Frame 0329 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

akamai-grn
0.d8d5ce17.1729739938.2d22ec42
alt-svc
h3=":443"; ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Thu, 24 Oct 2024 03:18:58 GMT
pinterest-version
4c367255c34ed9223ef8c37450ea65abc9db1e3c
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
1067476470078791
x-pinterest-rid-128bit
a2ba380d7a3311710ed070319d2260d5
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?r=1729739938908&v=eyJpZCI6MTMwNjMsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS9zdWJzY3JpYmUvbmV3cy8xLz9zb3VyY2VDb2RlPUhTV0VCX1dSRTE3MF9hJmRlc3Q9aHR0cHMlM0ElMkYlMkZ3d3cuaGVyYWxkc3VuLmNvbS5hdSUyRnZpY3RvcmlhLWVkdWNhdGlvbiUyRmNhdGhvbGljLXNjaG9vbC1naXJscy1mcm9tLXNhY3JlLWNvZXVyLWluLWdsZW4taXJpcy1kcmVzcy1hcy1yb25hbGQtbWNkb25hbGQtZm9yLW11Y2t1cC1kYXktcHJhbmslMkZuZXdzLXN0b3J5JTJGMmY0ZDEzMDhkNTY0ZDM1YzY2MGJhODFkOWZkODM4MzAmbWVtdHlwZT1hbm9ueW1vdXMmbW9kZT1wcmVtaXVtJnYyMT1HUk9VUEEtU2VnbWVudC0xLU5PU0NPUkUiLCJydXJsIjoiIiwiZWNpZCI6IjhjYWQ3M2I0LTBlNDctNGE1ZS05NWZkLTBhYTdhNjQyODY0YiIsImRjIjoiMDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAwIiwidmVyIjozMjMsImRmcGgiOiIiLCJ0ek9mZnNldCI6LTEyMCwib3NzIjp0cnVlLCJvc2VzIjp0cnVlfQ%3D%3D
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-12.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
50dd061858aa0dc0daf55a63eb19648304b598750969a3016c6259868bbc3e8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
content-encoding
br
via
1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
x-amz-cf-id
96HokxiePMwV9pL-JKI3fYS1zmFc1A6HdxbQOfxxhHQPwG4Fr24V8w==
date
Thu, 24 Oct 2024 03:18:59 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Kestrel
x-amz-cf-pop
FRA56-P11
sodar2.js
tpc.googlesyndication.com/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 03:18:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 03:18:59 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
v3
js.stripe.com/ Frame 4FD4 		673 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/1.14.17/726.async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
326a12752cac5fbcda173445c3e88f1017cb3864d5d5bcebcd23493bfb113845
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/

Response headers

content-encoding
br
etag
W/"eac459705d35efc44a690251345e2ad3"
age
14
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
A1271NHd0V1yBZN3IIBbhIWCv54_W_SGTjbLo62fr_KgNz-L9odN0Q==
date
Thu, 24 Oct 2024 03:18:45 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 23 Oct 2024 20:47:45 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 da9618575b838f6c05697fe3f723a49e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P8
server
Cloudfront
api.js
www.google.com/recaptcha/ Frame 4FD4 		1 KB
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/1.14.17/64.async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
ESF /
Resource Hash
a81af07ad50923f765e10c20a726664fc064f590bd9ea05042f33c1b3ac9057e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 03:18:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Thu, 24 Oct 2024 03:18:59 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
imgNewsNetwork.jpg
subscriptions.heraldsun.com.au/caas/1.14.17/assets/ Frame 4FD4 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://subscriptions.heraldsun.com.au/caas/1.14.17/assets/imgNewsNetwork.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.150.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-150-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eee4b740fa1ca55446b70cfbdc4ce54b00362f9ccd61c3db2c5f6fe432c340ad
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc

Response headers

strict-transport-security
max-age=600
cache-control
max-age=899564
etag
"66e5b98efe47b4be5eea14745e58a730"
accept-ranges
bytes
content-length
35778
x-amz-cf-id
_aZzFqzkcLI_6M2x2RuM1Z5xHbaU6aN6aXRuUlhtmhV54fOyxMwNHA==
date
Thu, 24 Oct 2024 03:18:59 GMT
content-type
image/jpeg
last-modified
Mon, 09 Sep 2024 05:12:36 GMT
x-amz-cf-pop
BOM54-P2
x-amz-server-side-encryption
AES256
HS_SDO_P0419C_W04
commerceapi.news.com.au/offersapi/offers/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://commerceapi.news.com.au/offersapi/offers/HS_SDO_P0419C_W04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://subscriptions.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,X-Amzn-Trace-Id
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 24 Oct 2024 03:18:59 GMT
x-amz-apigw-id
AIpppFIjSwMErGQ=
x-amz-cf-id
XIFnuOfvHGfBC60TNXlOiXkU5MtOYWnI_xuNkzWKVzUu-dGOAPQ2IA==
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
f16b915e-13e6-48f4-86dc-86988bed5b3d
HS_SDO_P0419C_W04
commerceapi.news.com.au/offersapi/offers/ Frame 4FD4 		47 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://commerceapi.news.com.au/offersapi/offers/HS_SDO_P0419C_W04
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/caas/1.14.17/91.js?61d4035fcf371e06b2b2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
12d6af5792951a480ef755c2a9f19980442caf65650b87aadaf669b5c06c81b1
Security Headers
Name Value
Content-Security-Policy self
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://subscriptions.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-api-key
0iwH8Iq4KC9UZKpkJJn6B8SpM7MCC3tl35vR1WF9

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
self
content-encoding
gzip
x-amz-apigw-id
AIppxFu7ywMEDYg=
x-amzn-trace-id
Root=1-6719bca4-380d605f3fa0653c32d33cdb;Parent=5024af2c688a0286;Sampled=0;Lineage=1:3fb1b6ca:0
x-content-type-options
nosniff
x-amzn-requestid
1929d110-5dcc-4c61-8609-96e46681b071
access-control-allow-origin
*
content-length
12622
x-amz-cf-id
DdW0HAv5hGcarFvo9-EYJndsaqpkMtVyknpporFA7ODnAYhpyRF9mQ==
date
Thu, 24 Oct 2024 03:19:01 GMT
content-type
application/json
x-amz-cf-pop
FRA60-P3
vary
Accept-Encoding
x-frame-options
deny
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame A642 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1887
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 02:47:32 GMT
expires
Thu, 24 Oct 2024 03:37:32 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/ Frame 4FD4 		546 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
9361aaa99bd2f940d92294185a2f3d081c1bda58c28f031e7e6c6367f99c23af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://subscriptions.heraldsun.com.au
Referer
https://subscriptions.heraldsun.com.au/

