urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
2600:1415:9c00:28b::ebe  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.heraldsun.com.au/
Effective URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Submission: On October 24 via api from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 122 IPs in 9 countries across 73 domains to perform 494 HTTP transactions. The main IP is 2600:1415:9c00:28b::ebe, located in United States and belongs to AKAMAI-ASN1, NL. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 800176.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 14th 2024. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 26 2600:1415:9c0... 20940 (AKAMAI-ASN1)
1 1 2600:1415:9c0... 20940 (AKAMAI-ASN1)
23 2600:1415:9c0... 20940 (AKAMAI-ASN1)
1 151.101.66.217 54113 (FASTLY)
2 2600:9000:277... 16509 (AMAZON-02)
42 104.116.108.143 16625 (AKAMAI-AS)
12 2600:1415:9c0... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 104.74.39.62 16625 (AKAMAI-AS)
12 2600:9000:25f... 16509 (AMAZON-02)
2 104.116.109.197 16625 (AKAMAI-AS)
9 2600:9000:221... 16509 (AMAZON-02)
1 151.101.130.132 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:221... 16509 (AMAZON-02)
1 104.74.34.33 16625 (AKAMAI-AS)
1 10 172.217.24.38 15169 (GOOGLE)
3 2620:1ec:33::10 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 157.240.8.23 32934 (FACEBOOK)
1 108.158.32.113 16509 (AMAZON-02)
2 34.202.186.186 14618 (AMAZON-AES)
2 151.101.65.175 54113 (FASTLY)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:1415:3c0... 20940 (AKAMAI-ASN1)
14 142.251.42.194 15169 (GOOGLE)
3 108.158.21.125 16509 (AMAZON-02)
1 108.158.20.59 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.101.28.157 54113 (FASTLY)
1 2600:1415:9c0... 20940 (AKAMAI-ASN1)
1 2600:9000:277... 16509 (AMAZON-02)
5 2404:6800:400... 15169 (GOOGLE)
1 52.95.128.223 16509 (AMAZON-02)
2 52.250.45.119 8075 (MICROSOFT...)
8 23.221.133.233 16625 (AKAMAI-AS)
2 2600:9000:277... 16509 (AMAZON-02)
4 18.67.93.61 16509 (AMAZON-02)
2 2a04:4e42:600... 54113 (FASTLY)
2 104.19.148.8 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
1 108.158.14.99 16509 (AMAZON-02)
2 2600:1415:9c0... ()
1 18.65.244.102 16509 (AMAZON-02)
1 162.159.140.229 13335 (CLOUDFLAR...)
1 104.244.42.67 13414 (TWITTER)
3 2620:1ec:21::14 8068 (MICROSOFT...)
2 3.168.86.93 16509 (AMAZON-02)
2 54.224.56.38 14618 (AMAZON-AES)
1 108.158.32.114 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 141.95.33.120 16276 (OVH)
1 34.149.26.226 15169 (GOOGLE)
3 13.54.124.222 16509 (AMAZON-02)
1 108.158.32.54 16509 (AMAZON-02)
23 142.251.222.34 15169 (GOOGLE)
1 172.217.175.34 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 2600:9000:277... 16509 (AMAZON-02)
1 151.101.129.140 54113 (FASTLY)
1 151.101.193.140 54113 (FASTLY)
6 151.101.192.84 54113 (FASTLY)
1 2600:9000:277... 16509 (AMAZON-02)
2 104.18.25.111 13335 (CLOUDFLAR...)
2 52.95.131.164 16509 (AMAZON-02)
1 34.49.241.189 396982 (GOOGLE-CL...)
2 2620:1ec:bdf::31 8075 (MICROSOFT...)
1 2 142.250.196.134 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
11 52.62.126.64 16509 (AMAZON-02)
1 108.158.35.170 16509 (AMAZON-02)
2 23.55.6.117 16625 (AKAMAI-AS)
1 2a02:6ea0:db0... 60068 (CDN77 _)
1 2 103.43.90.54 29990 (ASN-APPNEX)
1 2406:2600:7:1... 55569 (CRITEO-AS...)
1 104.116.109.111 16625 (AKAMAI-AS)
2 52.77.102.255 16509 (AMAZON-02)
1 172.64.151.101 13335 (CLOUDFLAR...)
4 2602:803:c006... 26667 (RUBICONPR...)
2 34.102.253.54 396982 (GOOGLE-CL...)
1 67.199.150.87 62713 (AS-PUBMATIC)
4 13.55.50.85 16509 (AMAZON-02)
2 141.95.98.64 16276 (OVH)
1 63.140.39.224 14618 (AMAZON-AES)
1 1 52.74.53.201 16509 (AMAZON-02)
1 2 98.82.156.107 14618 (AMAZON-AES)
3 52.152.143.207 8075 (MICROSOFT...)
1 63.140.39.82 14618 (AMAZON-AES)
2 135.125.140.162 16276 (OVH)
1 51.195.127.115 16276 (OVH)
3 135.125.145.78 16276 (OVH)
1 135.125.146.82 16276 (OVH)
3 51.195.115.36 16276 (OVH)
1 135.125.146.86 16276 (OVH)
2 51.195.73.82 16276 (OVH)
1 51.195.73.71 16276 (OVH)
2 51.195.127.100 16276 (OVH)
1 52.63.180.72 16509 (AMAZON-02)
9 2404:6800:400... 15169 (GOOGLE)
2 2406:2600:7:1... 55569 (CRITEO-AS...)
1 54.206.197.152 16509 (AMAZON-02)
4 2404:6800:400... 15169 (GOOGLE)
2 18.154.7.117 16509 (AMAZON-02)
3 2600:1415:9c0... 20940 (AKAMAI-ASN1)
13 2600:9000:277... 16509 (AMAZON-02)
13 2600:9000:277... ()
3 2600:1415:3c0... 20940 (AKAMAI-ASN1)
1 63.140.56.177 16509 (AMAZON-02)
1 108.158.20.35 16509 (AMAZON-02)
2 104.74.46.234 16625 (AKAMAI-AS)
7 2600:9000:221... ()
8 34.149.43.113 396982 (GOOGLE-CL...)
2 52.196.43.77 16509 (AMAZON-02)
28 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.116.109.67 16625 (AKAMAI-AS)
1 151.101.193.108 54113 (FASTLY)
1 172.64.149.180 13335 (CLOUDFLAR...)
1 2 151.101.2.49 54113 (FASTLY)
38 2600:1f18:1ac... 14618 (AMAZON-AES)
2 35.71.131.137 16509 (AMAZON-02)
1 2 52.231.230.148 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2406:2600:7:1... 55569 (CRITEO-AS...)
1 172.217.24.36 15169 (GOOGLE)
494 122
26    2600:1415:9c00:28b::ebe (United States)

ASN20940 (AKAMAI-ASN1, NL)
www.heraldsun.com.au
1    2600:1415:9c00:28e::ebe (United States)

ASN20940 (AKAMAI-ASN1, NL)
tags.news.com.au
23    2600:1415:9c00:286::ebe (United States)

ASN20940 (AKAMAI-ASN1, NL)
resourcesssl.newscdn.com.au
1    151.101.66.217 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
2    2600:9000:2774:3000:1e:9240:9c0:21 (United States)

ASN16509 (AMAZON-02, US)
d2n6ofw4o746cn.cloudfront.net
42    104.116.108.143 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-116-108-143.deploy.static.akamaitechnologies.com
content.api.news
mhr.talk.news.com.au
client.api.news
12    2600:1415:9c00:28f::ebe (United States)

ASN20940 (AKAMAI-ASN1, NL)
tags.news.com.au
1    2606:4700::6812:186f (United States)

ASN13335 (CLOUDFLARENET, US)
bedsberry.com
6    104.74.39.62 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-39-62.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
12    2600:9000:25f0:e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    104.116.109.197 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-116-109-197.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.heraldsun.com.au
9    2600:9000:2212:e000:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
1    151.101.130.132 (San Francisco, United States)

ASN54113 (FASTLY, US)
mv.outbrain.com
1    2606:4700::6812:4139 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.optimizely.com
2    2600:9000:2212:6800:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.vidora.com
1    104.74.34.33 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-34-33.deploy.static.akamaitechnologies.com
players.brightcove.net
10    172.217.24.38 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f38.1e100.net
ad.doubleclick.net
3    2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2606:4700::6812:4239 (United States)

ASN13335 (CLOUDFLARENET, US)
a20352597942.cdn.optimizely.com
2    157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net
1    108.158.32.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-113.syd3.r.cloudfront.net
au.tags.newscgp.com
2    34.202.186.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-186-186.compute-1.amazonaws.com
pixel.zprk.io
2    151.101.65.175 (San Francisco, United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:1415:3c00:299::1e80 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
cdn1.adoberesources.net
14    142.251.42.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net
securepubads.g.doubleclick.net
3    108.158.21.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-21-125.syd62.r.cloudfront.net
c.amazon-adsystem.com
1    108.158.20.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-59.syd62.r.cloudfront.net
ats-wrapper.privacymanager.io
2    2606:4700:20::681a:5a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
1    151.101.28.157 (San Francisco, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2600:1415:9c00:7::1728:3458 (United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2600:9000:2774:5600:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
5    2404:6800:4004:811::200e (Australia)

ASN15169 (GOOGLE, US)
news.google.com
1    52.95.128.223 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com
s3.ap-southeast-2.amazonaws.com
2    52.250.45.119 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mcdp-wndc1.outbrain.com
sync.outbrain.com
8    23.221.133.233 (Rehovot, Israel)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-133-233.deploy.static.akamaitechnologies.com
statsapi.foxsports.com.au
2    2600:9000:277c:3000:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com
4    18.67.93.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-61.syd62.r.cloudfront.net
au-script.dotmetrics.net
2    2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    104.19.148.8 (None, )

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    2404:6800:4006:804::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    108.158.14.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-14-99.syd62.r.cloudfront.net
js.adsrvr.org
2    2600:1415:9c00:287::1931 (United States)

ASN- ()
s.pinimg.com
1    18.65.244.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-102.syd3.r.cloudfront.net
cdn.adsafeprotected.com
1    162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    3.168.86.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-86-93.sfo5.r.cloudfront.net
geo.privacymanager.io
2    54.224.56.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-56-38.compute-1.amazonaws.com
ping.chartbeat.net
1    108.158.32.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-114.syd3.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
7    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
1    34.149.26.226 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 226.26.149.34.bc.googleusercontent.com
api.rlcdn.com
3    13.54.124.222 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-54-124-222.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
1    108.158.32.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-54.syd3.r.cloudfront.net
ncg.tags.news.com.au
23    142.251.222.34 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f2.1e100.net
pagead2.googlesyndication.com
1    172.217.175.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s19-in-f2.1e100.net
googleads4.g.doubleclick.net
4    2a03:2880:f119:8083:face:b00c:0:25de (Sydney, Australia)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2600:9000:277c:8e00:d:5ce3:a4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rm-script.dotmetrics.net
1    151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
6    151.101.192.84 (San Francisco, United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
1    2600:9000:277c:2400:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com
2    104.18.25.111 (None, )

ASN13335 (CLOUDFLARENET, US)
bedsberry.com
2    52.95.131.164 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com
s3-ap-southeast-2.amazonaws.com
1    34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com
logx.optimizely.com
2    2620:1ec:bdf::31 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    142.250.196.134 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f6.1e100.net
14643376.fls.doubleclick.net
1    2404:6800:4006:80a::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)
td.doubleclick.net
11    52.62.126.64 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-62-126-64.ap-southeast-2.compute.amazonaws.com
pixel.adsafeprotected.com
1    108.158.35.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-35-170.syd3.r.cloudfront.net
aax.amazon-adsystem.com
2    23.55.6.117 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-6-117.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2a02:6ea0:db00::1 (Sydney, Australia)

ASN60068 (CDN77 _, GB)
topics.authorizedvault.com
2    103.43.90.54 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
1    2406:2600:7:100::2a (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    104.116.109.111 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-116-109-111.deploy.static.akamaitechnologies.com
a.teads.tv
2    52.77.102.255 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-102-255.ap-southeast-1.compute.amazonaws.com
g2.gumgum.com
1    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
4    2602:803:c006:158::65 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    67.199.150.87 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    13.55.50.85 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-55-50-85.ap-southeast-2.compute.amazonaws.com
dpm.demdex.net
newscorpau.demdex.net
2    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    63.140.39.224 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-224.data.adobedc.net
newscorpau.sc.omtrdc.net
1    52.74.53.201 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-53-201.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
2    98.82.156.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-156-107.compute-1.amazonaws.com
s.amazon-adsystem.com
3    52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
o.clarity.ms
1    63.140.39.82 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-82.data.adobedc.net
metrics.heraldsun.com.au
2    135.125.140.162 (France)

ASN16276 (OVH, FR)
PTR: ip162.ip-135-125-140.eu
d0.eu-3-id5-sync.com
d2.eu-3-id5-sync.com
1    51.195.127.115 (Germany)

ASN16276 (OVH, FR)
PTR: ip115.ip-51-195-127.eu
d1.eu-3-id5-sync.com
3    135.125.145.78 (France)

ASN16276 (OVH, FR)
PTR: ip78.ip-135-125-145.eu
d3.eu-3-id5-sync.com
d5.eu-3-id5-sync.com
d2.eu-4-id5-sync.com
1    135.125.146.82 (Germany)

ASN16276 (OVH, FR)
PTR: ip82.ip-135-125-146.eu
d4.eu-3-id5-sync.com
3    51.195.115.36 (France)

ASN16276 (OVH, FR)
PTR: ip36.ip-51-195-115.eu
d6.eu-3-id5-sync.com
d0.eu-4-id5-sync.com
d1.eu-4-id5-sync.com
1    135.125.146.86 (Germany)

ASN16276 (OVH, FR)
PTR: ip86.ip-135-125-146.eu
d7.eu-3-id5-sync.com
2    51.195.73.82 (France)

ASN16276 (OVH, FR)
PTR: ip82.ip-51-195-73.eu
d3.eu-4-id5-sync.com
d4.eu-4-id5-sync.com
1    51.195.73.71 (France)

ASN16276 (OVH, FR)
PTR: ip71.ip-51-195-73.eu
d5.eu-4-id5-sync.com
2    51.195.127.100 (Germany)

ASN16276 (OVH, FR)
PTR: ip100.ip-51-195-127.eu
d6.eu-4-id5-sync.com
d7.eu-4-id5-sync.com
1    52.63.180.72 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-63-180-72.ap-southeast-2.compute.amazonaws.com
secure-sdk.imrworldwide.com
9    2404:6800:4006:804::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)
5e5a2302d9c6be5d3eab8b0e5bd66b7d.safeframe.googlesyndication.com
tpc.googlesyndication.com
2    2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    54.206.197.152 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-206-197-152.ap-southeast-2.compute.amazonaws.com
invoke.bonzai.co
4    2404:6800:4006:814::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    18.154.7.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-7-117.cgk51.r.cloudfront.net
au.audience.newscgp.com
3    2600:1415:9c00:7::1728:3448 (United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
13    2600:9000:277a:2400:5:ff46:ad00:93a1 (United States)

ASN16509 (AMAZON-02, US)
massets.bonzai.co
13    2600:9000:277c:1000:a:709a:e000:93a1 (United States)

ASN- ()
collector.bonzai.co
3    2600:1415:3c00:282::1ec4 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
secure.insightexpressai.com
1    63.140.56.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-56-177.data.adobedc.net
edge.adobedc.net
1    108.158.20.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-35.syd62.r.cloudfront.net
check.analytics.rlcdn.com
2    104.74.46.234 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-46-234.deploy.static.akamaitechnologies.com
z.moatads.com
7    2600:9000:2212:9e00:16:b51d:cf40:93a1 (United States)

ASN- ()
dcollector.bonzai.co
8    34.149.43.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.43.149.34.bc.googleusercontent.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
2    52.196.43.77 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-43-77.ap-northeast-1.compute.amazonaws.com
prebid-a.rubiconproject.com
28    2606:4700::6811:6147 (United States)