Response headers

content-encoding
gzip
age
55192
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 11:59:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 11:59:07 GMT
last-modified
Mon, 14 Oct 2024 18:32:27 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
221971
x-xss-protection
0
server
sffe
controller-with-preconnect-f7e699adf48128d47a494d033dd86869.html
js.stripe.com/v3/ Frame 2C0B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-f7e699adf48128d47a494d033dd86869.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options nosniff

Request headers

Referer
https://subscriptions.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
22
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 24 Oct 2024 03:18:36 GMT
etag
"f7e699adf48128d47a494d033dd86869"
last-modified
Wed, 23 Oct 2024 20:08:23 GMT
origin-agent-cluster
?1
server
Cloudfront
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 efb576f3260fb935bd57cce721b78428.cloudfront.net (CloudFront)
x-amz-cf-id
TRqo51kGdqEQYQ1f1h1aGpDqL21UKMLRDORQiju-tTG0qjnspNTH4g==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
truncated
/ Frame 4FD4 		520 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
698b75b34c376b73b97acf42f0ec14f3554b420e658c4fe98d87721e4b5f7d8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 4FD4 		466 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e995c834f9cbb64904650cbb722ab0c92effb6c59cf493aa055fcc1fc0417a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
Charter_Bold.woff2
subscriptions.news.com.au/media/fonts/Charter/ Frame 4FD4 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://subscriptions.news.com.au/media/fonts/Charter/Charter_Bold.woff2
Requested by
Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-86.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45a844d6787e4364f8c0ab321b2d5680d48604886d045685b6bf9c582518db9d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://subscriptions.heraldsun.com.au
Referer
https://subscriptions.news.com.au/media/fonts/Charter/Charter.css

Response headers

access-control-max-age
3000
x-amz-version-id
1b6Z9wm5mjr_.l.HoLoCCXx3v3T_1CSx
etag
"d7b524ce6a47a156d5f7767297b358f7"
age
78350
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
4AQ1eRwISBVPOHH5wJsWwbv6V9pqmgj_ypu3LxImmj777DKp8Ba4EQ==
date
Wed, 23 Oct 2024 05:33:10 GMT
content-type
binary/octet-stream
last-modified
Wed, 23 Sep 2020 08:43:11 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
11024
x-amz-cf-pop
FRA50-C1
server
AmazonS3
SourceSansPro-Regular.woff2
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame 4FD4 		0
0
SourceSansPro-Regular.woff
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame 4FD4 		122 KB
122 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff
Requested by
Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-86.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16195932a322941f8ab596cd871ea6711727114816604b7b3b9cef6151e116b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://subscriptions.heraldsun.com.au
Referer
https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css

Response headers

access-control-max-age
3000
x-amz-version-id
hyTeiSdiLXMTlxtBmXSWjZcOot_pN2JS
etag
"81daed0d0e384a1a42f4a73fc5ccf759"
age
72004
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
_yc1qwKaTLAfmznbHJmcv5S8nnpR0t1rK6yS9z0SfpZqajGBug-e7Q==
date
Wed, 23 Oct 2024 07:26:41 GMT
content-type
application/font-woff
last-modified
Wed, 23 Sep 2020 08:43:40 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
124500
x-amz-cf-pop
FRA50-C1
server
AmazonS3
anchor
www.google.com/recaptcha/api2/ Frame 5DE5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly9zdWJzY3JpcHRpb25zLmhlcmFsZHN1bi5jb20uYXU6NDQz&hl=de&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=nggxts4svx0d
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-y0Q6tea7W4cwtGWPuV54fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subscriptions.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-y0Q6tea7W4cwtGWPuV54fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 03:18:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 77BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly9zdWJzY3JpcHRpb25zLmhlcmFsZHN1bi5jb20uYXU6NDQz&hl=de&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&badge=inline&cb=p59fz5lpjksv
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EM9EyHBTqatXA8qLCJJxFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subscriptions.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-EM9EyHBTqatXA8qLCJJxFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 03:18:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
heraldsun-32x32-1.png
dsf.newscorpaustralia.com/heraldsun/wp-content/uploads/sites/67/2021/06/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dsf.newscorpaustralia.com/heraldsun/wp-content/uploads/sites/67/2021/06/heraldsun-32x32-1.png?w=32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:423a , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cd65635630c32561e59a700e5a81b3a32e5e5063bfd20bd8624fa7c0daa4d5d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
x-rq
hhn1 109 83 443
etag
"4dda6718dd8a99c4"
accept-ranges
bytes, bytes
x-cache
HIT
content-length
1054
date
Thu, 24 Oct 2024 03:18:59 GMT
content-type
image/webp
last-modified
Sun, 07 Jul 2024 23:56:19 GMT
server
nginx
vary
Accept
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
collect
n.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/

Response headers

Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Thu, 24 Oct 2024 03:18:59 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_subscribe_S&asn=subscribe&fp_id=qoolfoh49wq2knvcw8rgv33isyjw71729739938&fp_cr_tm=1729739938237&fp_acc_tm=1729739938237&fp_emm_tm=1729739938237&ve_id=&sessionId=wvymwwmg3wk6vokkzmtgegytcrc8e1729739938&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,subscription&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,cfoyulyoc3ltfpghjgerj4ldpy6av1729739938&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,17297399382358951&c30=bldv,6.0.0.673&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1729739937813&c3=st,c&c64=starttm,1729739939&adid=1729739937813&c58=isLive,false&c59=sesid,&c61=createtm,1729739939&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d1308d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&c66=mediaurl,&sdd=&c62=sendTime,1729739939&rnd=419010
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.72.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-72-162.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
cross-origin-resource-policy
cross-origin
access-control-allow-methods
POST, OPTIONS
expires
Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin
*
content-length
44
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
date
Thu, 24 Oct 2024 03:19:00 GMT
content-type
image/gif
server
nginx
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/999005967/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/999005967/?value=1.00&label=fBbQCIHUqQgQj76u3AM&guid=ON&script=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Thu, 24 Oct 2024 03:19:01 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/999005967/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/999005967/?value=1.00&label=NB48CPnUqQgQj76u3AM&guid=ON&script=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Thu, 24 Oct 2024 03:19:01 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
s13075926604026
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.25.0/ 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.25.0/s13075926604026?AQB=1&ndh=1&pf=1&t=24%2F9%2F2024%205%3A19%3A1%204%20-120&cid.&newsnkidcookie.&id=8064d63502ec111a3a539c7ecd7a9e89&as=1&.newsnkidcookie&.cid&vid=8064d63502ec111a3a539c7ecd7a9e89&mid=42185201781804306812823187017016641722&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Csops%7Cshopfront%7Cbreach%2Bshopfront&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fvictoria-education%252Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%252Fnews-story%252F2f4d13&cc=AUD&events=event8%2Cevent19&v1=news%20corp%20au&v2=herald%20sun&v3=herald%20sun%20web&v4=sops&v5=subscription&v6=customer%20details&v9=breach%2Bshopfront&v10=D%3DpageName&v11=D%3Dvid&v12=not%20set&v14=anonymous&v22=2%3A18%20PM%7CThursday&v24=New&v34=D%3Dg&v38=HS_SDO_P0419C_W04&v77=D%3Dmid&pe=lnk_o&pev2=event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=08d564d35c660ba81d9fd83830%26memtype%3Danonymous%26mode%3Dpremium%26v21%3DGROUPA-Segment-1-NOSCORE&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&lrt=165&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.222 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-222.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, max-age=0, no-transform, private
pragma
no-cache
etag
3714588238863269888-4618494946243090811
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 03:19:01 GMT
access-control-allow-origin
*
p3p
CP="This is not a P3P policy"
content-length
43
date
Thu, 24 Oct 2024 03:19:01 GMT
x-xss-protection
1; mode=block
last-modified
Fri, 25 Oct 2024 03:19:01 GMT
vary
*
server
jag
content-type
image/gif;charset=utf-8
SourceSansPro-SemiBold.woff2
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame 4FD4 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-SemiBold.woff2
Requested by
Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-86.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d5be1300b44db64be1a50224d95e5c9ed1809b44887d06eca12365fe09875f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://subscriptions.heraldsun.com.au
Referer
https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css

Response headers

access-control-max-age
3000
x-amz-version-id
HkmbYkNu5MZeNRmr5pf04rqDRWgMyTAI
etag
"d0b9da7413bfb1500e9284dfadfeb86a"
age
8464
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
C5Tzsa_5h7C8wAky2ilehhv0BrIcTq-Jmq5gqBT-E3a47iujpjRvfw==
date
Thu, 24 Oct 2024 01:03:15 GMT
content-type
binary/octet-stream
last-modified
Wed, 23 Sep 2020 08:43:42 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
83828
x-amz-cf-pop
FRA50-C1
server
AmazonS3
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 21B5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3430
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 24 Oct 2024 02:21:53 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 18 Oct 2024 20:04:43 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7011da69940360ddebc87f61490ffecc.cloudfront.net (CloudFront)
x-amz-cf-id
vcRyXA7ySaRx1n0lPx3tDm8jhN4xDUFs41e3ZIvYSDp1JpfRmq_LfQ==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/csp-reports
Domain
marketingplatform.google.com
URL
https://marketingplatform.google.com/about/enterprise/
Domain
subscriptions.news.com.au
URL
https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202410210101&jk=4499531545093443&bg=!XF-lXxDNAAbl67hexes7ADQBe5WfOFkT_8AWK01GBapDzNTuEs8k0eaFvM2RSR4HCyA95d75XtIq2BwdOvQ0DUuxVXRbAgAAAFNSAAAAAmgBB34ANsgDn_G-Bc_5ch_4ny26XhyaTUGk_Y54MAjqpTvawvlEPN0oJJ2zLgVrBlXR8JLcZMfI2ExneJkCmr68Pcbfk8vJjrynquwq7JHadxcTKTrqALxnmx8hTyYfSObhY4Qm1mwRM_B1HMed-Xw0W-1LQNbzQvcZEQWhZOMGGVfcyCe-7EZtnmHbRaUM5nzPEvZsTPEZtvxZyOVL8yF9pSzrCRRV25KTCdbAficCS7W19LGwKDYRuvd2-vyAHmqMn3airKuvFrFN8gOqGf96llWMNoH5z2YEbIuZkzYYaxFZbHQCcXW9P0ZX5D3hsiPD3e9etUr8IUb_hsvFhMUO_wAT9cp6fjkPNFnInHBiHZBMzwGHU0EsAmFQsXdPJeI00qtyOBDQRo_I9wifeWCesFyIBv4VNGIZ9cnNbMKX84eFaByWYAYMW5cJ9y2k-9uLgWJ_0TpNeJoKWaUcELtmiH6fMF4ocWlYH6LNdM3xXTp2rVKglM6wVwxo5R3KV3SR-QEVnSwLeSJ3RAugIJUD0NpDyyR1y0pa70m3bb0TpfQBxYb6L4WsTCDWjKvXPgAOvyoeMwgZOXvaOXRzuCF_-lhvXYkuLLgd4tn-8hhl_UV-p-4OryMykkKOiQnHgsEc7-rYOd65o8GQHZltCWSqYvViWWjeKvq8bB4_DGQp8zVWp0_DC8fhIvKmljyhtjbEhA77c1nDhlK7mN8Em43Fz7UPSgFBeX5q-g5BXGAAkNNQ7GL_sRHRUDlQpo9nrTBHYTcOdNoAI3Lk0bPyHv0B_KPLw3YLv6SW2m1taPrJKO5JEKC_A_lFyLZYLRC7FcIYmInfb7PeNE_hNuaoJkXhSnFG485EzKK99EOfRaUqBE4uotFb-PZYYdQMXkwvd016V2mhSUIGh7wmMxzTxFnIAFSS0Z4O_7cgUBaLi-DHMHhh8n9N5JtL3ypiQOsLGfet4kFK8WTBOw