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
1    104.116.109.67 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-116-109-67.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    151.101.193.108 (San Francisco, United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    172.64.149.180 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    151.101.2.49 (San Francisco, United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
38    2600:1f18:1aca:4281:c296:c1dc:696c:1893 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
2    52.231.230.148 (Busan, Korea, Republic Of)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2406:2600:7:100::9 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    172.217.24.36 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
62 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 684
cdn.adsafeprotected.com — Cisco Umbrella Rank: 4066
pixel.adsafeprotected.com — Cisco Umbrella Rank: 710
dt.adsafeprotected.com — Cisco Umbrella Rank: 603
194 KB
41 api.news
content.api.news — Cisco Umbrella Rank: 81072
client.api.news — Cisco Umbrella Rank: 334354
552 KB
34 bonzai.co
invoke.bonzai.co — Cisco Umbrella Rank: 178369
massets.bonzai.co — Cisco Umbrella Rank: 193982
collector.bonzai.co — Cisco Umbrella Rank: 194210
dcollector.bonzai.co — Cisco Umbrella Rank: 197182
592 KB
32 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
5e5a2302d9c6be5d3eab8b0e5bd66b7d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
256 KB
28 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 8586
240 KB
28 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 150
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 1199
14643376.fls.doubleclick.net — Cisco Umbrella Rank: 191953
td.doubleclick.net — Cisco Umbrella Rank: 192
279 KB
28 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 800176
subscriptions.heraldsun.com.au
metrics.heraldsun.com.au
425 KB
23 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 117093
544 KB
15 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 109561
mhr.talk.news.com.au
ncg.tags.news.com.au — Cisco Umbrella Rank: 218592
334 KB
11 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 526
tps.doubleverify.com — Cisco Umbrella Rank: 566
tpsc-ae1.doubleverify.com — Cisco Umbrella Rank: 18360
111 KB
9 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 994
id5-sync.com — Cisco Umbrella Rank: 522
36 KB
9 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1314
56 KB
9 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2166
widget-pixels.outbrain.com — Cisco Umbrella Rank: 4861
mv.outbrain.com — Cisco Umbrella Rank: 2811
mcdp-wndc1.outbrain.com — Cisco Umbrella Rank: 17346
sync.outbrain.com — Cisco Umbrella Rank: 881
102 KB
8 eu-4-id5-sync.com
d0.eu-4-id5-sync.com — Cisco Umbrella Rank: 63349
d1.eu-4-id5-sync.com — Cisco Umbrella Rank: 62967
d2.eu-4-id5-sync.com — Cisco Umbrella Rank: 63146
d3.eu-4-id5-sync.com — Cisco Umbrella Rank: 63135
d4.eu-4-id5-sync.com — Cisco Umbrella Rank: 63153
d5.eu-4-id5-sync.com — Cisco Umbrella Rank: 63001
d6.eu-4-id5-sync.com — Cisco Umbrella Rank: 62486
d7.eu-4-id5-sync.com — Cisco Umbrella Rank: 62668
1 KB
8 eu-3-id5-sync.com
d0.eu-3-id5-sync.com — Cisco Umbrella Rank: 63134
d1.eu-3-id5-sync.com — Cisco Umbrella Rank: 62485
d2.eu-3-id5-sync.com — Cisco Umbrella Rank: 62650
d3.eu-3-id5-sync.com — Cisco Umbrella Rank: 62893
d4.eu-3-id5-sync.com — Cisco Umbrella Rank: 62772
d5.eu-3-id5-sync.com — Cisco Umbrella Rank: 62739
d6.eu-3-id5-sync.com — Cisco Umbrella Rank: 62570
d7.eu-3-id5-sync.com — Cisco Umbrella Rank: 62540
1 KB
8 foxsports.com.au
statsapi.foxsports.com.au — Cisco Umbrella Rank: 660130
11 KB
7 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3283
eus.rubiconproject.com — Cisco Umbrella Rank: 600
2 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 634
o.clarity.ms — Cisco Umbrella Rank: 6866
c.clarity.ms — Cisco Umbrella Rank: 1236
30 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 345
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 651
aax.amazon-adsystem.com — Cisco Umbrella Rank: 457
s.amazon-adsystem.com — Cisco Umbrella Rank: 352
86 KB
6 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 930
6 KB
6 google.com
news.google.com — Cisco Umbrella Rank: 6789
www.google.com — Cisco Umbrella Rank: 3 Failed
79 KB
6 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 183164
au.pixel.newscgp.com — Cisco Umbrella Rank: 193509
au.audience.newscgp.com — Cisco Umbrella Rank: 163732
50 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 65274
rm-script.dotmetrics.net — Cisco Umbrella Rank: 7039
36 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 307
34 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 243
newscorpau.demdex.net — Cisco Umbrella Rank: 174159
5 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
5 KB
4 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 3652
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 6854
63 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
c.bing.com — Cisco Umbrella Rank: 190
17 KB
3 insightexpressai.com
secure.insightexpressai.com — Cisco Umbrella Rank: 2005
5 KB
3 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1371
sync-tm.everesttech.net — Cisco Umbrella Rank: 780
945 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 267
acdn.adnxs.com — Cisco Umbrella Rank: 613
9 KB
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 557
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 480
224 B
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 321
1 KB
3 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1442
insight.adsrvr.org — Cisco Umbrella Rank: 945
13 KB
3 amazonaws.com
s3.ap-southeast-2.amazonaws.com
s3-ap-southeast-2.amazonaws.com
2 KB
3 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 1893
geo.privacymanager.io — Cisco Umbrella Rank: 1904
62 KB
3 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 971
a20352597942.cdn.optimizely.com — Cisco Umbrella Rank: 195375
logx.optimizely.com — Cisco Umbrella Rank: 1669
134 KB
3 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 259834
25 KB
2 moatads.com
z.moatads.com — Cisco Umbrella Rank: 1224
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 776
31 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 917
605 B
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 26555
633 B
2 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1420
13 KB
2 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 745
gum.criteo.com — Cisco Umbrella Rank: 461
527 B
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 1994
alb.reddit.com — Cisco Umbrella Rank: 1330
761 B
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 949
check.analytics.rlcdn.com — Cisco Umbrella Rank: 2944
668 B
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1492
401 B
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 982
25 KB
2 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2568
3 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1063
13 KB
2 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 2278
22 KB
2 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 6017
92 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 13035
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
73 KB
2 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 135379
6 KB
2 cloudfront.net
d2n6ofw4o746cn.cloudfront.net
29 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 668
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 3424
827 B
1 omtrdc.net
newscorpau.sc.omtrdc.net — Cisco Umbrella Rank: 190062
271 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
669 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1627
520 B
1 authorizedvault.com
topics.authorizedvault.com — Cisco Umbrella Rank: 6514
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
2 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 962
720 B
1 t.co
t.co — Cisco Umbrella Rank: 859
627 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
81 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1731
24 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 784
14 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 960
15 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 12777
20 KB
1 brightcove.net
players.brightcove.net — Cisco Umbrella Rank: 3758
306 KB
1 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 183475
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 7145
10 KB
494 73
Domain Requested by
40 content.api.news www.heraldsun.com.au
38 dt.adsafeprotected.com www.heraldsun.com.au
28 c.bannerflow.net ad.doubleclick.net
c.bannerflow.net
www.heraldsun.com.au
26 www.heraldsun.com.au 3 redirects www.heraldsun.com.au
23 pagead2.googlesyndication.com ad.doubleclick.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
23 resourcesssl.newscdn.com.au www.heraldsun.com.au
resourcesssl.newscdn.com.au
14 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
pagead2.googlesyndication.com
13 collector.bonzai.co www.heraldsun.com.au
13 massets.bonzai.co invoke.bonzai.co
massets.bonzai.co
www.heraldsun.com.au
13 tags.news.com.au 1 redirects www.heraldsun.com.au
tags.tiqcdn.com
resourcesssl.newscdn.com.au
au.tags.newscgp.com
12 static.adsafeprotected.com www.heraldsun.com.au
resourcesssl.newscdn.com.au
pixel.adsafeprotected.com
11 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
10 ad.doubleclick.net 1 redirects tags.tiqcdn.com
www.heraldsun.com.au
www.googletagservices.com
ad.doubleclick.net
9 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 statsapi.foxsports.com.au resourcesssl.newscdn.com.au
7 dcollector.bonzai.co www.heraldsun.com.au
7 id5-sync.com tags.news.com.au
cdn.id5-sync.com
www.heraldsun.com.au
6 ct.pinterest.com s.pinimg.com
5 tpsc-ae1.doubleverify.com cdn.doubleverify.com
5 news.google.com subscriptions.heraldsun.com.au
news.google.com
5 widgets.outbrain.com www.heraldsun.com.au
widgets.outbrain.com
4 www.googletagservices.com securepubads.g.doubleclick.net
www.googletagservices.com
4 fastlane.rubiconproject.com tags.news.com.au
4 www.facebook.com www.heraldsun.com.au
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
3 tps.doubleverify.com cdn.doubleverify.com
3 secure.insightexpressai.com www.heraldsun.com.au
ad.doubleclick.net
3 cdn.doubleverify.com invoke.bonzai.co
ad.doubleclick.net
3 o.clarity.ms www.clarity.ms
3 dpm.demdex.net tags.news.com.au
www.heraldsun.com.au
3 au.pixel.newscgp.com au.tags.newscgp.com
3 px.ads.linkedin.com snap.licdn.com
www.heraldsun.com.au
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 c.amazon-adsystem.com tags.tiqcdn.com
c.amazon-adsystem.com
3 bat.bing.com tags.tiqcdn.com
bat.bing.com
www.heraldsun.com.au
3 bedsberry.com www.heraldsun.com.au
bedsberry.com
2 c.clarity.ms 1 redirects
2 insight.adsrvr.org js.adsrvr.org
2 sync-tm.everesttech.net 1 redirects tags.news.com.au
2 prebid-a.rubiconproject.com tags.news.com.au
2 z.moatads.com massets.bonzai.co
2 au.audience.newscgp.com tags.tiqcdn.com
au.tags.newscgp.com
2 static.criteo.net tags.news.com.au
static.criteo.net
2 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
tags.news.com.au
2 ads.playground.xyz tags.news.com.au
www.heraldsun.com.au
2 g2.gumgum.com tags.news.com.au
2 ib.adnxs.com 1 redirects tags.news.com.au
2 ads.pubmatic.com tags.news.com.au
2 14643376.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 s3-ap-southeast-2.amazonaws.com resourcesssl.newscdn.com.au
2 ping.chartbeat.net www.heraldsun.com.au
2 geo.privacymanager.io ats-wrapper.privacymanager.io
2 s.pinimg.com tags.tiqcdn.com
s.pinimg.com
2 script.crazyegg.com tags.tiqcdn.com
script.crazyegg.com
2 www.redditstatic.com tags.tiqcdn.com
www.redditstatic.com
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 cdn.id5-sync.com tags.tiqcdn.com
www.heraldsun.com.au
2 nebula-cdn.kampyle.com tags.tiqcdn.com
nebula-cdn.kampyle.com
2 pixel.zprk.io tags.tiqcdn.com
www.heraldsun.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 assets.vidora.com www.heraldsun.com.au
assets.vidora.com
2 d2n6ofw4o746cn.cloudfront.net www.heraldsun.com.au
1 gum.criteo.com static.criteo.net
1 c.bing.com 1 redirects
1 js-sec.indexww.com tags.news.com.au
1 acdn.adnxs.com tags.news.com.au
1 eus.rubiconproject.com tags.news.com.au
1 check.analytics.rlcdn.com tags.news.com.au
1 edge.adobedc.net tags.news.com.au
1 www.google.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
1 invoke.bonzai.co www.heraldsun.com.au
1 5e5a2302d9c6be5d3eab8b0e5bd66b7d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure-sdk.imrworldwide.com www.heraldsun.com.au
1 d7.eu-4-id5-sync.com cdn.id5-sync.com
1 d6.eu-4-id5-sync.com cdn.id5-sync.com
1 d5.eu-4-id5-sync.com cdn.id5-sync.com
1 d4.eu-4-id5-sync.com cdn.id5-sync.com
1 d3.eu-4-id5-sync.com cdn.id5-sync.com
1 d2.eu-4-id5-sync.com cdn.id5-sync.com
1 d1.eu-4-id5-sync.com cdn.id5-sync.com
1 d0.eu-4-id5-sync.com cdn.id5-sync.com
1 d7.eu-3-id5-sync.com cdn.id5-sync.com
1 d6.eu-3-id5-sync.com cdn.id5-sync.com
1 d5.eu-3-id5-sync.com cdn.id5-sync.com
1 d4.eu-3-id5-sync.com cdn.id5-sync.com
1 d3.eu-3-id5-sync.com cdn.id5-sync.com
1 d2.eu-3-id5-sync.com cdn.id5-sync.com
1 d1.eu-3-id5-sync.com cdn.id5-sync.com
1 d0.eu-3-id5-sync.com cdn.id5-sync.com
1 metrics.heraldsun.com.au tags.news.com.au
1 cm.everesttech.net 1 redirects
1 newscorpau.sc.omtrdc.net tags.news.com.au
1 newscorpau.demdex.net tags.news.com.au
1 hbopenbid.pubmatic.com tags.news.com.au
1 htlb.casalemedia.com tags.news.com.au
1 a.teads.tv tags.news.com.au
1 bidder.criteo.com tags.news.com.au
1 topics.authorizedvault.com tags.news.com.au
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 td.doubleclick.net www.googletagmanager.com
1 logx.optimizely.com cdn.optimizely.com
1 alb.reddit.com www.heraldsun.com.au
1 pixel-config.reddit.com www.redditstatic.com
1 rm-script.dotmetrics.net www.heraldsun.com.au
1 sync.outbrain.com widgets.outbrain.com
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 ncg.tags.news.com.au au.tags.newscgp.com
1 api.rlcdn.com tags.news.com.au
1 cdn.jsdelivr.net tags.news.com.au
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 analytics.twitter.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 js.adsrvr.org tags.tiqcdn.com
1 www.googletagmanager.com tags.tiqcdn.com
1 mcdp-wndc1.outbrain.com widgets.outbrain.com
1 s3.ap-southeast-2.amazonaws.com www.heraldsun.com.au
1 static.chartbeat.com tags.tiqcdn.com
1 snap.licdn.com tags.tiqcdn.com
1 static.ads-twitter.com tags.tiqcdn.com
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 cdn1.adoberesources.net tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 client.api.news resourcesssl.newscdn.com.au
1 a20352597942.cdn.optimizely.com cdn.optimizely.com
1 players.brightcove.net resourcesssl.newscdn.com.au
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 cdn.optimizely.com tags.tiqcdn.com
1 mv.outbrain.com widgets.outbrain.com
1 widget-pixels.outbrain.com www.heraldsun.com.au
1 login.newscorpaustralia.com www.heraldsun.com.au
1 mhr.talk.news.com.au www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
494 136
Subject Issuer Validity Valid
news.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-14 -
2025-10-14		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-21 -
2025-02-21		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
bedsberry.com
WE1		 2024-09-06 -
2024-12-05		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02		 2024-03-19 -
2025-04-17		 a year crt.sh
cdn.optimizely.com
WE1		 2024-10-21 -
2025-01-19		 3 months crt.sh
*.vidora.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-08		 a year crt.sh
players.brightcove.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-04-19 -
2025-04-18		 a year crt.sh
*.doubleclick.net
WE2		 2024-10-07 -
2024-12-30		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-02 -
2024-10-31		 3 months crt.sh
au.tags.newscgp.com
Amazon RSA 2048 M02		 2024-01-23 -
2025-02-19		 a year crt.sh
*.zprk.io
Amazon RSA 2048 M03		 2024-08-19 -
2025-09-17		 a year crt.sh
*.kampyle.com
SSL.com RSA SSL subCA		 2023-11-07 -
2024-12-07		 a year crt.sh
id5-sync.com
WE1		 2024-09-30 -
2024-12-29		 3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-09 -
2025-08-09		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M03		 2024-06-26 -
2025-07-24		 a year crt.sh
brandmetrics.com
WE1		 2024-10-23 -
2025-01-21		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2024-05-15 -
2025-06-06		 a year crt.sh
*.news.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon RSA 2048 M01		 2024-05-10 -
2025-05-01		 a year crt.sh
statsapi.foxsports.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-12 -
2025-03-12		 a year crt.sh
*.imrworldwide.com
GlobalSign RSA OV SSL CA 2018		 2024-05-16 -
2025-02-02		 9 months crt.sh
*.dotmetrics.net
Amazon RSA 2048 M03		 2024-07-23 -
2025-08-20		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-06 -
2025-04-03		 6 months crt.sh
script.crazyegg.com
Cloudflare Inc ECC CA-3		 2024-08-02 -
2024-12-31		 5 months crt.sh
*.google-analytics.com
WE2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-02 -
2025-08-07		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M03		 2024-04-21 -
2025-05-19		 a year crt.sh
t.co
E5		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-02 -
2025-10-01		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-10-14 -
2025-04-14		 6 months crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
*.id5-sync.com
E5		 2024-09-01 -
2024-11-30		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
www.newsconnect.com.au
Amazon RSA 2048 M02		 2024-02-08 -
2025-03-08		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-13 -
2025-04-11		 6 months crt.sh
logx.optimizely.com
WR3		 2024-09-16 -
2024-12-15		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M03		 2024-02-28 -
2025-03-29		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
1657490710.rsc.cdn77.org
E5		 2024-08-20 -
2024-11-18		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-25		 3 months crt.sh
teads.tv
R10		 2024-09-02 -
2024-12-01		 3 months crt.sh
sp-ad-exch-prd-two-eks.prd.eks.sp.adexchange.gumgum.com
Amazon RSA 2048 M02		 2024-04-05 -
2025-05-04		 a year crt.sh
casalemedia.com
E6		 2024-10-13 -
2025-01-11		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
ads.playground.xyz
WR3		 2024-09-26 -
2024-12-25		 3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-25 -
2025-10-26		 a year crt.sh
*.eu-1-id5-sync.com
R10		 2024-09-01 -
2024-11-30		 3 months crt.sh
*.sc.omtrdc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-07 -
2025-03-09		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-04-24 -
2025-04-17		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
metrics.heraldsun.com.au
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-20 -
2025-07-21		 a year crt.sh
*.eu-3-id5-sync.com
E5		 2024-09-01 -
2024-11-30		 3 months crt.sh
*.eu-4-id5-sync.com
E5		 2024-09-01 -
2024-11-30		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-21		 3 months crt.sh
bonzai.co
Amazon RSA 2048 M02		 2024-09-02 -
2025-10-01		 a year crt.sh
tpc.googlesyndication.com
WE2		 2024-10-07 -
2024-12-30		 3 months crt.sh
au.audience.newscgp.com
Amazon RSA 2048 M02		 2024-02-27 -
2025-03-26		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-11 -
2025-03-14		 a year crt.sh
*.bonzai.co
Amazon RSA 2048 M03		 2023-11-26 -
2024-12-24		 a year crt.sh
*.insightexpressai.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-16 -
2025-01-16		 a year crt.sh
edge.adobedc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-22 -
2025-11-22		 a year crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2024-05-26 -
2025-06-24		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-27 -
2025-09-27		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2024-07-30 -
2025-08-31		 a year crt.sh
bannerflow.net
WE1		 2024-10-04 -
2025-01-02		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh
indexww.com
WE1		 2024-10-01 -
2024-12-31		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-06-13 -
2025-07-15		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M03		 2024-04-25 -
2025-05-23		 a year crt.sh
*.google.com
WE2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 49 frames:

Primary Page: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Frame ID: F486A0DE244388E9394384B605EF42A2
Requests: 329 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=QcQaCnDhcUQg446oPRJnDtOMhCVNeYqD&nonce=MI1EjAqPzw-5qsSxm5QZgd22QUvpiL6u&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4xIn0%3D
Frame ID: 3A650DCE7FF6E6E5B6F61C638C32F495
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2Fwww.heraldsun.com.au
Frame ID: 67445433E812286C288F3740144131EF
Requests: 1 HTTP requests in this frame

Frame: https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Frame ID: BD522622ED045091FFA651FA08C59498
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Frame ID: 644649997FEF880CBB9734FC9719ED64
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 723808E3E5156355CC4BA93537E78FA1
Requests: 1 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: 27705E3BD2CAAE24AF252B1360F91D11
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 275B2E6CD721C629D57F19378BA5B354
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1729728661575&publicationId=heraldsun.com.au
Frame ID: D4FBD2593D4312C27C4D5DF0FED96E37
Requests: 1 HTTP requests in this frame