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 function| jQuery object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr function| GeaLoader function| CaasLoader boolean| cassLoaded object| dsf function| st_go function| linktracker_init object| wpcom object| _stq function| webpackHotUpdate object| regeneratorRuntime function| Rampart boolean| rampartLoaded object| auth object| loginStatusPromise object| optimizely string| urhehlevkedkilrobacf object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor object| mconfig object| utag_err object| w object| wut object| domains object| scMatch object| modeMatch object| abtest number| num string| val object| ud string| domainPattern object| utag function| getQueryParam function| containsDomain function| _tealium_old_error object| utag_cfg_ovrd object| nb object| utag_cfg object| uetq object| ads_api number| gptPluginLoaded object| SUBSCRIPTIONS object| SWG object| webpackChunkStripeJSouter function| noop function| Stripe number| _sf_startpt object| _sf_async_config number| _sf_endpt object| _cbq object| sectionData boolean| cb_ad_run function| snaptr string| gtagRename object| dataLayer function| gtag function| twq function| _fs_ready string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent function| rdt object| md5 function| n function| pintrk object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| nca_ipsos object| dm object| ipsos_ready object| webpackChunk function| UET function| UET_init function| UET_push object| ueto_a6feaefc42 object| ads_core object| ads_extra object| apsPlayerSize string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| kw_ignore object| mready object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow function| DIL boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| ttd_dom_ready function| TTDUniversalPixelApi function| _TTDUniversalPixelApi object| ttdPixel object| _uid2SdkListenerLock function| setupUid2Sdk object| twttr function| redditNormalizeEmail object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| ads_ready object| google_reactive_ads_global_state function| lintrk boolean| _already_called_lintrk string| _linkedin_partner_id object| _linkedin_data_partner_ids object| _scPxHelper object| _scPxTeller string| _fs_loaded function| _fs_shutdown string| CE_USER_COMMON_SCRIPT_URL object| google_tag_manager number| google_unique_id function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents function| clarity object| clarityuetq boolean| DotMetricsInitScript object| ORIBILI object| GooglebQhCsO object| DotMetricsSettings object| tagConfig function| AppMeasurement_Module_Media function| AppMeasurement function| AppMeasurement_Module_ActivityMap object| s boolean| explicitPageView object| nr object| metrics function| cookieWrite function| cookieRead function| formatTime string| pageName function| p_fo string| ppvID object| __fo object| s_i_newscorpau-hsweb_newscorpau-global object| DotmetricsJSON object| DotMetricsObj object| GoogleGcLKhOms object| google_image_requests