Frame: https://14643376.fls.doubleclick.net/activityi;dc_pre=CM-k3rPdpYkDFUKf6QUdeN0IBQ;src=14643376;type=hs;cat=hs_02;ord=7883958760866;npa=0;auiddc=2113534853.1729728662;gdid=dYmQxMT;ps=1;pcor=295108881;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101794737~101823848;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2F
Frame ID: 1BA737784CA94508FE772450BC9129F3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14643376;type=hs;cat=hs_02;ord=7883958760866;npa=0;auiddc=2113534853.1729728662;gdid=dYmQxMT;ps=1;pcor=295108881;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101794737~101823848;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2F
Frame ID: B881BCA673AB7C26394170377861EA4D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 8C6495DED66787FC166DE4C3DE8B42AD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 0B4389FE13B86092CF6A74AE1B8BAB11
Requests: 1 HTTP requests in this frame

Frame: https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Frame ID: 9F0AD3BB8E4B346D661C1555674776B1
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: F5E6C0BAA4870F320E67ED0070467764
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg_3lift&dcc=t
Frame ID: 5AD7FFB88051C73AC8DBC40AECE50758
Requests: 1 HTTP requests in this frame

Frame: https://5e5a2302d9c6be5d3eab8b0e5bd66b7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C71D996E09EE137678AB42D9AC9C391C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqRA142HjSZlR04ODXMGEv2Azno-Nu0Sx_tFniZ5dVavroml4KL4cZBI0VH4JsbWRfj27aDw3EKGugGg-Am209BkWDRw1B6nyR6AEZ9ICB_6__U07a--i98RsT5kYOF5ZCWbDbX_S4t_H0bmfH7iPgEUhYkIOEcoFrofQhXqK4yydaPw3cGxFfn0zo5NzTtIFZisEwF-RFZ5Lf-uZNbohoDovxjLqNC-ZbHEP44nipd_FmnFNbX8vYwTV9pXXchwK7RN8GCQZasv6K-5wdbenU6XCNTKCOTJJM3DHJGimjL1kOZoBUWvTDBD3jvpJBgOvPGJz4cGRynKjcuL_znwI8BzU1MxeFvx1KTX-2N8R5fCEEn8r6z3Sy8e_l5ANzjeA5&sai=AMfl-YSNGvfoJ2ejMeQcWQO_oTaGXADhpNvF20SuWXJUBi980y8s1AIxUP-o9fzJPIlZ4JLL9wI66Wx6mL8pEoPnuT5Eb7fbDJlsR1xb1ipks4VylzDHebd0pBaqJSsK&sig=Cg0ArKJSzNw-3e5Q7SfoEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 48859965C6CC74662950F4D52201DDB2
Requests: 41 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDRnHiKrsLMIuLq7yTcrCZeDYlu8goKUe5-fY1aLsgEIKf-kj9H404iXKr_fueBwun-ZqPwNcyNgAjEh9JKUZdUM58hnEqOA7t7IS5MyUTLsRewzZhMSTXVmCTx4P5glUZQElX3KTvEHDC1VNkVrelgtCMcBOzJaKAZzoAbqT16q51dHS14TqfI7t9Tj-yKHNBei0cwXgAtYlNAgdzN-zdd-scdfyiUGvw4yCaBNrWYc_zehcdk3QRyzrD6ualuYLqk5WIU8rzd_p0xoKKE_0_zoSCPFMO0aYR65c1HXOaJZliDhl-XeIWRkT185EDl7Oj596Aj1VCV1Pc5kGGROoD_PohzWIx65UcI5Xi320fE0PN2Y8oHfVrI6nRK-kWKFHD&sai=AMfl-YRNyIJWQ2J4xsiqyrxL9GxkKGprWpH1YVpiKhR5D8v1e0AANT7CF5MbpvUL7J7dqDhakQSFR5SS1P3DgfymIjXgLJhKX2JCOnw_xmuy63V7FNtYA595623AHUKt&sig=Cg0ArKJSzPlDKP99gUwiEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E01F6E97F13708145CE0C02DDB3BD522
Requests: 30 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfAJjXZxBEKn55ygIs0W0xARAdG35afCW9GVK5H_SKay7ZnM1jK1C2MW2MgcWWIrfTh2ZC-JjaJvv1g9B4iyttodTkHuQ4k1QekGJU0YbCQo_dlCmLE5InYFr3F_z8-0iV4e0QJnDvpC0aB6b4klIEda0ThexBL-MJF0KFoUFRB_zfsgnlUkDQ7pCnjpgm3SMEYLtPeDDNuYzbocL2ENb1gj-i433Vn3LCIOmbKnFFPGvk9nhSPmei9-ohsDgMfrYeoW8wvBUbyUdVmN2Q3nGtFWmNAiTt6rAa-HLCgXjBfOmMrViJer8YfyaxvAExbordhTBET2n1xuyoJSKu569NpM5wVpjRdRnlotuXX2viOITITr6YzALJWis19djP4Tgv&sai=AMfl-YRaDBkOGQUjXR3DhXEovtxTBZsywUQkEusxXv7rP_scf7y8GHy1AbGodsm9ZGeFPDs-hDRfgek0mEiO2W6fAeUxBhKkhuhfwqCEGClghfXEKAwj3mJZ6dmo_Gjc&sig=Cg0ArKJSzKwG_n8h3Z9BEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: A7078E36DC16340229DC7A3688A25D53
Requests: 27 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWrRC2eBCezUGjb9XltbXtpQtIBWV3HcVROeO6OMOo1dGBLJbvH0gnygNvsKhRBGD7fC5_JFP9gLavqXo-xfQ17-Mhmh3P2hze4wDdD5X8-MFsLSsRRh4dmo8kK_jx49kCvMV7gMhb7rOcFM4uVqyfcR7-9MmV1WO_1bnUj-QzdmC13799_-Sirfs_ElBGgyhDju5-2-ql5muWV0KVLzJ3WssDyE3m2DsLsDCM0akPEAuxai7e5OQ692HBtWQxlzvLAABUygTCQUasMOLyI6TGCiZTsTasDOLZ7FY-do5jqUoHMFfQ7ENaZlqqT887OABSLR3u14JAwYOJy_XRjWHkJkg-WYkliNmSw9mpz8bhhq7ROda4IDuo55HptFjCuVlAQ7oSFaT8EjayVnXT6XW9PAzISOTNa6A-&sai=AMfl-YTCFXts_0AsMTIkj2eOZxvSHzlH6qwxcStFfG2-HYNK-a48BOrap3PLBTh91y3vgOTouhs9Ky18DDigg2xnl8NXq6qadAXV8ZiMUdvzd5nU1CJxLgCTd1ySOBGA&sig=Cg0ArKJSzAjY_pxZXcirEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: BE8E478FA0FAFB0E2C5CB205DFAE69CA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 96B6EFDF4C217B7C591A0C417E549E22
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWuqIAV7O_KAP68euCSQOVYR9xlEDZkTbUWBLOKON9G0m1bcoGA6MaqwkoSZNjCt7-4vEfHjmXS__R3d5lG2bxK-qNvBgOH_iZ1UR2zUnWCB-xrGmvECWjPGPDaeNxpKhRMG2MWIDCM50oKPVJzV8bQBsnt0LTOIDJjbo-g2b8ZVTW1WBxxEGpeeOdUj72tbV7tFcQCcYolB8aENV3nz-sG-nOUlAOLge01wmDviw6pwQN69khgFL2sWsbE8ptTYwd5tpsIul3kkk1ZTQ4RU87m2zXhBa5sTC5HdRItU8skWm-adGiI4_SaOGBAYSXmtkgB-BACcp1duqqFSjzk3spMeDAcMfZEcj2zWqtkmNjH2VG_5LllapwlSgUJoq_giPuaA4WNgVxhrMtq90iDHzmHdz-LSLjjz2Y&sai=AMfl-YSCA0S_vs15hfLX73qL2toobU0nYzpx5078AjUIdRrFaalfiOq2HM5OXc4MAG-_ZjstWuVbGGJsrt4_msnq6Dnd1LyT6zMQ5LKZoRg97XXHA6jfO53PeJ-BzfGM&sig=Cg0ArKJSzKoK1EnhqucSEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: DC9BF578D4783F997E7AFE7EF3A8BF25
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D29D6F544477679C6C17888134963E9A
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=4570579583&chanId=171638111&placementId=6765373081&pubCreative=138493502319&pubOrder=3573136523&cb=1436500954&custom=homepage&custom3=168400391&adsafe_par&impId=740058b4-919c-11ef-9989-4a6c65c49a86
Frame ID: 6BD9B0232674C86FD4BC2AF815C92699
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=171638111&placementId=5969529023&pubCreative=138491351429&pubOrder=3004275014&cb=208616831&custom=homepage&custom3=168400391&adsafe_par&impId=740058b9-919c-11ef-9989-4a6c65c49a86
Frame ID: CCBCF1983CBBC2BBADEDE6F93C2F5B36
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5276126762&pubCreative=138472924819&pubOrder=2553375348&cb=1114352645&custom=homepage&custom3=168400391&adsafe_par&impId=740058b6-919c-11ef-9989-4a6c65c49a86
Frame ID: 203647132EFD74B30A486AB5F73D2399
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=4570579583&chanId=171638111&placementId=6765373081&pubCreative=138493502325&pubOrder=3573136523&cb=614708568&custom=homepage&custom3=168400391&adsafe_par&impId=740058b5-919c-11ef-9989-4a6c65c49a86
Frame ID: 40CECDAFAB05D0A288E68C60B0175FA3
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=4570579583&chanId=171638111&placementId=6765373081&pubCreative=138493502322&pubOrder=3573136523&cb=571927999&custom=homepage&custom3=168400391&adsafe_par&impId=740058b8-919c-11ef-9989-4a6c65c49a86
Frame ID: 51853C4D36F61529A6CD5C38F09AB0F3
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 21F439716F20549DAA18DEDD85B467DA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D8DC6937976AA047F32AC7E04D8F346E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E775FEA9653D8DCC67A3D2061E426CCD
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZxmQmgAAJ2Ao4gAX
Frame ID: 95ABA6D7A288D3CD95798DC50DBC750C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: 72E100CD7F5C5A0501EFD29250F43FB5
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: A42119257CEE73BB9368E4F3390B615B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 0A8D3491718B3E26510B7B7689000116
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 412E7A6C13F3FBA86FDCA4DA55A4F770
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: F5174B7987CE51DF3B16F239E998E284
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: B5490BB06DF466583A373063204658E9
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0&paapi=1
Frame ID: 03664F4A333306B1768343037EB701F7
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0&paapi=1
Frame ID: 09875E09DA6FF2DA735CF6D4A30A83C4
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: F564F790EB687C9EE1BA755D90587260
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Frame ID: E6EF7397C1D5138ABFB2ADA06DB09FC8
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.heraldsun.com.au/8a2fc7f1-c021-49a3-9462-b95da41e270e
Frame ID: 121B486F1E1C08A0251BE2F3B726389D
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.heraldsun.com.au/863e09a4-2b48-4cfa-975c-05c40ec6c986
Frame ID: 7F496D0E8EDC3CD39B6FEDE4CFF3CEBE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 67CAF389FC9A20C93A1EBB5171576318
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 65B657E33215A57E631C8CFF69CDE189
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Ftabcorp%2F57693bd09db2141338c63aba%2Fpublished%2F9521386%2F11223296%2F632b48cf-c381-4a04-a51e-d48568168512.png&w=151&h=216&q=99&f=webp&rt=contain
Frame ID: 33DBF572D28836C22C82C0F0F7D72824
Requests: 5 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Ftabcorp%2F57693bd09db2141338c63aba%2Fpublished%2F9521384%2F11223296%2F632b48cf-c381-4a04-a51e-d48568168512.png&w=332&h=450&q=99&f=webp&rt=contain
Frame ID: 39472CDDD74DEB5453BA89BA8E495A98
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Herald Sun | Breaking News and Headlines from Melbourne and Victoria | Herald Sun

Page URL History Show full URLs

  1. https://www.heraldsun.com.au/ HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&172... HTTP 302
    https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 10%
Detected patterns
  • basket.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

494
Requests

98 %
HTTPS

35 %
IPv6

73
Domains

136
Subdomains

122
IPs

9
Countries

5182 kB
Transfer

18762 kB
Size

208
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.heraldsun.com.au/ HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&17297286581197528487 HTTP 302
    https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 217
  • https://14643376.fls.doubleclick.net/activityi;src=14643376;type=hs;cat=hs_02;ord=7883958760866;npa=0;auiddc=2113534853.1729728662;gdid=dYmQxMT;ps=1;pcor=295108881;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101794737~101823848;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
  • https://14643376.fls.doubleclick.net/activityi;dc_pre=CM-k3rPdpYkDFUKf6QUdeN0IBQ;src=14643376;type=hs;cat=hs_02;ord=7883958760866;npa=0;auiddc=2113534853.1729728662;gdid=dYmQxMT;ps=1;pcor=295108881;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101794737~101823848;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2F
Request Chain 244
  • https://cm.everesttech.net/cm/dd?d_uuid=20480451223360826752510154147301968325 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZxmQlgAAAB6fIgOn
Request Chain 245
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg_3lift&dcc=t
Request Chain 306
  • https://ad.doubleclick.net/ddm/trackimp/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402775176;dc_trk_aid=594358249;dc_trk_cid=206347952;ord=1630185055;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402775176;dc_pre=CJy-jbXdpYkDFTahZgIdTiwPgg;dc_trk_aid=594358249;dc_trk_cid=206347952;ord=1630185055;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
Request Chain 361
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZxmQmgAAJ2Ao4gAX
Request Chain 363
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=7171260968332764503
Request Chain 446
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=967E8D208BBB4A6BADEBEFE729EFFA36&RedC=c.clarity.ms&MXFR=09070CA5F1416177208A1987F5416FBD HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=967E8D208BBB4A6BADEBEFE729EFFA36&MUID=3220B060381E6BD03D9AA542392C6AF7

494 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heraldsun.com.au/
Redirect Chain
  • https://www.heraldsun.com.au/
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f
  • https://www.heraldsun.com.au/
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&17297286581197528487
  • https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
444 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
23ca406ad8056b9e5395b9bd47c5d3dbf8f17edec80d7e2a80603c9e6c68fdc7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

akamai-grn
0.c9b42e17.1729728658.9207600e
blaizehappened
true
cache-control
max-age=0, no-cache
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Thu, 24 Oct 2024 00:10:59 GMT
expires
Thu, 24 Oct 2024 00:10:59 GMT
host-header
a9130478a60e5f9135f765b23f26593b
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 453810 0 pmb=mTOE,4
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3d8d7ab3017569bbb26e044e3b23694b8d-1729728658&blaizehost=v4-news-au-heraldsun.cdn.zephr.com&content_id=&session=8d7ab3017569bbb26e044e3b23694b8d
x-content-type-options
nosniff
x-elasticpress-query
true
x-pathqs
TRUE
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
syd3 123 243 443
x-xss-protection
1

Redirect headers

cache-control
max-age=43012
content-length
154
content-type
text/html
date
Thu, 24 Oct 2024 00:10:58 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1692680720.184261"
location
https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
server
AkamaiNetStorage
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-id-2
wh9KebbyRj+d142y6tc21p5N8dWqVI/mnkEOS3Nwey+jIgd6KJX2pmQ6oREneLwnX6WcrkmhkgQ=
cache-control
max-age=358150
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
x-amz-request-id
4D1GJEGT1GCV0Y5Q
expires
Mon, 28 Oct 2024 03:40:09 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
11472
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Thu, 09 Mar 2023 05:34:59 GMT
content-type
binary/octet-stream
server
AmazonS3
x-amz-server-side-encryption
AES256
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-id-2
SDXHYbYN+u6ZH+AlsWcwU4O5dD4wD/aXkAVnJrVgnSyXTd4JQWGAbvUhccov1qyNu4GImKo+LG4=
cache-control
max-age=469533
etag
"ad24be3fafec705de20c00e56afe05ae"
access-control-allow-methods
GET,POST
x-amz-request-id
1Q5F0NCFGRNN1BTF
expires
Tue, 29 Oct 2024 10:36:32 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
12052
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Thu, 09 Mar 2023 05:35:46 GMT
content-type
binary/octet-stream
server
AmazonS3
x-amz-server-side-encryption
AES256
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=377436
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
x-amz-request-id
F7E2190ABEAFEACB
expires
Mon, 28 Oct 2024 09:01:35 GMT
accept-ranges
bytes
access-control-allow-origin
*
akamai-loopback-request
8096267
content-length
12440
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
content-type
binary/octet-stream
server
AmazonS3
x-amz-id-2
3wulICxh/KLwsczwJ5Fw4CNIu9UOxfPR6nLjFm3iqdm1Wh/TT35AXwT7xymgYwZPwRjSC6kR16E=
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=157233
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
x-amz-request-id
CD6AACE1C37E02E4
expires
Fri, 25 Oct 2024 19:51:32 GMT
accept-ranges
bytes
access-control-allow-origin
*
akamai-loopback-request
8096267
content-length
11372
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
content-type
binary/octet-stream
server
AmazonS3
x-amz-id-2
B6yUAZV76p9iKhlDfZ6cX1MgEb+Xny7j/C6NlGNMpuXXyIkj1UOiJH9GdXPTewBvFTjuwQTSRos=
lux.js
cdn.speedcurve.com/js/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
23632298a968545abac13f897d144ed3e70df843d2d42a407194b21305233645

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
age
8105
expires
Wed, 30 Oct 2024 21:55:54 GMT
x-cache
HIT
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 21:55:54 GMT
content-type
application/javascript; charset=utf-8
x-cache-hits
1343
x-served-by
cache-syd10124-SYD
vary
Accept-Encoding
cache-control
max-age=604800
timing-allow-origin
*
x-timer
S1729728660.709866,VS0,VE0
via
1.1 vegur, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
10256
server
Apache
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
db66bcc0be3d8c0ebef24695348e506fc4e08e1da99455465f097bd34f9a7424
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658

Response headers

content-encoding
gzip
etag
W/"6716dde0-a67"
expires
Thu, 21 Nov 2024 03:16:07 GMT
date
Thu, 24 Oct 2024 00:10:59 GMT
content-type
application/javascript
last-modified
Mon, 21 Oct 2024 23:04:00 GMT
vary
User-Agent
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=2430308
x-rq
syd3 123 242 443
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
accept-ranges
bytes
content-length
1098
akamai-grn
0.c9b42e17.1729728659.92077f0e
server
nginx
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
56f1fba775d8ddaef8a95da0f7b87008c3440463b2999500397f78514e9180f6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658

Response headers

content-encoding
gzip
etag
W/"6716dde0-1d21"
expires
Thu, 21 Nov 2024 03:19:21 GMT
date
Thu, 24 Oct 2024 00:10:59 GMT
content-type
application/javascript
last-modified
Mon, 21 Oct 2024 23:04:00 GMT
vary
User-Agent
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=2430502
x-rq
syd3 123 242 443
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
accept-ranges
bytes
content-length
2897
akamai-grn
0.c9b42e17.1729728659.92077f6f
server
nginx
css-metro-desktop-critical-homepage.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		189 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=hqwasd/2cr0YK5Z2j0J8dLGND0g=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d55d30f6a858a4cf5d8d67a0462072a2def6e48b7ab0f714c7c91a41cd556386
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658

Response headers

content-encoding
gzip
etag
W/"67186de8-2f237"
expires
Fri, 22 Nov 2024 03:35:37 GMT
date
Thu, 24 Oct 2024 00:10:59 GMT
content-type
text/css
last-modified
Wed, 23 Oct 2024 03:30:48 GMT
vary
User-Agent
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=2517878
x-rq
syd3 123 242 443
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
accept-ranges
bytes
content-length
27364
akamai-grn
0.c9b42e17.1729728659.92077605
server
nginx
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/server-side-interactive-loader/assets/ 		1 B
405 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/server-side-interactive-loader/assets/style.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
"68b329da9893e34099c7d8ad5cb9c940"
x-amz-version-id
B_rLYGDycCgczvXoEb2QfvziYZjYRZrD
expires
Thu, 24 Oct 2024 00:35:45 GMT
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 03:36:43 GMT
vary
Accept-Encoding
content-type
text/css
x-amz-id-2
tiwzl4jBmiCd9zku9eLGowbsgaso44qyHkDfs43NjHTRuy9SaEG/MYX4gt1FdiMEeSKaMguSQEvN9gQdWxgyA5X8gAH+eXTD
cache-control
max-age=1486
x-i
true
x-amz-request-id
FZX8FVPTMD5NTCAM
accept-ranges
bytes
content-length
21
server
AmazonS3
x-amz-server-side-encryption
AES256
50a199ee
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/50a199ee
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
453ac8f426f85203c18a7613451506d2055622ef50239f472d4a92300da8939c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658

Response headers

blaizehappened
true
content-encoding
gzip
etag
"282a5f3f354d3072b9bd01cf30f1a6805233734f4d7229ed8b89889e1304bd76"
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f50a199ee&blaizehost=v4-news-au-heraldsun.cdn.zephr.com&content_id=&session=8d7ab3017569bbb26e044e3b23694b8d
x-arrrg4
https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
expires
Thu, 24 Oct 2024 00:10:59 GMT
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Thu, 22 Feb 2024 19:46:02 GMT
content-type
application/javascript
vary
User-Agent
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=21600
pragma
no-cache
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-length
8761
akamai-grn
0.c9b42e17.1729728659.92077f71
stored-attribute-sha-checksum
453ac8f426f85203c18a7613451506d2055622ef50239f472d4a92300da8939c
x-pathqs
TRUE
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		18 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3bf4ca5019e61a74b2a52ed0de5170967421ed774594428ad5f8a3b2bf72bced
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658

Response headers

content-encoding
gzip
etag
W/"66fc80bf-4964"
expires
Thu, 24 Oct 2024 00:15:59 GMT
date
Thu, 24 Oct 2024 00:10:59 GMT
content-type
image/svg+xml
last-modified
Tue, 01 Oct 2024 23:07:43 GMT
vary
User-Agent
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
must-revalidate, max-age=300
x-rq
syd3 123 243 443
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
accept-ranges
bytes
content-length
6979
akamai-grn
0.c9b42e17.1729728659.92077607
server
nginx
trueskins.css
d2n6ofw4o746cn.cloudfront.net/performance/trueskins/prod/ 		144 B
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2n6ofw4o746cn.cloudfront.net/performance/trueskins/prod/trueskins.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2774:3000:1e:9240:9c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f0e7f108bf2c55c8fcc800e98d9efee7005e91cf92d11770d55487e4ce16725

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-version-id
PgBcr5v8bOZVx0Zpb5iljRaOiVpC7587
etag
"e9e3531185052248a7deed2e9e67cd83"
age
34
x-cache
Hit from cloudfront
x-amz-cf-id
bC2lHbStp5JAmQdlXvZDlEooX6BpOZq5i7663O6w2hXkPKTryDwP1w==
date
Thu, 24 Oct 2024 00:10:26 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Tue, 10 Sep 2024 01:16:32 GMT
via
1.1 dd92061892eeccf2295e6eb3a8dfc954.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
144
x-amz-meta-version-id
oUKl9H4fBSgqADmdQA7By7bHOtH8HNOM
x-amz-cf-pop
SYD62-P3
x-amz-meta-server-side-encryption
AES256
server
AmazonS3
x-amz-server-side-encryption
AES256
5b373ec31a66a33a97d3d18915066f5d
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/5b373ec31a66a33a97d3d18915066f5d?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
95a08a212ec52d96a615c067860844cabd42cd3c99df8b70833d02e827c953cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
5b373ec31a66a33a97d3d18915066f5d
cache-control
private, no-transform, max-age=5165502
x-o
CF
etag
69fdc92c6ba7a75b139a09f595f4bc03-5b373ec31a66a33a97d3d18915066f5d-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 19:02:41 GMT
access-control-allow-origin
*
content-length
4951
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 19:03:28 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
19adfd2d08e4e68780ef29cdbfb97174
content.api.news/v3/images/bin/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/19adfd2d08e4e68780ef29cdbfb97174?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
52fa58c05a84270e7a965601a98c2bc9203628db57346a38f5b98a8490408ebc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
19adfd2d08e4e68780ef29cdbfb97174
cache-control
private, no-transform, max-age=5179365
x-o
CF
etag
7598ac12cf7835553f937ccc43d0d05b-19adfd2d08e4e68780ef29cdbfb97174-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 22:53:44 GMT
access-control-allow-origin
*
content-length
3235
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 22:53:45 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
c8fa91c88ee66137e1e8d10492f78270
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c8fa91c88ee66137e1e8d10492f78270?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
01538933a03c1f2e197385ee81199bac19bad7ca9c96462399bc1729424f132e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
c8fa91c88ee66137e1e8d10492f78270
cache-control
private, no-transform, max-age=5170880
x-o
CF
etag
ff81a0003881105ab42b475c00dd70b8-c8fa91c88ee66137e1e8d10492f78270-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 20:32:19 GMT
access-control-allow-origin
*
content-length
4237
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 20:33:45 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
d993901cdc70d3cd9708e51618c290dd
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/d993901cdc70d3cd9708e51618c290dd?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4c114206b5af764408aa918f6e923d40846d6d21958c2ce8ab7365cedede6f44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
d993901cdc70d3cd9708e51618c290dd
cache-control
private, no-transform, max-age=5161866
x-o
CF
etag
752b71968d08a3234908c85e88faefaa-d993901cdc70d3cd9708e51618c290dd-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 18:02:05 GMT
access-control-allow-origin
*
content-length
6254
x-serial
1482
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 18:04:36 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
89a2e31a4927e1bc6fa7fe6ff0c55731
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/89a2e31a4927e1bc6fa7fe6ff0c55731?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
62cdd922047a534ff8783f5b409d1541c69e26fca059a3a0ba786638b189cee6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
89a2e31a4927e1bc6fa7fe6ff0c55731
cache-control
private, no-transform, max-age=5165458
x-o
CF
etag
29c0d92dfa29c6383baef6361fe2c665-89a2e31a4927e1bc6fa7fe6ff0c55731-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 19:01:57 GMT
access-control-allow-origin
*
content-length
4082
x-serial
1653
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 19:03:30 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
2d0406d892caa9c649563456808dd4c2
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/2d0406d892caa9c649563456808dd4c2?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4cdd9b6ac8a83eb3aa989f19605ba52ac3f01a0bb2a73bb1deb1dea8d1518ff5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
2d0406d892caa9c649563456808dd4c2
cache-control
private, no-transform, max-age=5109315
x-o
CF
etag
8a3da31b7bf5696af70bbef6734aeb87-2d0406d892caa9c649563456808dd4c2-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 03:26:14 GMT
access-control-allow-origin
*
content-length
3889
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 03:27:47 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
f91981e2e38f8b6d69db5f3d63bb1464
content.api.news/v3/images/bin/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f91981e2e38f8b6d69db5f3d63bb1464?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
cb6f723a4efe0010bf2ede04ea9b353a5408550ae43b102b36ef92110e638757

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
f91981e2e38f8b6d69db5f3d63bb1464
cache-control
private, no-transform, max-age=5112100
x-o
CF
etag
26fe37845e8140573647917469160da8-f91981e2e38f8b6d69db5f3d63bb1464-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 04:12:39 GMT
access-control-allow-origin
*
content-length
2021
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 04:11:41 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
8cadc45fd835e75aac33103cf05ffb20
content.api.news/v3/images/bin/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/8cadc45fd835e75aac33103cf05ffb20?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
15616bd182d6f017213b7a26a288b15c3248d68ce9f563e86b143e26190df42d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
8cadc45fd835e75aac33103cf05ffb20
cache-control
private, no-transform, max-age=5173819
x-o
CF
etag
ae5c6ca65d4947ec46f03f527c1b552f-8cadc45fd835e75aac33103cf05ffb20-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 21:21:18 GMT
access-control-allow-origin
*
content-length
5339
x-serial
1795
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 21:21:47 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
99b077010a6e04cf3905e46ebdc76d7b
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/99b077010a6e04cf3905e46ebdc76d7b?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
69457da1386fe8c2e7e7f36c826e462348d382ad28175cfed0e106243e3a9a20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
99b077010a6e04cf3905e46ebdc76d7b
cache-control
private, no-transform, max-age=5170140
x-o
CF
etag
7c3d21f477c55d6e23bbda87582502f5-99b077010a6e04cf3905e46ebdc76d7b-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 20:19:59 GMT
access-control-allow-origin
*
content-length
4246
x-serial
1189
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 20:20:27 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
rea-logo.png
d2n6ofw4o746cn.cloudfront.net/bob/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2n6ofw4o746cn.cloudfront.net/bob/images/rea-logo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2774:3000:1e:9240:9c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
x-amz-version-id
fJFk.rSD7m0my1Uc67iV0dc4uKOxz4yR
etag
"731035d55715734eff2f2a0f9afb31e7"
age
48058
via
1.1 dd92061892eeccf2295e6eb3a8dfc954.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
28648
x-amz-cf-id
7eeWz8pwRZT0ay8aWS_kbhat9byAnO-74ef2c1zt5jUNUjkwtAqf3Q==
date
Wed, 23 Oct 2024 10:50:02 GMT
content-type
image/png
last-modified
Thu, 09 Sep 2021 21:17:00 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P3
vary
Accept-Encoding, Origin
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css?ck=hqwasd/2cr0YK5Z2j0J8dLGND0g=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658

Response headers

content-encoding
gzip
etag
W/"671859ab-2b16"
expires
Fri, 22 Nov 2024 03:34:58 GMT
date
Thu, 24 Oct 2024 00:10:59 GMT
content-type
text/css
last-modified
Wed, 23 Oct 2024 02:04:27 GMT
vary
User-Agent
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=2517839
x-rq
syd3 123 243 443
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
accept-ranges
bytes
content-length
1483
akamai-grn
0.c9b42e17.1729728659.92077f73
server
nginx
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css?ck=hqwasd/2cr0YK5Z2j0J8dLGND0g=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658

Response headers

content-encoding
gzip
etag
W/"671859a9-84b3"
expires
Fri, 22 Nov 2024 03:34:33 GMT
date
Thu, 24 Oct 2024 00:10:59 GMT
content-type
text/css
last-modified
Wed, 23 Oct 2024 02:04:25 GMT
vary
User-Agent
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=2517814
x-rq
syd3 123 243 443
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
accept-ranges
bytes
content-length
6839
akamai-grn
0.c9b42e17.1729728659.92077f74
server
nginx
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css?ck=hqwasd/2cr0YK5Z2j0J8dLGND0g=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658

Response headers

content-encoding
gzip
etag
W/"671859a9-c14"
expires
Fri, 22 Nov 2024 03:33:00 GMT
date
Thu, 24 Oct 2024 00:10:59 GMT
content-type
text/css
last-modified
Wed, 23 Oct 2024 02:04:25 GMT
vary
User-Agent
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=2517721
x-rq
syd3 123 242 443
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
accept-ranges
bytes
content-length
956
akamai-grn
0.c9b42e17.1729728659.92077f75
server
nginx
adblock.js
tags.news.com.au/prod/adblock/ 		421 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28f::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
490954563013c39f826605c7a17570e4a71301e4432a49ee4b07b00d0460c03a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=37567
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-length
421
etag
"8c899c505404a4e94b0b880ca52312e2:1721884607.831826"
date
Thu, 24 Oct 2024 00:10:59 GMT
content-type
application/x-javascript
server
AkamaiNetStorage
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=hqwasd/2cr0YK5Z2j0J8dLGND0g=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=148112
content-encoding
gzip
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
x-amz-request-id
0V20VHDSH0MJTWZ3
expires
Fri, 25 Oct 2024 17:19:31 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
347
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
vary
Accept-Encoding
server
AmazonS3
content-type
image/svg+xml
x-amz-id-2
KUJyKo1AaEAfC//LEA5tsS/9dr4Eaq94GA+6GqOMpfKTAN7jvt+zkSxPJNrFXfciHeL6me9CeJQ=
ktv-icon.jpg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ktv-icon.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=hqwasd/2cr0YK5Z2j0J8dLGND0g=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fdba8926b943ef611fc6efc98f34bf6b946006bca29a6ca711c03f94e9b770ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-id-2
nCWppB/Mxflt6eA82naOaTUuThfVv8dduJjYXRjIafBhqrl+FAsfFHYC++GNS2P259Kdvkf6gOM=
cache-control
max-age=377006
etag
"481ac438f263d8b4ef0b66cb4ae1364c"
access-control-allow-methods
GET,POST
x-amz-request-id
Z4MCCJZF15R9B5PP
expires
Mon, 28 Oct 2024 08:54:25 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1051
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Thu, 09 Nov 2023 00:18:01 GMT
content-type
image/jpeg
server
AmazonS3
x-amz-server-side-encryption
AES256
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=hqwasd/2cr0YK5Z2j0J8dLGND0g=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=89256
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
x-amz-request-id
E0B12B7B870EDA55
expires
Fri, 25 Oct 2024 00:58:35 GMT
accept-ranges
bytes
access-control-allow-origin
*
akamai-loopback-request
8096267
content-length
16112
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
content-type
binary/octet-stream
server
AmazonS3
x-amz-id-2
2VMJauet00FubEYlht7eWsfXQW2Iw2iHd8GcgpZjn8GzR6DSmpapY9riEyAEp6MCF8HbQ3vzMdA=
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=hqwasd/2cr0YK5Z2j0J8dLGND0g=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=528387
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
x-amz-request-id
YJ71GE00DD4359FC
expires
Wed, 30 Oct 2024 02:57:26 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
15948
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
content-type
binary/octet-stream
server
AmazonS3
x-amz-id-2
88Hhys0RgCTsBh0NkPVKpB7Gez4q3t/u6M0isTUrbvFvlDZRXmFnAHZgsNevFA/tXMF0l548C8U=
quote.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/icons/quote.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=hqwasd/2cr0YK5Z2j0J8dLGND0g=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
603fc565806e291180062d072e5a4ea084fc69a2b916975026ea7e94ebe04a3b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=hqwasd/2cr0YK5Z2j0J8dLGND0g=

Response headers

content-encoding
gzip
etag
W/"66a1d38e-539"
expires
Thu, 24 Oct 2024 00:15:59 GMT
date
Thu, 24 Oct 2024 00:10:59 GMT
content-type
image/svg+xml
last-modified
Thu, 25 Jul 2024 04:24:46 GMT
vary
User-Agent
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
must-revalidate, max-age=300
x-rq
syd3 123 243 443
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
accept-ranges
bytes
content-length
657
akamai-grn
0.c9b42e17.1729728659.92078293
server
nginx
d378f52396205c7d0145df6387d3b563
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/d378f52396205c7d0145df6387d3b563?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
bfb5a860c4f1f3c0e716dbcea977b8a4cf59a64b5291995f97932950a1d688eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
d378f52396205c7d0145df6387d3b563
cache-control
private, no-transform, max-age=5168126
x-o
CF
etag
7db6b0c7d622f506711e35d1169d700e-d378f52396205c7d0145df6387d3b563-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 19:46:25 GMT
access-control-allow-origin
*
content-length
4056
x-serial
1771
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 19:45:13 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
f79890d3aeccd1f4cf9b0a376099ba3e
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f79890d3aeccd1f4cf9b0a376099ba3e?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
44bd16ec29495234e087d137d3b053479988bde017d2f0e882897cbc8e1a5e2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
f79890d3aeccd1f4cf9b0a376099ba3e
cache-control
private, no-transform, max-age=5167914
x-o
CF
etag
8d47b3e604372fa770ae56fc54658090-f79890d3aeccd1f4cf9b0a376099ba3e-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 19:42:53 GMT
access-control-allow-origin
*
content-length
3969
x-serial
180
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 19:45:15 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
9a10995627ead03625a2a0fefe78c54f
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/9a10995627ead03625a2a0fefe78c54f?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f64cf6864b90f63061db2e3623aded6cf537d69a855d5c60f767ebbaf0987b3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
9a10995627ead03625a2a0fefe78c54f
cache-control
private, no-transform, max-age=5168072
x-o
CF
etag
3e403cd90e2430908ab0987c6079bc41-9a10995627ead03625a2a0fefe78c54f-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 19:45:31 GMT
access-control-allow-origin
*
content-length
4497
x-serial
1126
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 19:45:14 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
deeafb98464e3d3581f86b5214c483e9
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/deeafb98464e3d3581f86b5214c483e9?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7d2d80f36f0d24d212d7970d9189bdc36416fc6ecbbf8c96e12cf3f56bf9c9e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
deeafb98464e3d3581f86b5214c483e9
cache-control
private, no-transform, max-age=5168179
x-o
CF
etag
0b266b8bac0bd86fbece808680101f59-deeafb98464e3d3581f86b5214c483e9-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 19:47:18 GMT
access-control-allow-origin
*
content-length
3407
x-serial
187
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 19:45:13 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
e5298ae1cefd651a61faba60bb8ec476
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e5298ae1cefd651a61faba60bb8ec476?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
559a24e9fb260ed82f2d91adb2fc157e21c5d8865f84e29ba545a616fa6be09f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
e5298ae1cefd651a61faba60bb8ec476
cache-control
private, no-transform, max-age=5155214
x-o
CF
etag
3de23d2962976d2df425fbd9a6c0cf35-e5298ae1cefd651a61faba60bb8ec476-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 16:11:13 GMT
access-control-allow-origin
*
content-length
3765
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 16:11:44 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
b3b896008dab9f614fd12bc8428cf2c1
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b3b896008dab9f614fd12bc8428cf2c1?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
848dd0347c6f08c8d9dac84d7727ee5a933f28f47f4597639ce00b035740d0c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
b3b896008dab9f614fd12bc8428cf2c1
cache-control
private, no-transform, max-age=5178342
x-o
CF
etag
8f4d4a6fb2391ef81ad4f40926a911f2-b3b896008dab9f614fd12bc8428cf2c1-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 22:36:41 GMT
access-control-allow-origin
*
content-length
5844
x-serial
1529
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 22:36:13 GMT
content-type
image/webp
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
0586310321a0c01cfc3f35ce4643f40b
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/0586310321a0c01cfc3f35ce4643f40b?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
48fa411d21c1cd5a01d1a73544d69a664cac0ec632d4059b894b0059ce64e772