74 Cookies

Domain/Path Name / Value
.heraldsun.com.au/victoria-education/catholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank/news-story Name: nk
Value: 8064d63502ec111a3a539c7ecd7a9e89
sc-static.net/scevent.min.js Name: X-AB
Value: cc8f398e6c2d4b84b15908c5e6ccf9a3
.bit.ly/ Name: _bit
Value: o9o3iP-40227708cd06a002a9-00s
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: 8064d63502ec111a3a539c7ecd7a9e89
.heraldsun.com.au/ Name: anonymous_token
Value: {%22entitlements%22:anon}
.heraldsun.com.au/ Name: nk_debug
Value: nk_not_set
.heraldsun.com.au/ Name: nk_ts
Value: 1729739934
.heraldsun.com.au/ Name: nk
Value: 8064d63502ec111a3a539c7ecd7a9e89
.heraldsun.com.au/ Name: bm_mi
Value: 69EF3EDC0F1BA68A43D8C1DC0D549132~YAAQiqEkF1PVq6+SAQAANtKIvBniXtQcZuSJyE2Vv5xUH/9VQ4ZGHQzdZw5Rzz2Qcog+FBF0pUm8dD8B5OF/iQ3+v7bSCcXuU+reAMi0iMAaSgshOyyZH2t2XxFAEVRvoSwcedAmkroR8ZFd11liYC/D9x/tLeEAJKesn2Zsi4RgTJvVw+GdtIcZ1D5n5Sx1QkXYKm3CAqeil5/t0tjq22xpVM4qeLaA+AbKiHKMShcFLWoXH1JeUdjCHqOBrJ48USddeABP2QweF6WzYW2PT5O6J7tolnhV43G9uGk0Woy4QgKRYrSnaaTxoHGbPmM8UN3rHOVvPRMQ7yheTG20OyeGmUY=~1
.heraldsun.com.au/ Name: bm_sv
Value: BE33A05E12ADDD7BAC49F8FF400B9509~YAAQiqEkF1TVq6+SAQAANtKIvBmxfErfo5tRe19ujjAH4bl+aLZCXWEgnrzFIjRmZzIKU/xk5QBZSpOxst5gz7+T3uzTAc35wK0BfbIUK8f1fKShiL+71n1Gt7oRV5GxBxQ6nXmJpVxikA4l0YU3Miqdi2p9Y8hKzgNJuqJWRLntsT7IopNMBxNyv602vCpE0sglV5qL5bP0Zx0GSnVCET47YoQezqYTAdQUzRhPxgCp/jDyjIzGWJxakKyzkUd53WBo4qpd~1
.heraldsun.com.au/ Name: session_token
Value: 1729739937025
.heraldsun.com.au/ Name: optimizelyEndUserId
Value: oeu1729739937253r0.19013943496455799
.demdex.net/ Name: demdex
Value: 42164209520822380192820789273780214176
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3A727e5425-299a-45bd-9da4-146a163ac736.L9Ahu8ex2qz%2BWL36uFapGFU%2FXqCK6GLzpEhJzfKhfdU
.heraldsun.com.au/ Name: utag_main
Value: v_id:0192bc88d78d005178b5d74f21e005065015505d00b08$_sn:1$_se:1$_ss:1$_st:1729741737678$ses_id:1729739937678%3Bexp-session$_pn:1%3Bexp-session
.dpm.demdex.net/ Name: dpm
Value: 42164209520822380192820789273780214176
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: d10b07cb-ff75-4122-9ab9-5969ab9d99dd.1729739938.1.1729739938.1729739938.1d67338d-6917-4f49-89da-373de4675c9c
.turn.com/ Name: uid
Value: 2683048650958282227
.heraldsun.com.au/ Name: _uetsid
Value: b509291091b611ef86ff6d3d70afa8df
.heraldsun.com.au/ Name: _uetvid
Value: b509c3d091b611ef9504dfe2835bc97d
www.heraldsun.com.au/ Name: AWSALB
Value: 0dFKiQdYHre2EjMTayqaXolGDRXf6yXJkO0wA7uFpYEUUZ8b3kdt023uB8zc5Bo7ZZ4eWhcz9+IlMDllaiNVA/GiT0+YRJaIkLiXyVns/Acyq6MLySLJXgDc18aq
www.heraldsun.com.au/ Name: AWSALBCORS
Value: 0dFKiQdYHre2EjMTayqaXolGDRXf6yXJkO0wA7uFpYEUUZ8b3kdt023uB8zc5Bo7ZZ4eWhcz9+IlMDllaiNVA/GiT0+YRJaIkLiXyVns/Acyq6MLySLJXgDc18aq
.heraldsun.com.au/ Name: ak_bmsc
Value: 0EE755EECBF031B74AC9A76027C4C50F~000000000000000000000000000000~YAAQiqEkF1rVq6+SAQAAl9iIvBl4F0yimq/dMkmH2niDernvF/oHUEvy1VOpG+KoBA1vI6Uf8+/E9NcWvgByTe/JmUQSJ+J8BuIMm10qfde8r7WCh0g53uR2Gnxv69/9EdvTCJEDLKeydNLib/m4t/3OWsVIr8139lONOnzSSr+zVdllizhnL1RsCTvlDsgxXVGEOc1xK81mh71pOf0IdpIn8ZSVXXub/wJwa4sy4c8OpFEx7I3UVUXnEijS5yjzhplZwKegzUjBZww5mGtRAoUtkktNoS6+Q/mqdUpV3pCbITL2sFc5vTfrn+RihFru9Xu2J66dO59lUWqLtpMKrxvHhlA2tHKNCpcMXeuschmh7q92xt7bjBEg+eip6zLki6ac8u5QSsSwaXcmolCyPSWMzxmlKc/y3sLN7B56yCYbbh3lltYv543afglXyb8PCt3G5B3y+xyil2N1BKJfdPvvjj8iqqWVyrkgm5VerKuucHbhLwQ9QEE3fvvEglchio+rwNf63zwbMkpmNE1wbA==
.heraldsun.com.au/ Name: _rdt_uuid
Value: 1729739938008.1cc2a38e-ae76-4592-89e5-b80da617d2ca
.heraldsun.com.au/ Name: _cb
Value: DoM0tXwop1MCVrupT
.heraldsun.com.au/ Name: _chartbeat2
Value: .1729739938020.1729739938020.1.CWDGKrBsG8hYD79OBgCRmelDBuThi0.1
.heraldsun.com.au/ Name: _cb_svref
Value: external
.bing.com/ Name: MUID
Value: 18601C4632F56EB328BE0964337E6F47
.doubleclick.net/ Name: IDE
Value: AHWqTUm65hQgbbAdS3ekooK8k_UjlT8eNsVvDDH3PrT25_ZhrP5iEEt3d2q0hMOmgmY
.heraldsun.com.au/ Name: _scid
Value: BaW-otIojGZZXrJmWB2CbRi6eiyb7qgR
.heraldsun.com.au/ Name: _scid_r
Value: BaW-otIojGZZXrJmWB2CbRi6eiyb7qgR
.twitter.com/ Name: guest_id_marketing
Value: v1%3A172973993813748768
.twitter.com/ Name: guest_id_ads
Value: v1%3A172973993813748768
.twitter.com/ Name: personalization_id
Value: "v1_HfKz2m+Zwi97dy91JSr+Vg=="
.twitter.com/ Name: guest_id
Value: v1%3A172973993813748768
.heraldsun.com.au/ Name: nol_fpid
Value: qoolfoh49wq2knvcw8rgv33isyjw71729739938|1729739938237|1729739938237|1729739938237
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.46759931.1729739938
.t.co/ Name: muc_ads
Value: df0dc062-fed9-416b-a9bd-a528c4938cfa
.t.co/ Name: __cf_bm
Value: bhLisGoL2rLtJOXgfkVtD4zoPOcBqCEj.92vMx0yIQo-1729739938-1.0.1.1-uJ7e4Ak9gZyIQ8yy6PzqmqxYZnuJY5m0Aa6is_XFFjWpADUIcWsVqqAjNxIvZaJCCy9fzuvHo43vwguDVgYMSw
.doubleclick.net/ Name: ar_debug
Value: 1
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3394:u=1:x=1:i=1729739938:t=1729826338:v=2:sig=AQHu5z3jE1p9H9BKrfIPVSJfxb8cCXkb"
.linkedin.com/ Name: bcookie
Value: "v=2&fdedd4bb-7581-4187-8728-78415532a91d"
.linkedin.com/ Name: li_gc
Value: MTswOzE3Mjk3Mzk5Mzg7MjswMjFROBZjsGhqNxvotowj3mZhene5dyVmjSzsFdTtW0F1gg==
.heraldsun.com.au/ Name: __eoi
Value: ID=04fa8e20fff67449:T=1729739938:RT=1729739938:S=AA-AfjZeUNB2VwVjnMW-ZhayE5R3
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMID
Value: Zxm8olVbLVoAAE.nANUBuAAA
.casalemedia.com/ Name: CMPS
Value: 5176
.casalemedia.com/ Name: CMPRO
Value: 5176
.pinterest.com/ Name: ar_debug
Value: 1
.heraldsun.com.au/ Name: _ScCbts
Value: %5B%5D
.heraldsun.com.au/ Name: _pin_unauth
Value: dWlkPU1qWm1aak5qTXpndE1qbGpNQzAwTXpjNUxUa3hNalF0TkdRd1lUY3lPREZqT1dReg
www.heraldsun.com.au/ Name: nc_eu
Value: y
www.heraldsun.com.au/ Name: metrics_pcsid
Value: not set
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=7672c40a-93fd-4fc0-bd7e-12eadc9ca989&Created=10/24/2024 03:18:58&UserMode=0&guid=a8bac259-1ad4-43ba-a4e2-facaf854d47d&ver=1
.eyeota.net/ Name: SERVERID
Value: 17177~DM
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 77933605%7CMCIDTS%7C20021%7CMCMID%7C42185201781804306812823187017016641722%7CMCAAMLH-1730344738%7C6%7CMCAAMB-1730344738%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1729747138s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-20028%7CMCCIDH%7C1240370510%7CvVersion%7C4.5.1
.heraldsun.com.au/ Name: s_inv
Value: 0
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_tp
Value: 2597
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Csops%257Cshopfront%257Cbreach%252Bshopfront%2C46%2C46%2C1200%2C1%2C2
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Csops%7Cshopfront%7Cbreach%2Bshopfront
.heraldsun.com.au/ Name: s_cc
Value: true
.imrworldwide.com/ Name: IMRID
Value: b592b1e0-91b6-11ef-a214-75040591d514
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13063
Value: 1
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZrd0pXSVI0aTUzVFlEQ2MweENJZ2x3MFVnSVNKK09HdFpvbUUrU0dTWUd6UWhVejZJQ05Ed3o5TlA0MGlSMnBOUkQ4U0Rveml4QWlrcC9tMm9YaG9wM3RNNThIRWN4ZHBORHhSRTloekltTT0mMmJzb01OT1MxYnc5Vm9kTEdQK3ZLNjlXVzE4PQ=="
.demdex.net/ Name: dextp
Value: 358-1-1729739937650|470-1-1729739937754|481-1-1729739937858|771-1-1729739937961|903-1-1729739938067|19566-1-1729739938174|23728-1-1729739938282|30432-1-1729739938387|30064-1-1729739938488|66757-1-1729739938589|134096-1-1729739938689|144230-1-1729739938790|144231-1-1729739938892|144232-1-1729739938994|144233-1-1729739939094|144234-1-1729739939198|144235-1-1729739939298|144236-1-1729739939399|144237-1-1729739939503|147592-1-1729739939631|461447-1-1729739939732
.heraldsun.com.au/ Name: s_nr30
Value: 1729739941325-New
.heraldsun.com.au/ Name: s_tslv
Value: 1729739941326