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
0586310321a0c01cfc3f35ce4643f40b
cache-control
private, no-transform, max-age=5103603
x-o
CF
etag
ab6e0189082acb3ac90285750194ff8b-0586310321a0c01cfc3f35ce4643f40b-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 01:51:02 GMT
access-control-allow-origin
*
content-length
3866
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 01:53:43 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
22afac91b1141c496ebfd0e05f9ed4d0
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/22afac91b1141c496ebfd0e05f9ed4d0?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
bb54b5d6cc7b085d3aa01f3f1f0b99a4ad0ecad835ae331f27e1dbe33296c92f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
22afac91b1141c496ebfd0e05f9ed4d0
cache-control
private, no-transform, max-age=5107356
x-o
CF
etag
9bccb16e60e0eb99d95288788b676a03-22afac91b1141c496ebfd0e05f9ed4d0-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 02:53:35 GMT
access-control-allow-origin
*
content-length
3982
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 02:51:33 GMT
content-type
image/webp
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
f43c7dc1fa82fdb48b08e171dbb6178f
content.api.news/v3/images/bin/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f43c7dc1fa82fdb48b08e171dbb6178f?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
544d7a04adcbb30a6a6bb59c4e6b02d12ee4cfbe8e2da4cd392ee3536bddccba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
f43c7dc1fa82fdb48b08e171dbb6178f
cache-control
private, no-transform, max-age=5181647
x-o
CF
etag
9aa97ea1620fff0a36009771232b03ee-f43c7dc1fa82fdb48b08e171dbb6178f-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 23:31:46 GMT
access-control-allow-origin
*
content-length
8169
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 23:33:31 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
46de3f69b5a11ce15d7e610fdecfa5c3
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/46de3f69b5a11ce15d7e610fdecfa5c3?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4deac7a30fd0f21abc67c91a422011f0a568fe338b25455d3f911ec90e3d515c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
46de3f69b5a11ce15d7e610fdecfa5c3
cache-control
private, no-transform, max-age=5180023
x-o
CF
etag
b8669a59eced3a9fc33823842cdcd145-46de3f69b5a11ce15d7e610fdecfa5c3-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 23:04:42 GMT
access-control-allow-origin
*
content-length
4818
x-serial
387
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 23:04:15 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
6328f7e8d83022f068f7df06c6406761
content.api.news/v3/images/bin/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/6328f7e8d83022f068f7df06c6406761?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6b8e98f56a1ae9ddeefc6fa70f1a12657c12cee8038f63b31cac4941077e9e0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
6328f7e8d83022f068f7df06c6406761
cache-control
private, no-transform, max-age=5125899
x-o
CF
etag
be33bbb0611311a7a2f2a771968e50a2-6328f7e8d83022f068f7df06c6406761-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 08:02:38 GMT
access-control-allow-origin
*
content-length
9151
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 08:01:14 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
496f44a6b1efaef4a906a86e5945600a
content.api.news/v3/images/bin/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/496f44a6b1efaef4a906a86e5945600a?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
73c992121bc16342feab123615f72c92bf46b9f89bea6a8409cec40bc1aab5d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
496f44a6b1efaef4a906a86e5945600a
cache-control
private, no-transform, max-age=5147403
x-o
CF
etag
db7d317aeae7461abbad6697f2f1cf6b-496f44a6b1efaef4a906a86e5945600a-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 14:01:02 GMT
access-control-allow-origin
*
content-length
7304
x-serial
1404
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 14:01:09 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
25cc00f852dbda8d401b806b508cbb68
content.api.news/v3/images/bin/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/25cc00f852dbda8d401b806b508cbb68?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6562868efa12dedb1e9505bd9836de90538d6b1783f3bf8d6e0d013b96afd1af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
25cc00f852dbda8d401b806b508cbb68
cache-control
private, no-transform, max-age=5109421
x-o
CF
etag
b128114adfacb94d862109d589cd094e-25cc00f852dbda8d401b806b508cbb68-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 03:28:00 GMT
access-control-allow-origin
*
content-length
8950
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 03:27:37 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
89b3f3be57f766b33b8875f48b3fa803
content.api.news/v3/images/bin/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/89b3f3be57f766b33b8875f48b3fa803?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
9aca17efcbc0f70d983a3bbca86f52bd054de1fab4a12b0a975cfc2d5d8b3eaf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
89b3f3be57f766b33b8875f48b3fa803
cache-control
private, no-transform, max-age=5116421
x-o
CF
etag
4eec821f183ed0e22ead99be90a95270-89b3f3be57f766b33b8875f48b3fa803-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 05:24:40 GMT
access-control-allow-origin
*
content-length
6433
x-serial
1053
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 05:24:08 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
37ce85214bbaddfd4cf4bd1762ac3c29
content.api.news/v3/images/bin/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/37ce85214bbaddfd4cf4bd1762ac3c29?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7861aa336f6a1dd7233f68606fb6ea40bf6f0fb7dc05d4320dcfb763cf45224d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
37ce85214bbaddfd4cf4bd1762ac3c29
cache-control
private, no-transform, max-age=5111388
x-o
CF
etag
cf1558ec9d052416ba366568f62cc998-37ce85214bbaddfd4cf4bd1762ac3c29-150
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 04:00:47 GMT
access-control-allow-origin
*
content-length
10730
x-serial
1345
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 04:00:42 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97850cbace25061a54450f46bf77ffa1a90630ffe6205d88248ed138d9e8064
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"bec5984e80fc3b03cc84e6e9d1f899f168a56fba76275813f3c304edf81637e0"
x-buildname
hoothoot
x-hostname
fen-hoothoot-asia-east1-spot-fpd7
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Language
strict-transport-security
max-age=15724800; preload
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
x-datacenter
gce-asia-east1
via
1.1 google
cf-ray
8d75bf3c488254f1-SYD
x-buildnumber
1507459579
server
cloudflare
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=hqwasd/2cr0YK5Z2j0J8dLGND0g=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=224514
content-encoding
gzip
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
x-amz-request-id
FX1R9SFR5N9N9ZDW
expires
Sat, 26 Oct 2024 14:32:53 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
342
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
vary
Accept-Encoding
server
AmazonS3
content-type
image/svg+xml
x-amz-id-2
Rc+4Hg4S2NcN2AmaJ2UPNJf4W+eylW29KzidSVFjowTh+8vQAYCPITkaXtNd1YmuEzxcu9GTWIk=
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=hqwasd/2cr0YK5Z2j0J8dLGND0g=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=335697
content-encoding
gzip
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
access-control-allow-methods
GET,POST
x-amz-request-id
57W7922MWFE04B2D
expires
Sun, 27 Oct 2024 21:25:56 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
284
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
vary
Accept-Encoding
server
AmazonS3
content-type
image/svg+xml
x-amz-id-2
hM9fv3rs4LbaPOK73JPsGl6yCP62HxgBzq87lSNd/NhjNiww6LqZsqcU3aAB9L2jy0MoclYhaT/WE/c03c0k6A==
d378f52396205c7d0145df6387d3b563
content.api.news/v3/images/bin/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/d378f52396205c7d0145df6387d3b563?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
00515960b0c9ce184feeeee4577e84a230876eaeb419773dc9fb9f5f08dc41cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
d378f52396205c7d0145df6387d3b563
cache-control
private, no-transform, max-age=5167850
x-o
CF
etag
7db6b0c7d622f506711e35d1169d700e-d378f52396205c7d0145df6387d3b563-650
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 19:41:49 GMT
access-control-allow-origin
*
content-length
42936
x-serial
1981
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 19:45:15 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
f79890d3aeccd1f4cf9b0a376099ba3e
content.api.news/v3/images/bin/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f79890d3aeccd1f4cf9b0a376099ba3e?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
074c8105e637af9a0b61007db8c601b0309f63b383df5ec70184dfdb83785dc6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
f79890d3aeccd1f4cf9b0a376099ba3e
cache-control
private, no-transform, max-age=5167972
x-o
CF
etag
8d47b3e604372fa770ae56fc54658090-f79890d3aeccd1f4cf9b0a376099ba3e-650
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 19:43:51 GMT
access-control-allow-origin
*
content-length
33927
x-serial
1540
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 19:45:15 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
9a10995627ead03625a2a0fefe78c54f
content.api.news/v3/images/bin/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/9a10995627ead03625a2a0fefe78c54f?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
3814a38c5f6c25c1138517ba2b887536b0be9cc8333ee26cc5e769423daacbec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
9a10995627ead03625a2a0fefe78c54f
cache-control
private, no-transform, max-age=5168184
x-o
CF
etag
3e403cd90e2430908ab0987c6079bc41-9a10995627ead03625a2a0fefe78c54f-650
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 19:47:23 GMT
access-control-allow-origin
*
content-length
50195
x-serial
1791
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 19:45:14 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
deeafb98464e3d3581f86b5214c483e9
content.api.news/v3/images/bin/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/deeafb98464e3d3581f86b5214c483e9?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d1f166e4555b8611bec2934bfb54bc6ea9f214415e3d0fed4f82456a7730591b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
deeafb98464e3d3581f86b5214c483e9
cache-control
private, no-transform, max-age=5167942
x-o
CF
etag
0b266b8bac0bd86fbece808680101f59-deeafb98464e3d3581f86b5214c483e9-650
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 19:43:21 GMT
access-control-allow-origin
*
content-length
25945
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 19:45:15 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
e5298ae1cefd651a61faba60bb8ec476
content.api.news/v3/images/bin/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e5298ae1cefd651a61faba60bb8ec476?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
5139383f772d94c6eaced5934b56d2cec4b67cf3d43b7ffcaf1fd9018bddd506

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
e5298ae1cefd651a61faba60bb8ec476
cache-control
private, no-transform, max-age=5155375
x-o
CF
etag
3de23d2962976d2df425fbd9a6c0cf35-e5298ae1cefd651a61faba60bb8ec476-650
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 16:13:54 GMT
access-control-allow-origin
*
content-length
30319
x-serial
652
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 16:12:09 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
b3b896008dab9f614fd12bc8428cf2c1
content.api.news/v3/images/bin/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b3b896008dab9f614fd12bc8428cf2c1?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
883188771890631548f5b55486402c92532aef177353ece05507882de4bd5e9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
b3b896008dab9f614fd12bc8428cf2c1
cache-control
private, no-transform, max-age=5178149
x-o
CF
etag
8f4d4a6fb2391ef81ad4f40926a911f2-b3b896008dab9f614fd12bc8428cf2c1-320
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 22:33:28 GMT
access-control-allow-origin
*
content-length
16456
x-serial
862
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 22:36:13 GMT
content-type
image/webp
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
0586310321a0c01cfc3f35ce4643f40b
content.api.news/v3/images/bin/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/0586310321a0c01cfc3f35ce4643f40b?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
9c557e5834134ee3ef30dcad545fd252013022a5c346e4730ac2b9f7e300b520

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
0586310321a0c01cfc3f35ce4643f40b
cache-control
private, no-transform, max-age=5103402
x-o
CF
etag
ab6e0189082acb3ac90285750194ff8b-0586310321a0c01cfc3f35ce4643f40b-320
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 01:47:41 GMT
access-control-allow-origin
*
content-length
11914
x-serial
2037
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 01:47:44 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
22afac91b1141c496ebfd0e05f9ed4d0
content.api.news/v3/images/bin/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/22afac91b1141c496ebfd0e05f9ed4d0?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
da52f4819a6e7f4829e15eb8680bea09248712abef3daf813e3ac9ae5d9c426d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
22afac91b1141c496ebfd0e05f9ed4d0
cache-control
private, no-transform, max-age=5107187
x-o
CF
etag
9bccb16e60e0eb99d95288788b676a03-22afac91b1141c496ebfd0e05f9ed4d0-320
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 02:50:46 GMT
access-control-allow-origin
*
content-length
11328
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 02:51:34 GMT
content-type
image/webp
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
f43c7dc1fa82fdb48b08e171dbb6178f
content.api.news/v3/images/bin/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f43c7dc1fa82fdb48b08e171dbb6178f?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2298e34de9a02c34d141e3b3c80b9436dec078a71bec49e2172549f46b0edcdf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
f43c7dc1fa82fdb48b08e171dbb6178f
cache-control
private, no-transform, max-age=5181784
x-o
CF
etag
9aa97ea1620fff0a36009771232b03ee-f43c7dc1fa82fdb48b08e171dbb6178f-320
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 23:34:03 GMT
access-control-allow-origin
*
content-length
22423
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 23:33:31 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
46de3f69b5a11ce15d7e610fdecfa5c3
content.api.news/v3/images/bin/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/46de3f69b5a11ce15d7e610fdecfa5c3?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e4210233f04de7043313314cd03e019da34c04961fcdbd3a95d9b2ef5b92925f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
46de3f69b5a11ce15d7e610fdecfa5c3
cache-control
private, no-transform, max-age=5179910
x-o
CF
etag
b8669a59eced3a9fc33823842cdcd145-46de3f69b5a11ce15d7e610fdecfa5c3-320
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 23:02:49 GMT
access-control-allow-origin
*
content-length
13233
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 23:04:18 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
6328f7e8d83022f068f7df06c6406761
content.api.news/v3/images/bin/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/6328f7e8d83022f068f7df06c6406761?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7b67bae1bdc13f5b0afc829b311c3dd3b6359a72eed8445a87492c2f6ff065f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
6328f7e8d83022f068f7df06c6406761
cache-control
private, no-transform, max-age=5125681
x-o
CF
etag
be33bbb0611311a7a2f2a771968e50a2-6328f7e8d83022f068f7df06c6406761-320
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 07:59:00 GMT
access-control-allow-origin
*
content-length
33058
x-serial
2022
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 08:00:26 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
496f44a6b1efaef4a906a86e5945600a
content.api.news/v3/images/bin/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/496f44a6b1efaef4a906a86e5945600a?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b4fb02f3c4ba1472d84ff6dfd6d8abcc722e7f99c80c37819b65dd88f2de65cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
496f44a6b1efaef4a906a86e5945600a
cache-control
private, no-transform, max-age=5147443
x-o
CF
etag
db7d317aeae7461abbad6697f2f1cf6b-496f44a6b1efaef4a906a86e5945600a-320
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 14:01:42 GMT
access-control-allow-origin
*
content-length
22312
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 14:00:54 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
25cc00f852dbda8d401b806b508cbb68
content.api.news/v3/images/bin/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/25cc00f852dbda8d401b806b508cbb68?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
012966219189af8b33ed26ef1be764608c84871350582d6ad301679629a9027f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
25cc00f852dbda8d401b806b508cbb68
cache-control
private, no-transform, max-age=5109262
x-o
CF
etag
b128114adfacb94d862109d589cd094e-25cc00f852dbda8d401b806b508cbb68-320
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 03:25:21 GMT
access-control-allow-origin
*
content-length
14636
x-serial
1012
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 03:27:39 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
89b3f3be57f766b33b8875f48b3fa803
content.api.news/v3/images/bin/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/89b3f3be57f766b33b8875f48b3fa803?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
9464e090618d205f309d2c0b9c348a6d4ac1e1a1df5d5ac897edf1a0faddec79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
89b3f3be57f766b33b8875f48b3fa803
cache-control
private, no-transform, max-age=5116333
x-o
CF
etag
4eec821f183ed0e22ead99be90a95270-89b3f3be57f766b33b8875f48b3fa803-320
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 05:23:12 GMT
access-control-allow-origin
*
content-length
17130
x-serial
759
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 05:24:06 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
37ce85214bbaddfd4cf4bd1762ac3c29
content.api.news/v3/images/bin/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/37ce85214bbaddfd4cf4bd1762ac3c29?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
285eb331cbbad9e0460eaf8cca7512ebeea7d8072608870886bb0e5ff155413f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
37ce85214bbaddfd4cf4bd1762ac3c29
cache-control
private, no-transform, max-age=5111436
x-o
CF
etag
cf1558ec9d052416ba366568f62cc998-37ce85214bbaddfd4cf4bd1762ac3c29-320
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 04:01:35 GMT
access-control-allow-origin
*
content-length
30057
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 04:00:42 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
f91981e2e38f8b6d69db5f3d63bb1464
content.api.news/v3/images/bin/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f91981e2e38f8b6d69db5f3d63bb1464?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
cfa8a6cab6d3accfb28d9764b51075ea49d7aad9a671a30a4da3cf2f0920e280