8 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
other warning URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other warning URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&memtype=anonymous&mode=premium&v21=GROUPA-Segment-1-NOSCORE
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
javascript error URL: https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc#sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&mode=premium&v21=hs-casual-premium-breach-spc-GROUPA-Segment-1-NOSCORE&pkgDef=HS_SDO_P0419C_W04&origin=https%3A%2F%2Fwww.heraldsun.com.au&memType=anonymous
Message:
Access to font at 'https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff2' from origin 'https://subscriptions.heraldsun.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff2
Message:
Failed to load resource: net::ERR_FAILED
recommendation verbose URL: https://subscriptions.heraldsun.com.au/caas/index.html?pageType=spc#sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fvictoria-education%2Fcatholic-school-girls-from-sacre-coeur-in-glen-iris-dress-as-ronald-mcdonald-for-muckup-day-prank%2Fnews-story%2F2f4d1308d564d35c660ba81d9fd83830&mode=premium&v21=hs-casual-premium-breach-spc-GROUPA-Segment-1-NOSCORE&pkgDef=HS_SDO_P0419C_W04&origin=https%3A%2F%2Fwww.heraldsun.com.au&memType=anonymous
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14643376.fls.doubleclick.net
a20352597942.cdn.optimizely.com
a2d9d570c666f8b5664093812d2aefa0.safeframe.googlesyndication.com
ad.doubleclick.net
alb.reddit.com
analytics.twitter.com
au-script.dotmetrics.net
au.tags.newscgp.com
bat.bing.com
bit.ly
cdn-gl.imrworldwide.com
cdn.optimizely.com
cdn3.optimizely.com
cm.everesttech.net
commerceapi.news.com.au
content.api.news
ct.pinterest.com
dpm.demdex.net
dsf.newscorpaustralia.com
edge.fullstory.com
google.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
js.stripe.com
login.newscorpaustralia.com
logx.optimizely.com
marketingplatform.google.com
metrics.heraldsun.com.au
n.clarity.ms
news.google.com
newscorpau.demdex.net
newscorpau.sc.omtrdc.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-config.reddit.com
pixel.wp.com
px.ads.linkedin.com
px4.ads.linkedin.com
rm-script.dotmetrics.net
rs.fullstory.com
s.pinimg.com
sc-static.net
script.crazyegg.com
secure-sdk.imrworldwide.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.chartbeat.com
stats.wp.com
subscriptions.heraldsun.com.au
subscriptions.news.com.au
t.co
tags.news.com.au
tags.tiqcdn.com
tpc.googlesyndication.com
tr.snapchat.com
tr6.snapchat.com
www.clarity.ms
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.heraldsun.com.au
www.redditstatic.com
login.newscorpaustralia.com
marketingplatform.google.com
pagead2.googlesyndication.com
subscriptions.news.com.au
104.18.35.242
104.19.147.8
104.244.42.131
13.107.42.14
13.32.99.67
142.250.181.226
142.250.184.196
142.250.185.131
142.250.185.78
142.250.186.166
142.250.186.34
142.250.186.98
143.204.98.86
146.75.120.157
15.197.193.217
151.101.129.140
172.175.234.12
172.217.16.134
172.66.0.227
18.172.103.101
18.172.112.83
18.244.18.12
192.0.76.3
216.58.206.66
23.206.208.183
2600:1901:0:7628::
2600:9000:2240:3800:2:42d9:3100:93a1
2600:9000:235a:2200:7:2bfb:7c00:93a1
2600:9000:236e:7a00:2:42d9:3100:93a1
2600:9000:2646:2200:18:1fcd:354:4b41
2600:9000:266e:1400:d:5ce3:a4c0:93a1
2606:4700::6812:4139
2606:4700::6812:4239
2620:1ec:21::14
2620:1ec:29:1::64
2620:1ec:33::10
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:830::2001
2a02:26f0:3500:10::210:a9a
2a02:26f0:3500:88c::ebe
2a02:26f0:3500:891::ebe
2a02:26f0:3500:89b::ebe
2a04:4e42:200::84
2a04:4e42:600::396
2a04:4e42::396
2a04:fa87:fffd::c000:423a
3.163.248.4
34.199.178.113
34.241.251.121
34.49.241.189
35.186.194.58
35.190.43.134
35.201.112.186
35.71.131.137
52.212.56.148
52.48.129.25
52.48.72.162
63.140.62.17
63.140.62.222
67.199.248.11
95.101.148.107
95.101.150.62
032845857dde18bfe2a0e82b1752216fc1723dfd615b7760026e48af6e06ac5d
09b36a0f890ab02539bfc07113a7b1b93fca1061b3b2d6cd353a79c5588f0e6f
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
0b3376aa27741ca90899fed12bcccbf1ea22edb596846ba6b26e263463686590
0cb9b953f79237672294c2bb59891fa8feac894ce750f1a875f30e5b41fb1819
0cd8060cc7dcd8427cb9d58db194859cf55968c2a0bb981f5c56bf4126ae9a9f
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd
0d46819b2dc3ae9d345b0e5610efc6c5a31c8456da74dcfadcf9174c1b18b2f4
0d5be1300b44db64be1a50224d95e5c9ed1809b44887d06eca12365fe09875f8
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0fc8a6e495e7cd447608aea7e0cd59b0e79bd4e74822d428c53880ac0db6c469
11364eb0ccb375ed954d862763a554376a7d9b7ee2b5a79557e86db70a362311
12d6af5792951a480ef755c2a9f19980442caf65650b87aadaf669b5c06c81b1
152aec432f70a0e048222c6638b2a2dfa46f61fc49a7f62e462f8975adc73fd8
15374af7c1c6e3f387f2fb8570ff638f455d1dfa24194b2d1e08d3de36df758b
16195932a322941f8ab596cd871ea6711727114816604b7b3b9cef6151e116b4
1905a3a51386c37ac4d0e2ee7e879bf91cbd90812085618d1078ead6d2b4e566
1bc3625c4e923d79a85677113b548e5444129ead716d43e10e2a6e9d56939143
1d0b237fe8783dfe8d419491b1002698ce58ef792a26059ac0b94824243e51bc
1e25ea478e68dfab214c1f12fb44f482ed6e13f201212a588cc59d248015f812
1e3d1bc73eb71767adf6cd2196912fe1acc92e15abf418edd8d0f11b71abd6d9
1e5379e3ffad0010d5bad17e26b900bda96a012c3501c6cc2f84c6af49ea0044
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb
2037eed7d5c8f6e3489bd454f920a31bb05633d1a995050fed8e9de6785cacc2
22c5b58d15f97ac4eafde7ab33f8904d47f71736d86c68ff0e4b9929ac07ad96
245bf139eb26662ef31841cb4a133fda493d3e59f48526790d726865dc4e64bc
2498295342cf91eecada436e178c65c534afff2195020e013fcc4d5b739a9ef7
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
2c1993c1c2ed8fd57cc0dd8894bf8f2c97884d6a143dfbd875c3f0ca25f92242
326a12752cac5fbcda173445c3e88f1017cb3864d5d5bcebcd23493bfb113845
33004845b37414421e4a655248d691679f1b66736491efc18d62f6aa9209992a
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
383a6476ad4d112b859aef3b8b12456cbd253d1b88fa523e8b2692bfc583183d
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3c5ac58bbd548149e5e5fad192c36edfc2e65d1fa1ec9fe064e5adf172db0d32
427cd4ea0b7a5b07204ad1bb9c6d0daa38e8a3faf3565d20f1e7f9b8fa657527
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a844d6787e4364f8c0ab321b2d5680d48604886d045685b6bf9c582518db9d
48a3f84ea4caa46ac70fbcd875af51f7e49ce32a2a314e8bd74676ff9a952481
48e995c834f9cbb64904650cbb722ab0c92effb6c59cf493aa055fcc1fc0417a
49ec9a4452db3faaf5515fd6dbf2a349cedcbb04bdff0eea5b7b2e67df0149ad
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d2ee91ad2be624f224c50562ea43c494df48ebd9fc660fef963bf739862c6f4
50dd061858aa0dc0daf55a63eb19648304b598750969a3016c6259868bbc3e8d
518bb445de9d8742594e4c1319c2ffec2a1cc4fdadf5eeed8d3ce8203fd1ddf8
524bb2cee6fdc5e3657222b820942a036c6b46cf6a2372266fbb27f061a464a2
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
56bc687b2a58d0145a7ab051dba9a1c8d64ff4bc048122726ed0960686e6d2e6
577b3d6e661b973b9fac1caab476349aacac1db31ae1af0dba93a2d4b981c69c
57f6375a91cd2b99a5283c72b3ce740c50e5172d60a31004d629c7cb65f58d2c
5824653e99cf7bd0087793f22bf7eb3f6e229f32fcad77eae2e5c407f6993dc7
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5bbdd0b14fe08d649a30f8f4ef8056c066d02b9b05d5c5c2b117c4a2c20aa28e
5c3d1d4bf784b2a06b40d51ce7f80b00e7736a1d7884b8e493fc5c0aaa070f69
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6655ef3bf169f6c264ac3247a09836d290d04bd308c2a8119b637eabfe0a7ba9
66920d1fad3e8362a720ecb1ebbbe752e9ccc0a085e72bb31099745e6f84242c
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
684eb8f141eb2662b3cebc68b6280e513e0ca12dbe806c13bbb02e9adf1c7814
6898e044beecfb5653944365327b03fa3b36e780bffd20a2cc2bafa2d55b7975
68a1fe014c8c54e55cb71fd69951dbcca806ba4e51f3444fb366acaa08fe86d9
698b75b34c376b73b97acf42f0ec14f3554b420e658c4fe98d87721e4b5f7d8a
6a66cfd3baa2ceb9836c31d0c9f3cdf55ce4392605ca499cafcfb2f8e2299f21
6ace25381dd11f2003f8cb3c0ed4dc0b3fc0778682e4ff14661dac0ec05d815d
6b214604855c1eb69b60f85893074a0a075a15473729bca9cc3dde3b5d1009ce
6d422eaf41ab920c8ce99379cec61f704b1710b183c0a0523986906851e0a0ab
7003c4401d8a0b59cf3edeeff5459da4f1393c3049074f83493c2e367d0d8605
70583a0095f54c9965e7bd8a34071782832eacfd0e366c9806939c149cd0140b
70c32349ed6edbf5028afe181f10230e0d5e62c4f4fada36ed28d2043acc3318
725cedf861f5608cc6a06e27059bb7647efe1d7af01a49744997a58dc2f79d1d
748aee7b92736c7faa89d929ff4f700dc9039bba68ca185a1580e007c95e7f52
756771edeb4be2746839f8b24b35fab6a4e168bdf95f9b6db6aa70f7a7c861f6
7b51daa2b58be074aa96fcf2bff13469142662c58b70ff6b9f18955b9448e842
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
826011b9e66864e30797060e3d0f6f54195b2c212cea4ceebfde81c5992bb797
8320c7d5d3bbb039d7c89db27da62c5e89a687b826dd373ebcfc29bc0a6527e9
8640916aba1207e4fcff9c894252543689989434cd9fc0dabd4cee60b3e763a5
86e8ed098febe4691b72980ac9bb22f6370cd6fb7fd50f2fc3ca41f5a24c6ed7
875e2dbb46ed3ac5de6ffb948be3670674574c75bf0c963ad68edb8832f06d44
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8a9bdf4334da3cfdb98da986e99e81b53a63c18720e099c71a9b785ff6b7feea
8b5e2294428a714045da180d9187469fd3fd2787a971cbbe8fc69c0ea66f643d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e649bb87b97864d0fe15dd2300849d3a4e26068a8a2cc0a641760384f11129a
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1
92f937273561bc84c925c82863e1378fdf9019815efcc1e342043b9c74183000
9361aaa99bd2f940d92294185a2f3d081c1bda58c28f031e7e6c6367f99c23af
9876c83da252e0f8decdb2ea33f2bbd8d9f398b3f04e5b3b64aee809d834c647
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
9adf77add5f442574735f5fd2c07d13a3a44572ba1553c77e92f43e6d6c2f25a
9bdd3f602ccd3e7353d16569b7fe80980e89af70e4e5e55af6489ef15fcf968e
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
9e3bd74d6107eb62572af18fc21a64d8ae3699070f7c7db25d7a8ee4afa93c7b
9f3f998edad87e6ad828e47356849d6231bc16230268260d96f644153258fa3d
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a29bb26377940dc40a9dc256c230c43dbf95d2179be3f3da3c51570282d55c9a
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a7a62727b419b1c1bf2bc043ad700dd9c51521427abeea39bb4b92ceddf421e3
a81af07ad50923f765e10c20a726664fc064f590bd9ea05042f33c1b3ac9057e
a9280ea4c5ff1e3e7bc88fa14041c82cf6381f026c4c99409ecf9d370d0a324b
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad301f156a8dd072b3e8cc8d0dab186105642122ed49728fd564305c511f86ec
bb8cacd1ff7df6dbc51357ff84ccc4baa26a5e05fd70fd75881b702b640c5785
bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637
c1d90f878be7d34531027fbbf59189dca9eed0604b4be11bd61a905da712502e
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c
c29af249f7d9168908c6ad155b882555f8ec2ed7800c824e6ec45904f84040e8
c33c60d014227b42c513820e6d750cced736cda305beb7d6a20e35afe502648c
c916b9c461fbe3d85c760ce6a1fd8dbbcdd63a575e25c2c98078a31a99614ea7
c9975bb034362b04a958152f840e5789314724c1d526dcd9f599a06ccbbadcc2
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd65635630c32561e59a700e5a81b3a32e5e5063bfd20bd8624fa7c0daa4d5d6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f04dec43134913ad8a1da87ca1cb4eb30753050a2d0d2e5f0c0dc5ba941c30
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d5f1eaba202b7ce2050eeaf685c53727f235a13b397403ea980fa7d272debda3
d766d6848b30385acb34076b00f2de9b05bb097ec522b67b515981cf5ac60c91
d886b38df75e0e31e14bfbfd444470546e74c6be57c1d5e4652b8effe846983c
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510
dad10a832ba51b5db08691887a58b582022dd25c7849e0dd70f1ff8484d74a2c
dad6b3c7a603cd523cffcfec1af9789953881454129fc3d9962f767e855901b2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73
e30565d344697a80f05882c11755c6d6a71626791bbc124df343b5edc7901312
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
ea15eb7f6c01551306baad1fc7ceab62fa63a26cba6c52acb925e9dc1537637c
eac38be006a6ceb74388b4cee7ec1d8ad4f67a10517296c76a48a61651e9fe1f
edeece3f4ceab0c62abf9fbf0c65233784c5a7acd733c2405c3ea9e3bcf21077
eee4b740fa1ca55446b70cfbdc4ce54b00362f9ccd61c3db2c5f6fe432c340ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa356790d5aa0999afdc22753df1fb05d2d233f38d0d47473686557bf983b92
f2696e8eb9d876987998374c51e4d14a24f6f24a23fe697493ebf761c3bcc4b9
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4cd2b3a7ecd9e189a4335aca67202ddd4803525c0d56d51ea80f3f247e946fe
fbf7a4f784ee3fc893f5c036fdabf5055596322971976baf5758c8477abf229a
fdadeba727a1fc1ca6763f597ce67219913281b9941dd02b49e235eaed22d602
fdb638e3cd8a5597cdfe92befc64d36147ac4fcba9e58474091a3ce59a3e0333
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
ffaf3b7f34955e1c40b72cab3f9c84a08869774c525b76cbca16dc4b08593b08