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-hobit
2B
edge-cache-tag
f91981e2e38f8b6d69db5f3d63bb1464
cache-control
private, no-transform, max-age=5111898
x-o
CF
etag
26fe37845e8140573647917469160da8-f91981e2e38f8b6d69db5f3d63bb1464-650
access-control-allow-methods
GET
expires
Sun, 22 Dec 2024 04:09:17 GMT
access-control-allow-origin
*
content-length
17499
x-serial
1908
date
Thu, 24 Oct 2024 00:10:59 GMT
last-modified
Wed, 23 Oct 2024 04:10:18 GMT
content-type
image/jpeg
server
Akamai Image Manager
access-control-allow-headers
x-newsapi-api-key
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
459 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?ck=hqwasd/2cr0YK5Z2j0J8dLGND0g=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=2517865
x-rq
syd3 123 242 443
etag
"671859ab-0"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
expires
Fri, 22 Nov 2024 03:35:24 GMT
accept-ranges
bytes
content-length
0
date
Thu, 24 Oct 2024 00:10:59 GMT
akamai-grn
0.c9b42e17.1729728659.92078742
content-type
text/css
last-modified
Wed, 23 Oct 2024 02:04:27 GMT
server
nginx
vary
User-Agent
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		303 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
11364eb0ccb375ed954d862763a554376a7d9b7ee2b5a79557e86db70a362311
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=551
content-encoding
gzip
etag
"e8aea58bbee8a4349ffb5a86d1d68bff:1726465208.047997"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
expires
Thu, 24 Oct 2024 00:20:11 GMT
akamai-grn
0.c9b42e17.1729728659.92078743
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/x-javascript
vary
User-Agent, Accept-Encoding
server
AkamaiNetStorage
indies-loader.js
resourcesssl.newscdn.com.au/indies/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0cd07ada47102b3c1c867a98c631f1e933d7ec89c096cf5294bbe3d5163a6a4a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
"99cb4f525850db8d88aa209a4f92c9f8"
x-amz-version-id
D9JyWpzf4hl5bktJsyxAecidejmyoHYb
expires
Thu, 24 Oct 2024 00:14:57 GMT
date
Thu, 24 Oct 2024 00:11:00 GMT
last-modified
Mon, 16 Sep 2024 07:11:54 GMT
vary
Accept-Encoding
content-type
text/javascript
x-amz-id-2
ImnSA1DK5yf7VQEb5nvQRvQ15gPShWym6xKnChSVMGeTmPNrquOt7rSatPfIbArw6/pDgr5LRzJDktysU5SoNQ==
cache-control
max-age=237
x-i
true
x-p
/indies/indies-loader.js
x-amz-request-id
7VNK0J01MV2HYGJH
accept-ranges
bytes
content-length
2039
server
AmazonS3
x-amz-server-side-encryption
AES256
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		104 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b94da7cd3af5edde434f7515a419b0e8351aeb8ddc7c3bb2a719d592e465caf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
W/"6715e811-1a063"
expires
Thu, 21 Nov 2024 03:17:35 GMT
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/javascript
last-modified
Mon, 21 Oct 2024 05:35:13 GMT
vary
User-Agent
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=2430395
x-rq
syd3 123 243 443
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
accept-ranges
bytes
content-length
28637
akamai-grn
0.c9b42e17.1729728659.92078744
server
nginx
player.js
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/ 		1 MB
290 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d183d932db0437b3dd66a5475c01d1b5e2777e3a5b6da2d10bb0d489773c715c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
"b694ce2d5882cc255a36a8c8c48782e7"
access-control-allow-methods
GET,POST
expires
Thu, 24 Oct 2024 00:22:21 GMT
date
Thu, 24 Oct 2024 00:11:00 GMT
last-modified
Tue, 22 Oct 2024 03:12:06 GMT
vary
Accept-Encoding
content-type
text/javascript
x-amz-id-2
67cU8rfbbeZjcJw849ec+CJU2WTPPRvn3GXeoMcr8mPdIBaApjdQ2EnYnGvEib4XPG0g5mZdX5frL2FO9hSwB1aHAeNm0UgvEuYC9O4FZRQ=
cache-control
max-age=681
x-amz-request-id
80GC4BDFKFHJF432
accept-ranges
bytes
access-control-allow-origin
*
content-length
296141
server
AmazonS3
x-amz-server-side-encryption
AES256
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		11 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css?ck=hqwasd/2cr0YK5Z2j0J8dLGND0g=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
57fb4792dcc9319cf558696d779009392b16b7525f0e2d9303ceeea26395ae07
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=2517839
content-encoding
gzip
x-rq
syd3 123 243 443
etag
W/"671859ab-2b16"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
expires
Fri, 22 Nov 2024 03:34:58 GMT
accept-ranges
bytes
content-length
1483
date
Thu, 24 Oct 2024 00:10:59 GMT
akamai-grn
0.c9b42e17.1729728659.92077f73
content-type
text/css
last-modified
Wed, 23 Oct 2024 02:04:27 GMT
server
nginx
vary
User-Agent
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		0
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=2430509
x-rq
syd3 123 242 443
etag
"6716dde0-0"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
expires
Thu, 21 Nov 2024 03:19:29 GMT
accept-ranges
bytes
content-length
0
date
Thu, 24 Oct 2024 00:11:00 GMT
akamai-grn
0.c9b42e17.1729728659.92078745
content-type
application/javascript
last-modified
Mon, 21 Oct 2024 23:04:00 GMT
server
nginx
vary
User-Agent
js-mosaics-helper.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-mosaics-helper.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
193c5f20f0b5ddb4299214c506e52d7b33dc94757d121ddd8103d8163cf7904f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
W/"6715d0b0-244a"
expires
Thu, 21 Nov 2024 03:19:07 GMT
date
Thu, 24 Oct 2024 00:10:59 GMT
content-type
application/javascript
last-modified
Mon, 21 Oct 2024 03:55:28 GMT
vary
User-Agent
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=2430488
x-rq
syd3 123 242 443
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
accept-ranges
bytes
content-length
2945
akamai-grn
0.c9b42e17.1729728659.92078746
server
nginx
outbrain.js
widgets.outbrain.com/ 		256 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.39.62 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-39-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ccf46a9cb49a5a9c413deceeb55ed0ccc8e07fbe4176afa6e93076448c350a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
"4e-zC0etvg2uGs32rtAhvTtNqFp7gY"
access-control-allow-methods
GET,POST
date
Thu, 24 Oct 2024 00:10:59 GMT
content-type
application/x-javascript
last-modified
Tue, 22 Oct 2024 08:34:46 GMT
vary
Accept-Encoding
x-traceid
b1bcfb9d8ff7eb47ba56705ce1f7e01a
strict-transport-security
max-age=31536000; includeSubDomains; preload
edge-cache-tag
widget-cheetah
cache-control
max-age=14500
timing-allow-origin
*, *
access-control-request-headers
X-OB-STG,X-OB-PRD
access-control-allow-credentials
false
access-control-allow-origin
*
content-length
95096
js-animation-helper.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		662 B
868 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-animation-helper.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7ccb570a5a9a9016eb61ddc894fb950da6f70c4651da617a7b4e91b5f680c363
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
W/"6716dde0-296"
expires
Thu, 21 Nov 2024 03:18:07 GMT
date
Thu, 24 Oct 2024 00:10:59 GMT
content-type
application/javascript
last-modified
Mon, 21 Oct 2024 23:04:00 GMT
vary
User-Agent
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=2430428
x-rq
syd3 123 243 443
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
accept-ranges
bytes
content-length
388
akamai-grn
0.c9b42e17.1729728659.92078747
server
nginx
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Content-Type
image/png
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/server-side-interactive-loader/assets/ 		1 KB
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/server-side-interactive-loader/assets/main.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3c62af03c31f2380535ab076f01f8a7f62b3c0de24a470fb70607a12aba5445

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
"1fdb921767e38b4561f62bb386d46b3d"
x-amz-version-id
RpWlVHMitAxsvrnCqdlexAwleRZphTrw
expires
Thu, 24 Oct 2024 00:39:51 GMT
date
Thu, 24 Oct 2024 00:11:00 GMT
last-modified
Wed, 23 Oct 2024 03:36:43 GMT
vary
Accept-Encoding
content-type
text/javascript
x-amz-id-2
MITQwLYOhXCuEN6bF8C4uNLr1Lr2C2KzC+Ryc+1OS2xkGmhEXOVYUPMoTZH6um4MXv1+4k+AWz8=
cache-control
max-age=1731
x-i
true
x-amz-request-id
FZX6JBX4HHDG4TC5
accept-ranges
bytes
content-length
577
server
AmazonS3
x-amz-server-side-encryption
AES256
campaigns
resourcesssl.newscdn.com.au/indiestudio/api/public/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indiestudio/api/public/campaigns?userType=anonymous&pageType=homepage&site=heraldsun.com.au&section=/home&device=desktop
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ec6a2ffde954e5ffa0d8f304991b5fef4c88b55c11ce56630fc425dfac1194b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
content-encoding
gzip
expires
Thu, 24 Oct 2024 00:11:00 GMT
apigw-requestid
AIN23jRRSwMEM8w=
access-control-allow-origin
*
content-length
1661
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/json
vary
Accept-Encoding
campaigns
resourcesssl.newscdn.com.au/indiestudio/api/public/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indiestudio/api/public/campaigns?userType=anonymous&pageType=homepage&site=heraldsun.com.au&section=/home&device=desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,x-amz-date,x-amz-security-token,x-amz-user-agent,x-amzn-trace-id,x-api-key
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
apigw-requestid
AIOHPiPxSwMEM1Q=
cache-control
max-age=1765
date
Thu, 24 Oct 2024 00:11:00 GMT
expires
Thu, 24 Oct 2024 00:40:25 GMT
comments-count
mhr.talk.news.com.au/api/v1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=8f4f87c986b9efebaa89692eeffedf14,8e9b5f45ae3b6cd2d15ebb65b20211e4,94c6024050458062720d0fb69d49b755,ccd584672d95b4cc33ae6a884b9bb9ad,94794e32d86bf80d6e9a705cba5eb32b,9e73f223f1850283cf5f85e396b194c1,a7b3f9028189f81c2417ef6a220afe6e,66acb295c1c5a71c98fc44862cd1e38a,d65d180c02df486928132b0ca4600fdd,201c2529a38dbe6c3421c08eea2a4687,4ac08c8276a2ed6b20463de2ea9cf80e,7e064492874fad2c1c058671e34a903c,257153f1b2007468f08b9739fbb7ce60,c9c55dface7e31eaccdd92d406c2c8d7,ee8b1bee36e6236a99ed23830c406e64,bc6aa2580bd4a7fd1f4480f907ba3e20,2c70e150727bad79a537404f32a08332,2197fa1d8441b5a8ff613f8d44accd70,31b7abc94c08514b58fc399c036f31f0,735f48c6772a70e0178320d6f614bac9,d51cbbbeb4153498a8be4d134a43c4b3,e5ddaf6df109c05cdb3181c86b2a96d5,257f2f3b8a58546d7ec02b67678c48d7,868872367cba2a35acc11fc6836f9d7c,d6b49bfe92208d38fbb113caf57dacdb,23cb96edc8b78a06d62baa9978ec51ef,3a0028cfcfe604f1adb5e4e857ade16a,c51d04e8638a34c3ad4c16b351d4ad6c,b8638d41d3805f5a70d42d5872afbbcc,d61214afa9ad7118a43deb85ec9beb67,d962b2ed8d65d930a260c10050151a46,ebaff04cbb349d4b3964ed4e3e8eed02,6f55aa50c444a5682ceea8af652c77c1,5cbd5291429303e04a31bc6e50b76d86,6acb793d1327fe5b277451cc6aed2965,f21bbb7a7befdfb8ad8f26c85eb35487,8f9126a4f809ca46ec4ca4e96b2b6a85,480fa793c6d09dbed74c61ac6ad4c3ce,d3f0fb460c0c60409393e1cdb5ed7221,43bd1f8bcd02e35142070d964d0ba23f,bfc0a8a05de73fa6a8c55eb174ddee02,eb06d0eab7a28a424e84610b0406fb49,2f4d1308d564d35c660ba81d9fd83830
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
42936678e6e40484727f1d9ca60ce473dbd9eb97f60035b82b9630322c72acc2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-talk-trace-id
258f51d0-919c-11ef-a4cc-4bfc7736eb40
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
content-encoding
gzip
etag
W/"657-UhDCTkZiHA86nEqWIYV34XZXXr0"
x-content-type-options
nosniff
x-download-options
noopen
access-control-allow-origin
*
content-length
925
x-xss-protection
1; mode=block
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx/1.20.1
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
32cd61c8a4f8c882793e8aa7bfb72137ba3ad3bf2a60a02af4911db522979aad
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-robots-tag
noindex
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:12:00 GMT
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/json; charset=UTF-8
vary
User-Agent
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=60
x-rq
syd3 123 242 443
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
allow
GET
accept-ranges
bytes
content-length
722
akamai-grn
0.c9b42e17.1729728660.92078c72
server
nginx
skeleton.gif
static.adsafeprotected.com/ 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adspot_id=frwjhs_728x90_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25f0:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
age
95802
x-cache
Hit from cloudfront
x-amz-cf-id
ocokZJTDUVpFIz3FB7JrVFe13RtLtlNCaJU41xB26te0QYsbS9nqoA==
date
Tue, 22 Oct 2024 21:34:19 GMT
content-type
image/gif
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
43
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
authorize
login.newscorpaustralia.com/ Frame 3A65 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=QcQaCnDhcUQg446oPRJnDtOMhCVNeYqD&nonce=MI1EjAqPzw-5qsSxm5QZgd22QUvpiL6u&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNi4xIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.116.109.197 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-109-197.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8d75bf3e9e10aaf6-SYD
content-encoding
gzip
content-length
936
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Thu, 24 Oct 2024 00:11:00 GMT
expires
Thu, 24 Oct 2024 00:11:00 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 535 0 pmb=mTOE,4
x-auth0-requestid
2f78fcb2805c3cbe8c77
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1729728661
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2fdaa3a4b792b4ebdd91a442ae99712c1f4fda39227de9af3103dba52caa7417

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=300
content-encoding
br
etag
W/"101ffe2a4ed45c1e4568e8436fbeed12"
x-amz-version-id
_feR6DJ1_YM1wzRqk8hqU0Hd9emmYTsp
age
47
via
1.1 a8d63eee2fd456f0e1e6772e38461220.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
LbQtYBxrS9OXRc3n8DZkgBxB0c6uUGE4bFo5T4f9rReAujPVKb6f0A==
date
Thu, 24 Oct 2024 00:10:19 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 02:56:17 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		161 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8458cb3a3d3e4ee20b038f6aa252856d75cc4394639eb29a72f08345ee50bfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=300
content-encoding
br
etag
W/"896b16532adb7721e32d82ae5d4d79ab"
x-amz-version-id
OBnrD185s9vEHqhS8bWCvbQY9BhiX86a
age
76
via
1.1 a8d63eee2fd456f0e1e6772e38461220.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
ip-J51t_hwaywc7WOed6vSJfB-X3Ci32vOwr9W2TJB4c0Tvqz-l4mQ==
date
Thu, 24 Oct 2024 00:09:54 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 02:56:16 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		263 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d16aba19f0cc9eff4df4ccfa2abd018046dd1433298d86fe34495ee91c56275b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
W/"6715e811-41ca0"
expires
Thu, 21 Nov 2024 03:16:54 GMT
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/javascript
last-modified
Mon, 21 Oct 2024 05:35:13 GMT
vary
User-Agent
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=2430354
x-rq
syd3 123 242 443
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
accept-ranges
bytes
content-length
67953
akamai-grn
0.c9b42e17.1729728660.92078de8
server
nginx
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
67b9635b38d68a49ad3296f4157106c75441565293192bf1bd251dac723dc72f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
W/"670f5712-1fb6"
expires
Thu, 21 Nov 2024 03:16:40 GMT
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 06:02:58 GMT
vary
User-Agent
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=2430340
x-rq
syd3 123 242 443
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
accept-ranges
bytes
content-length
3257
akamai-grn
0.c9b42e17.1729728660.92078de9
server
nginx
topics.html
widgets.outbrain.com/nanoWidget/externals/topics/ Frame 6744 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.39.62 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-39-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=14400
content-encoding
gzip
content-length
364
content-type
text/html
date
Thu, 24 Oct 2024 00:11:00 GMT
etag
"a52151dbf5b2ca563e40ccca1ab8228c:1729586083.210908"
expires
Thu, 24 Oct 2024 04:11:00 GMT
last-modified
Tue, 22 Oct 2024 07:58:22 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.39.62 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-39-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=2592000
timing-allow-origin
*, *
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-request-headers
X-OB-STG,X-OB-PRD
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
expires
Sat, 23 Nov 2024 00:11:00 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
image/gif
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
get
mv.outbrain.com/Multivac/api/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.heraldsun.com.au&idx=0&rand=59350&widgetJSId=KS_3&va=true&et=true&format=html&px=176&py=2529&vpd=1329&settings=true&recs=true&cw=920&key=NANOWDGT01&tch=0&adblck=0&abwl=0&obRecsAbtestVars=1550:5795&wdr-attribution-src=1&activeTab=true&version=2010946&sig=H09lcC1T&apv=false&osLang=en-AU&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.heraldsun.com.au%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
adcb0f05bfd16a160466054ae7d7c5081b041b7b00dbc72ebf0b3f8a44cb84ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
text/javascript
x-served-by
cache-syd10164-SYD
x-cache-hits
0
x-traceid
38474d739a9634a53f65f691435dc273
vary
Accept-Encoding, User-Agent
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
pragma
no-cache
x-timer
S1729728660.330464,VS0,VE329
via
1.1 varnish
accept-ranges
bytes
content-length
5984
traffic-path
WNDC1, SYD, APAC1
20352597942.js
cdn.optimizely.com/js/ 		448 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/20352597942.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43b14284e0a2538651c42951f6f6246d26f426f22f1cd116f9a03af71846f15e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-max-age
86400
access-control-expose-headers
x-amz-meta-revision
content-encoding
gzip
cf-cache-status
HIT
etag
"54dd97173a3e6464a2183bdca328bb37"
x-amz-version-id
AhZkOuQFpL.HlhijH.EHKr0XIUdNR08P
age
206
access-control-allow-methods
GET, HEAD
date
Thu, 24 Oct 2024 00:11:00 GMT
x-amz-meta-revision
5840
content-type
text/javascript; charset=utf-8
last-modified
Wed, 23 Oct 2024 23:37:17 GMT
vary
Accept-Encoding
x-amz-id-2
uUdX2Ysl4RL2Ynh5CoNaAGiP5eeId+WjmlRU0gyNRrN6Z+mmwg5XZFDN/uctunT04BpZvuPgF9c=
access-control-allow-headers
*
x-amz-replication-status
PENDING
cache-control
max-age=120
timing-allow-origin
*
x-amz-meta-pci_enabled
False
access-control-allow-credentials
false
x-amz-request-id
Z2F5PK8DCXMCY3H6
cf-ray
8d75bf3f48b55738-SYD
accept-ranges
bytes
access-control-allow-origin
*
content-length
135796
server
cloudflare
x-amz-server-side-encryption
AES256
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=17297286603440.16479006820147402
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28f::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
pragma
no-cache
expires
Thu, 24 Oct 2024 00:11:00 GMT
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-length
833
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
AkamaiNetStorage
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28f::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31690
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-length
666
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/x-javascript
server
AkamaiNetStorage
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:6800:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
x-amz-version-id
null
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
age
19211
via
1.1 eb3589b1230a45883fc0813bdb92ed5e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
KATd3uLB0zV714_Q7HuJfwc1OIVirMJggIZ3B6XUbuRUmOgzZMwFTA==
date
Wed, 23 Oct 2024 18:50:50 GMT
content-type
application/javascript
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-nca/ab-test-collection/assets/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-nca/ab-test-collection/assets/style.css
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33550cc48d1c6e7ee899fcdcd8adf7900b8bec68108dd946a92733359d3058a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
"dd21bd906306d3d6bc080330a7378544"
x-amz-version-id
hkcK9E0OZJjlweaBAbCaeebdKJAaBhWw
expires
Thu, 24 Oct 2024 00:16:48 GMT
date
Thu, 24 Oct 2024 00:11:00 GMT
last-modified
Wed, 23 Oct 2024 05:22:15 GMT
vary
Accept-Encoding
content-type
text/css
x-amz-id-2
lRYv2nHynwH9WBi/YS6TpXADxv7wUzvCVmgpsjpuW86ZgVlWl7MDjwqGVexRpOC37cWnEE8OpTPhZI+igqE/9A==
cache-control
max-age=348
x-i
true
x-amz-request-id
447HSEBM1ZFBPRTG
accept-ranges
bytes
content-length
1290
server
AmazonS3
x-amz-server-side-encryption
AES256
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-nca/ab-test-collection/assets/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-nca/ab-test-collection/assets/main.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5c572fdf7fdf76b03a5c552569a991a5ebb1aabbe840d9b1602f8e8740c32e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
"e76359c3c2f15e28dd69f7e26d4df956"
x-amz-version-id
uAatutePS9wTd07vo1zZyhArUM.qSeuv
expires
Thu, 24 Oct 2024 00:13:36 GMT
date
Thu, 24 Oct 2024 00:11:00 GMT
last-modified
Wed, 23 Oct 2024 05:22:15 GMT
vary
Accept-Encoding
content-type
text/javascript
x-amz-id-2
rJSWxRionlJ+XkshmnzFptoRAAdyaO6/rddovUQ4Ff3yUKpoxa7zCiU+2+q9MUpCn6Q7swhWDF30wCCViDGiEgmW8bZK5Ltt/xp1+emP6NE=
cache-control
max-age=156
x-i
true
x-amz-request-id
MNMKDRMTWM41S55D
accept-ranges
bytes
content-length
3208
server
AmazonS3
x-amz-server-side-encryption
AES256
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b9fbd39a3c6db3532dc814429d0b089903ada15ad4f9709f4fd98bc2a2bbfe1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
"bb3eccd4794d750d237cbe5970dd7b47"
x-amz-version-id
J1kiZpEXNC1eXPzlUbkn_bqPmrfNsZhO
expires
Thu, 24 Oct 2024 00:31:25 GMT
date
Thu, 24 Oct 2024 00:11:00 GMT
last-modified
Wed, 23 Oct 2024 00:16:38 GMT
vary
Accept-Encoding
content-type
text/css
x-amz-id-2
D0jF6fLDU1Sb5LRs2D9kRPfT02rIHFLIGiGiRu0EcJzCUAmCXr6gNROZz8mi9hk7IXJpjickoZQ=
cache-control
max-age=1225
x-i
true
x-amz-request-id
Q85JAGBBAG8CWHH1
accept-ranges
bytes
content-length
3626
server
AmazonS3
x-amz-server-side-encryption
AES256
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/ 		269 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c785d49174d00ee2df95d3d20de0155e95f999b16d35f8834837675afbbfc029

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
"05e62e7c3d8817fe90324d7cfbe0d4e4"
x-amz-version-id
tBb3PTlgsji3c.Smc3E7wnyUbZAkqmt8
expires
Thu, 24 Oct 2024 00:14:06 GMT
date
Thu, 24 Oct 2024 00:11:00 GMT
last-modified
Wed, 23 Oct 2024 00:16:38 GMT
vary
Accept-Encoding
content-type
text/javascript
x-amz-id-2
win1156vwFyyPK7NN83axLFMFxe5wWM20pzJKAixib7vYNcoZMA33BjHr/XiI16NLiKkWkWuEIJ/Gq/Wt1AjposKsQl01V9ZpgvPV8pSghM=
cache-control
max-age=186
x-i
true
x-amz-request-id
Q85H9BMSZV82C01Y
accept-ranges
bytes
content-length
70383
server
AmazonS3
x-amz-server-side-encryption
AES256
csp-reports
login.newscorpaustralia.com/ 		0
0
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		295 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=EaHyZP2jxL/gZgg9LcNjSFsCTkE=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.116.109.197 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-109-197.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7b51daa2b58be074aa96fcf2bff13469142662c58b70ff6b9f18955b9448e842
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=600
cache-control
max-age=45
content-encoding
gzip
etag
"668e23290a0d8ba3b14356655bd43c3a"
accept-ranges
bytes
content-length
82241
x-amz-cf-id
VyQ5h7UbYRk8CR4r1N8nZbTkVDNi9CV8osRXu2h74iSgcMZEQVkRgA==
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
text/javascript
last-modified
Mon, 09 Sep 2024 05:20:39 GMT
vary
Accept-Encoding
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
trending-up-grey.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/icons/ 		943 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/icons/trending-up-grey.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=hqwasd/2cr0YK5Z2j0J8dLGND0g=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a088bc997c857c75b86c0867dd870bd8b708eebf704a892b2fa6b87b04c62cc8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=hqwasd/2cr0YK5Z2j0J8dLGND0g=

Response headers

content-encoding
gzip
etag
W/"66dfaae4-3af"
expires
Thu, 24 Oct 2024 00:16:00 GMT
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
image/svg+xml
last-modified
Tue, 10 Sep 2024 02:11:48 GMT
vary
User-Agent
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
must-revalidate, max-age=300
x-rq
syd3 123 243 443
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
accept-ranges
bytes
content-length
513
akamai-grn
0.c9b42e17.1729728660.9207941f
server
nginx
index.min.js
players.brightcove.net/5348771529001/BXpiIlK5Q_default/ 		1 MB
306 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://players.brightcove.net/5348771529001/BXpiIlK5Q_default/index.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.34.33 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-34-33.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
44136c47f5ff1bc9889674fb5846427604f672b4a9b1e3304bbcc9ac1cfe8209

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
"1c88e6d8ec8eb8eac51f7c707838045d"
x-amz-version-id
AgIjgi3J7.C2pvBhFX5j9n7MLXMuGdBV
x-bcov-response-mode
1
date
Thu, 24 Oct 2024 00:11:00 GMT
last-modified
Tue, 30 Apr 2024 21:56:22 GMT
x-served-by
cache-syd10125-SYD
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-amz-id-2
r8+UD6v4ZiEAS2TYg852lpHCzhhSw66cYFbagrxm4tXSQ3TkH6aA82m7Xsy88rVDgX+wLBYw24uvhrwomWjpsEa41ANA0aL71NZWhKRzSDU=
x-cache-hits
0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=62
x-timer
S1714515021.808751,VS0,VE2215
x-amz-request-id
Q3XKJ4ZBEFMVMH2K
accept-ranges
bytes
access-control-allow-origin
*
content-length
312267
server
AmazonS3
x-amz-server-side-encryption
AES256
MediaSDK.min.js
tags.news.com.au/prod/heartbeat/v2.2.0/ 		175 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28f::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=64999
content-encoding
gzip
etag
"c347a09f51bb895d757c5e600ad18d57:1565826404"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-length
35262
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
AkamaiNetStorage
vans-adapter-google-ima.js
static.adsafeprotected.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25f0:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
x-amz-version-id
4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
etag
W/"8ec0c211dda60907ae57f46e621bc794"
age
95802
x-cache
Hit from cloudfront
x-amz-cf-id
2gOaNS236hhomkR7_wgQ5AZULYKKhdJGP0SB9yRhhzIKgYPXcFKMUA==
date
Tue, 22 Oct 2024 21:34:19 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 08 Jul 2021 19:25:58 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=604800
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
B7670439;dcadv=4149947;sz=1x2;ord=573509194775.0692
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=573509194775.0692?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f38.1e100.net
Software
cafe /
Resource Hash
c91f2474e79038b249d857d639bfabebc84250edcd47065eb19084c90ca3a91a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
15808
date
Thu, 24 Oct 2024 00:11:00 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E9316960CF514EA0903F1BB99B0B418F Ref B: SYD03EDGE1410 Ref C: 2024-10-24T00:11:00Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
a20352597942.html
a20352597942.cdn.optimizely.com/client_storage/ Frame BD52 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
491
cache-control
max-age=120
cf-cache-status
HIT
cf-ray
8d75bf413954d5e3-SYD
content-encoding
gzip
content-length
1001
content-type
text/html; charset=utf-8
date
Thu, 24 Oct 2024 00:11:00 GMT
etag
"8767e52ec2a995b1ee5ffe3c45711853"
last-modified
Wed, 23 Oct 2024 23:37:07 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="HIT"
vary
Accept-Encoding
x-amz-id-2
DtnOaDGeq64hAd9/AAskagZzCLQlr1s1OIJ6xjSVWDwpCuslfxEqJTs7jssiJMbWbIjBLFkjSkE=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
6C9NKDMFC3BW5V51
x-amz-server-side-encryption
AES256
x-amz-version-id
tmnKL9ZnWZsATnTQabKt0z3GX8vmMU3I
41d2ad34cdd0cd7eac9a6b725ea825ae
client.api.news/collections/ 		307 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://client.api.news/collections/41d2ad34cdd0cd7eac9a6b725ea825ae
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-nca/ab-test-collection/assets/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.116.108.143 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4fb213515157554d34009a1d86a8759ee8bd532221907176e8ce89271d3d7c65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=71
content-encoding
gzip
x-amz-apigw-id
AINmWH7zSwMEuzg=
x-amzn-trace-id
Root=1-67198fc1-300eaab020e8f4394aba2587
x-amzn-requestid
e45ca313-71e9-4970-8708-00424a5d5771
x-origin
S3
expires
Thu, 24 Oct 2024 00:12:11 GMT
access-control-allow-origin
*
content-length
30183
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/json;charset=utf-8
vary
Accept-Encoding
metrics.vendors.bundle.js
tags.news.com.au/prod/metrics/ 		155 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28f::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f4cd2b3a7ecd9e189a4335aca67202ddd4803525c0d56d51ea80f3f247e946fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=77394
content-encoding
gzip
etag
"7998b9ac20c7937bf25e2ea217c3c839:1719187365.552355"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
AkamaiNetStorage
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28f::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
875e2dbb46ed3ac5de6ffb948be3670674574c75bf0c963ad68edb8832f06d44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=68562
content-encoding
gzip
etag
"fb68340e5f23d55e9dd6f9e882195c13:1695883768.293004"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-length
9944
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
AkamaiNetStorage
fbevents.js
connect.facebook.net/en_US/ 		228 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=4, rtx=0, c=23, mss=1232, tbw=4542, tp=11, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
W0IdkzmGFGq7OpLoa0oZbn4iIIVQjVvHXhoNG7F25fPcBYqIoWMDZa1BGXvov4yuAFMKX2w6BhQKWk+Ec0ht2Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59508
x-xss-protection
0
origin-agent-cluster
?1
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-113.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Content-Encoding
gzip
ETag
W/"d9de38d1900dec018a46f90cc70a48b7"
Age
163
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
cvQaqQXfZeqKux8cgB3TSP6r83HrzfJIn4rba_ENz7BF30NeK9TRLA==
Date
Thu, 24 Oct 2024 00:08:18 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
Last-Modified
Tue, 16 May 2023 02:16:02 GMT
Transfer-Encoding
chunked
Cache-Control
max-age=3600
Connection
keep-alive
Via
1.1 4dc21cb63e62a1d58ba1e9fef2392daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SYD3-P2
Server
AmazonS3
x-amz-server-side-encryption
AES256
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2024-10-24T00%3A11%3A00.686Z&country=au&newsconnectId=&fpid=8d7ab3017569bbb26e044e3b23694b8d
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.186.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-186-186.compute-1.amazonaws.com
Software
/
Resource Hash
857f2d5177e69703aadc81bc11646b4bc0bd46c46f2388f27c9cffc66ffce659

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, DELETE, PUT
content-length
2862
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10561e7f3c3150b1d00b73d5551955651f407cf6b8684f2ae100e3081ff9cfe8
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
"485cd1909ef179b259aac5210a9ed2bd"
x-amz-version-id
eVOmSquZ2IC3aHqH3yjPZV0nNWK5wvwS
x-cache
HIT
date
Thu, 24 Oct 2024 00:11:00 GMT
last-modified
Tue, 15 Oct 2024 06:35:21 GMT
x-served-by
cache-syd10121-SYD
x-cache-hits
97761
content-type
application/javascript
x-amz-id-2
U/VO4h3gbW/2EhMmLYyGHbLmTvZQ2Tp0N/su4dz7Jl9XN7zp08j+PTKfpci17QrTztQ3JQUS+Wg=
strict-transport-security
max-age=31557600
vary
Accept-Encoding
cache-control
max-age=0,must-revalidate
x-timer
S1729728661.752536,VS0,VE0
via
1.1 varnish
x-amz-request-id
S0TQ26WDND708T9E
accept-ranges
bytes
access-control-allow-origin
*
content-length
520
server
AmazonS3
x-amz-server-side-encryption
AES256
id5-api.js
cdn.id5-sync.com/api/1.0/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-id-2
rzak4ZtVOK8sAp6+KWuwYOUe4hQApvVoZGBuHd+fDtwF+V46gxmHbrJK0jwqFEtsKCWudoPjfqY=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"f24286e1b73c01841e789906d50ce23f"
age
982
x-amz-request-id
AXB7VRXMXHCPXR6J
cf-ray
8d75bf41b979a883-SYD
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 02 Oct 2024 12:26:13 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1415:3c00:299::1e80 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains
cache-control
max-age=3600
content-encoding
br
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
expires
Thu, 24 Oct 2024 01:11:00 GMT
accept-ranges
bytes
content-length
20617
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/x-javascript
last-modified
Tue, 18 Jul 2023 07:46:45 GMT
server
Akamai Resource Optimizer
vary
Accept-Encoding
nca_aep.js
tags.news.com.au/prod/aep/ 		129 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28f::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e9bf5d849e23b18dbf6b56d9d0755f6422a528ade11a56339a63b243b159af25

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=42103
content-encoding
gzip
etag
"58f2d7d319f6488ebdbd0089a6896f60:1724303226.551548"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
AkamaiNetStorage
tad.js
tags.news.com.au/prod/tad/ 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28f::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
725cedf861f5608cc6a06e27059bb7647efe1d7af01a49744997a58dc2f79d1d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=10143
content-encoding
gzip
etag
"38575df658f06595d0460dd76367f16a:1729574655.176356"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-length
37524
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
AkamaiNetStorage
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e48bc797b5bc99079f4cf9b04d78f0db00f5433623a4c853daad9598f24f809f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
968 / 20020 / m202410210101 / config-hash: 9692308689602569677
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:11:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33485
x-xss-protection
0
server
cafe
apstag.js
c.amazon-adsystem.com/aax2/ 		324 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-125.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de78015446ccecc504efeba09653cb46a22d7a7b965c112bf2e336cd7e68514d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"86aff0d78152b013e35f129ddb7f52af"
age
2157
via
1.1 ebc52833900e41e6796b998a5877893e.cloudfront.net (CloudFront), 1.1 8ccca629f0b1ca48e2e69a056f61f9a6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
XpjmrNUVDq3MTUDR4HCNv8HVGMke1PnhYEVvFK9U2cGvKDSJ6AAVWg==
date
Wed, 23 Oct 2024 23:35:04 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 15:05:56 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2, SYD62-P3
x-amz-server-side-encryption
AES256
prebid.js
tags.news.com.au/prod/prebid/ 		364 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28f::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7d9d21605452d04658cbf5be9a07e429fe1b6a5ea435a079b645a1b938f122c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=83686
content-encoding
gzip
etag
"8f02edeef99c5fe1c82d93f27e5347e4:1729648052.761208"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
AkamaiNetStorage
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		186 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-59.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c45058661b7496afbd49da9a59ee9979b61465258dc1ba37d548732198c275f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
must-revalidate,public,max-age=3600
content-encoding
gzip
x-amz-version-id
QCbxJ6OPdU4ssw9rr12Qb.oVukH0CPc5
etag
W/"e407143f0daa29fafba6be478027943b"
age
2508
via
1.1 9f543b41d91998db89601c7fae0f18c2.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
n2rIgFu8--R27Hzl84mqMa4R5ZI88hIlOl-V-COWh-A_RcFhGoZ0gg==
date
Wed, 23 Oct 2024 23:29:13 GMT
content-type
application/javascript
last-modified
Thu, 05 Sep 2024 11:06:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P3
x-amz-server-side-encryption
AES256
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28f::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d5f1eaba202b7ce2050eeaf685c53727f235a13b397403ea980fa7d272debda3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=48054
content-encoding
gzip
etag
"433d9a2cc084df02a9ee99936310b420:1727661020.403789"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-length
3582
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
AkamaiNetStorage
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
035675399800e3ae1f674fa492c731a97d18c40358fd47ccee65ffe31d5b3455

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
1040
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yy0Xw0URtRtRmSduMpbWMcVHziALNdcl%2F3turOYd5DPhx6InQuznXWwvCVVv2HJr64aIkNK2y%2BRONBBu%2Fk6x%2B%2BNSAyhvJ4IdC6QSmJaBpdwHPSvBMwyWHzEH1k9CT%2BeiHf%2FNkDJQsYRvpofJ5I6XMj90"}],"group":"cf-nel","max_age":604800}
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-ray
8d75bf41d878aae4-SYD
cf-polished
origSize=6321
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 23 Oct 2024 23:53:40 GMT
vary
Accept-Encoding
server
cloudflare
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.28.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15412
date
Thu, 24 Oct 2024 00:11:00 GMT
x-tw-cdn
FT
last-modified
Fri, 15 Mar 2024 03:07:08 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000023-IAD, cache-syd10164-SYD
x-amz-server-side-encryption
AES256
insight.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1415:9c00:7::1728:3458 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=49759
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Thu, 24 Oct 2024 00:11:00 GMT
last-modified
Thu, 22 Aug 2024 11:06:54 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
chartbeat_video.js
static.chartbeat.com/js/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2774:5600:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"665fac50-11d74"
age
85543
cross-origin-resource-policy
cross-origin
via
1.1 aeb2692086ca3fc7d14822f811ae17a0.cloudfront.net (CloudFront)
expires
Thu, 24 Oct 2024 00:25:17 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
bXQHnhY4_CpCScPdEbvsKfBhdE8hJ9lz2pciTr-2UJyfCteAPP8zHw==
date
Wed, 23 Oct 2024 00:25:17 GMT
content-type
application/x-javascript
last-modified
Wed, 05 Jun 2024 00:07:44 GMT
server
nginx
x-amz-cf-pop
SYD62-P3
vary
Accept-Encoding
utag.1205.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1205.js?utv=ut4.46.202309110217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3a1f73c53fd401309ec9fa85a3ff194f4a89313d5ecd4a08f9a9c0fa3fb2714

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"c2d8840dd3b8975b6aed98c9558a4b3f"
x-amz-version-id
.O5hx8qV4e28gXOdS2JArbHLMW7Y5Ek5
age
200
via
1.1 a8d63eee2fd456f0e1e6772e38461220.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
NpH1nw9U82TxqlqQcyR9gr0QttnVB8IzJYzLesbt8al5V-NoAS-zXg==
date
Thu, 24 Oct 2024 00:07:41 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 02:56:14 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
utag.1211.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		608 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1211.js?utv=ut4.46.202311301301
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81e7130c9ca57a6d0c53cf0e349f6eae2b2cbe189b7872132c9062e132cdb672

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-version-id
NjlONlqb0dLrU_CgpsDu7W0PiQKe9mlf
etag
"e90f4cfc653e76ebe26dd97233b5ee08"
age
280
x-cache
Hit from cloudfront
x-amz-cf-id
VtrWYAIjeZJkph-1N99Ju0DiFEBCEVkrpdWciNwrbwqFSULBZWwXXQ==
date
Thu, 24 Oct 2024 00:06:22 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 17 Oct 2024 02:56:15 GMT
cache-control
max-age=1296000
via
1.1 a8d63eee2fd456f0e1e6772e38461220.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
608
x-amz-cf-pop
SYD62-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
utag.1366.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1366.js?utv=ut4.46.202407090252
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c8978da2e78e91e5bc6c82a344c8ade4654055f523135fe4434ad503b1ed525

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"75c6d6a041a3e15f4a142ebbc632c0cb"
x-amz-version-id
ijemfx1Q0F7_GFZ.NQymeU1eARWF_pDW
age
246
via
1.1 a8d63eee2fd456f0e1e6772e38461220.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
b4Gnsp-3yFEvpEzRcF3YxRWDC-lzYj9GC0yfMw1zeZpNMqY9Cexg_w==
date
Thu, 24 Oct 2024 00:06:55 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 02:56:16 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
utag.1370.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1370.js?utv=ut4.46.202406240040
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ff01e11d2270b2a1e9089262165cc3df9d3c29ce40f231ac6c7aeafe190bd61

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"80dd3d9ab381040022d4b15e10f0ac12"
x-amz-version-id
.SOpEuv3IvCIP2udT.MBPAO3ydZbMYRf
age
142
via
1.1 a8d63eee2fd456f0e1e6772e38461220.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
GX7xhLeLUs85RwqMFLQbpRkOtxbMTrj_z0Tau_RHFwLx9oM-bj4D4w==
date
Thu, 24 Oct 2024 00:08:39 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 02:56:16 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
utag.1376.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1376.js?utv=ut4.46.202406240040
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35a9c3e59969721a5bae44022ed4734f89c8e2177c4d818bc84937921f852c58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"1f415d91ca8a5e82ce049b0afb58b4c2"
x-amz-version-id
YY0rDf.X._2kz4yS9r3RvKruiM_XmBjK
age
44
via
1.1 a8d63eee2fd456f0e1e6772e38461220.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
VY3_tz-rVmHXQG1KTPG2xfqCtyBREjRr2__ArFRSF3BfLjQvWpuRyA==
date
Thu, 24 Oct 2024 00:10:17 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 02:56:16 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
utag.1387.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1387.js?utv=ut4.46.202406260136
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82d21d837dcf217c3f9d0b1e9f7ee50c86cbe7f26aa6ecc5e928cc8d60d55e73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"167584666fe313c1a1c3054cbdc6e37b"
x-amz-version-id
NHZL3ZSAsbcj4RTfKCJ2FqfKCn72zAoH
age
245
via
1.1 a8d63eee2fd456f0e1e6772e38461220.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
w4GYH_AtjqzNtnOfeeL-ohFTwXmgbDm5ovac9xLOWl5Z9aAddXTKoA==
date
Thu, 24 Oct 2024 00:06:59 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 02:56:12 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
pixel_50a199ee
www.heraldsun.com.au/akam/13/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_50a199ee
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/50a199ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
blaizehappened
true
x-arrrg4
https://www.heraldsun.com.au/
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_50a199ee&blaizehost=v4-news-au-heraldsun.cdn.zephr.com&content_id=&session=8d7ab3017569bbb26e044e3b23694b8d
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-length
0
akamai-grn
0.c9b42e17.1729728660.92079b94
x-pathqs
TRUE
content-type
text/html
vary
User-Agent
date
Thu, 24 Oct 2024 00:11:00 GMT
swg.js
news.google.com/swg/js/v1/ 		245 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0f04dec43134913ad8a1da87ca1cb4eb30753050a2d0d2e5f0c0dc5ba941c30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
age
389
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:54:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:04:32 GMT
last-modified
Wed, 23 Oct 2024 22:47:48 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3000
cross-origin-opener-policy
same-origin; report-to="news-frontend"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
accept-ranges
bytes
content-length
72573
x-xss-protection
0
server
sffe
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 6446 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.39.62 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-39-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
282
content-type
text/html
date
Thu, 24 Oct 2024 00:11:00 GMT
etag
"c0311cf15c21ddda054005e92fad3f9e:1729586079.180917"
expires
Thu, 31 Oct 2024 00:11:00 GMT
last-modified
Tue, 22 Oct 2024 07:58:22 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
output-onlinepngtools.png
s3.ap-southeast-2.amazonaws.com/resources.newsplus.com.au/resources/cs/ts2020/assets/images/sport-indies/indies-taboola-sponsored/image/ 		433 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.ap-southeast-2.amazonaws.com/resources.newsplus.com.au/resources/cs/ts2020/assets/images/sport-indies/indies-taboola-sponsored/image/output-onlinepngtools.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.95.128.223 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-id-2
uY4ggYXkHgwJdQGQJSDmJKsJZlZU/uHynT3ejuuDHmPf9s+kLbhyuoE3wF9EJJi6cnBxPwUtTFA=
ETag
"85ce6ba53f1b4531a8d6ea8389d13cf7"
x-amz-request-id
SFZX77FCSVQDS2PM
Accept-Ranges
bytes
Content-Length
433
Date
Thu, 24 Oct 2024 00:11:02 GMT
Last-Modified
Thu, 14 Sep 2023 06:40:38 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
l
mcdp-wndc1.outbrain.com/ 		2 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-wndc1.outbrain.com/l?token=e854901c7f89dc1135e892b322d5a22f_240137_1729728660570_1&tm=708&eT=0&widgetWidth=920&widgetHeight=104&widgetX=176&widgetY=2501&wRV=2010946&pVis=0&lsd=9bc7e295-b330-491c-bb0d-1d5365c16871&eIdx=&cheq=0&rtt=665&oo=false&lo=1939&obreq=1850&mvreq=2178&mvres=2843&cet=4g&to=1729728658129&ll=0&chs=12&ab=0&wl=0&retries=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.250.45.119 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
content-range
content-encoding
br
access-control-allow-origin
*
content-length
6
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
text/plain; charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-traceid
979c09a44f2e043ec4d22065f44151a0
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 7238 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.39.62 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-39-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
6559
content-type
text/html
date
Thu, 24 Oct 2024 00:11:01 GMT
etag
"e2c93015015d69447ee032a0d40bb959:1726489446.958345"
expires
Thu, 31 Oct 2024 00:11:01 GMT
last-modified
Mon, 16 Sep 2024 12:20:34 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
publisherIDsCollector.js
widgets.outbrain.com/nanoWidget/2010946/module/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2010946/module/publisherIDsCollector.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.39.62 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-39-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b6da3243fb9049fc1978cee179333de8ffd749810f55dcaa51d7e339ba968c68

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
"3fe8e8635d908967700872c85a16988d:1729586049.480062"
access-control-allow-methods
GET,POST
expires
Thu, 31 Oct 2024 00:11:00 GMT
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/x-javascript
last-modified
Tue, 22 Oct 2024 07:58:22 GMT
vary
Accept-Encoding
cache-control
max-age=604800
timing-allow-origin
*, *
access-control-request-headers
X-OB-STG,X-OB-PRD
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
content-length
1367
server
AkamaiNetStorage
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/afl/series/4/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/afl/series/4/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.133.233 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-133-233.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
f7396d221d4d2ac32b9336fc2c509a6c059ba98f5b4606059a0f955ec0148004

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=1624
content-encoding
gzip
access-control-allow-methods
GET
accept-ranges
bytes
x-varnish
75184652
access-control-allow-origin
*
content-length
826
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json
vary
Accept-Encoding
server
STATS API
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/league/series/1/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/league/series/1/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.133.233 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-133-233.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
9e54e0a04fc25c69b9a29cf4a6d32d0054169abf91e713a499f6dce6908b23ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=67
content-encoding
gzip
access-control-allow-methods
GET
accept-ranges
bytes
x-varnish
9524028 8353115
access-control-allow-origin
*
content-length
1009
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json
vary
Accept-Encoding
server
STATS API
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/league/series/32/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/league/series/32/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.133.233 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-133-233.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
99f17c195b57141399fe1e04d1d0b3de16d825e0d5a4c1a992f2ba4b0b63df2f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=63
content-encoding
gzip
access-control-allow-methods
GET
accept-ranges
bytes
x-varnish
15127069
access-control-allow-origin
*
content-length
643
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json
vary
Accept-Encoding
server
STATS API
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/basketball/series/9/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/basketball/series/9/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.133.233 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-133-233.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
1205014d17b1bb03365f69446884487b28bcf1122e207e8975b92c45d5ea15ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=1277
content-encoding
gzip
access-control-allow-methods
GET
accept-ranges
bytes
x-varnish
17284936 15417092
access-control-allow-origin
*
content-length
755
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json
vary
Accept-Encoding
server
STATS API
codesports-blue.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/logo/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/logo/codesports-blue.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b12220610e1e665dfb86a75ff74ebddbec236bdc273121f967c55148c96987d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-id-2
tK6yMj/SwElVTFNQvGoB3Blm9nEs/Dpw0D78REk0afVCiFlWfxW+Hb2sJbOsPlPj3BNU0A3Eb4s=
cache-control
max-age=263991
etag
"a2838c1db7937ac78c6cdbd8c693aa32"
access-control-allow-methods
GET,POST
x-amz-request-id
ABW0HZN5HMM4KH2R
expires
Sun, 27 Oct 2024 01:30:52 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
8816
date
Thu, 24 Oct 2024 00:11:01 GMT
last-modified
Tue, 21 Nov 2023 00:33:54 GMT
content-type
image/png
server
AmazonS3
x-amz-server-side-encryption
AES256
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:3000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0cb9b953f79237672294c2bb59891fa8feac894ce750f1a875f30e5b41fb1819

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=86400,s-maxage=86400
content-encoding
gzip
x-amz-version-id
AoH.jiVjydvinnHNJtZ8mseqL9URAGVR
etag
W/"2c693994526dc99b803e449d427bb8e1"
age
2537
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
7zdqcWG2zsQvQTUNPyGqOD8y3i8gE5Xmj_JFdAqUCJjM2AO6enOSwg==
date
Wed, 23 Oct 2024 23:28:46 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 21:19:43 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
door.js
au-script.dotmetrics.net/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13062
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-61.syd62.r.cloudfront.net
Software
Kestrel /
Resource Hash
1b88ed36d56ba0576ae097bf8e60c156a347d0b162970b4e512ba6a5d967bac5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private
content-encoding
br
etag
"13062...323.2024102400"
via
1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
x-amz-cf-id
x9D1nhNMCFD9xnPuBjMPloFZPCaVQpSdIuycqOQJS0fg-vJrYnD8dg==
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Kestrel
x-amz-cf-pop
SYD62-P1
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"5e9ac3a42b557bf8ca38cf2e8baba70b"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12126
date
Thu, 24 Oct 2024 00:11:01 GMT
last-modified
Tue, 15 Oct 2024 19:34:59 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
2988.js
script.crazyegg.com/pages/scripts/0018/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0018/2988.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1211.js?utv=ut4.46.202311301301
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a66cfd3baa2ceb9836c31d0c9f3cdf55ce4392605ca499cafcfb2f8e2299f21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-expose-headers
CE-Version
content-encoding
gzip
cf-bgj
minify
cf-cache-status
HIT
age
19716
cf-polished
origSize=6996
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
text/javascript
last-modified
Wed, 23 Oct 2024 13:02:56 GMT
vary
Accept-Encoding
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8d75bf442e0ba968-SYD
access-control-allow-origin
*
ce-version
11.5.299
server
cloudflare
js
www.googletagmanager.com/gtag/ 		225 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-14643376
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cbeadeda8182f40b397de77bb9d2c050f02b49ad92805e9ebcd2302f30f1d7c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 24 Oct 2024 00:11:01 GMT
alt-svc
h3=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
82778
x-xss-protection
0
server
Google Tag Manager
up_loader.1.1.0.js
js.adsrvr.org/ 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.14.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-14-99.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ced3b19dbaf9805d635d9b2e6af1d83c752d8e677ef41728c3aa1e5990f6ff3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Encoding
gzip
ETag
W/"c344dc53c8de38f6fc7ffc8afeeeee6e"
Age
43430
Connection
keep-alive
Via
1.1 08a9275888c86859e545bc29de28a412.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
wFMkM4PKRO663eaUkufKWsh21ouTWR-QNYDo14JDSe_czZSSWSu1-A==
Date
Wed, 23 Oct 2024 12:07:11 GMT
Content-Type
application/x-javascript
Last-Modified
Tue, 15 Oct 2024 06:56:09 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD62-P3
x-amz-server-side-encryption
AES256
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1415:9c00:287::1931 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-max-age
86400
cache-control
max-age=7200
access-control-expose-headers
X-CDN
content-encoding
br
etag
"b37f6fea55e9029c9c9d413c47f69cb7"
x-cdn
akamai
access-control-allow-methods
GET
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
access-control-allow-origin
*
content-length
1878
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202410170254&cb=1729728661029
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
etag
"7bc0ee636b3b83484fc3b9348863bd22"
age
176
x-cache
Hit from cloudfront
x-amz-cf-id
fmCkxSHhUGV5Xs4khXkvYWJLepyM9BbI-XT88yUyndYsONk09r7f0g==
date
Thu, 24 Oct 2024 00:08:06 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
cache-control
max-age=300
via
1.1 a8d63eee2fd456f0e1e6772e38461220.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2
x-amz-cf-pop
SYD62-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
metrics.main.bundle.js
tags.news.com.au/prod/metrics/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.main.bundle.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28f::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9adf77add5f442574735f5fd2c07d13a3a44572ba1553c77e92f43e6d6c2f25a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=77513
content-encoding
gzip
etag
"39d9814dcba193f6396b3f8540e65c0c:1729563983.411882"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-length
26465
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
AkamaiNetStorage
384959879014125
connect.facebook.net/signals/config/ 		77 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/384959879014125?v=2.9.173&r=stable&domain=www.heraldsun.com.au&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
9f51e4d77e383939686207212137a76645a965f9adae89629240c8a62530deec
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=66, mss=1232, tbw=67710, tp=65, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
jgxnIJXcIRrReZen2alxCCWm2zheuQ3yPFEXQ3yC6R5IttC3TnEqgZdANObfoT5C+RzioOf1NF3CLXc/bdfnRw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
15323
x-xss-protection
0
origin-agent-cluster
?1
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-102.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Content-Encoding
gzip
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Age
967778
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
RhGym3izrLK3DlZxKhTe__5BY4IjKCzLA9xuY953xPTmZW-zFoTpLA==
Date
Sat, 12 Oct 2024 19:21:24 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Wed, 26 Jun 2024 21:11:12 GMT
Transfer-Encoding
chunked
Cache-Control
max-age=2592000
Connection
keep-alive
Via
1.1 aebce22763fb7e32a807cd494884a9b4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SYD3-P1
Server
AmazonS3
x-amz-server-side-encryption
AES256
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28f::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=18004
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1712019818.804653"
access-control-allow-origin
https://www.heraldsun.com.au
content-length
65
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
text/plain
vary
Origin, Origin, Origin
server
AkamaiNetStorage
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a15c66a31808c0571ca987d3e7d7043c94123567eb2d2534f9e706671b5abd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
872
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ZfIsE43ZcCgHNo7tXucFirkaa9xG4K4nSb7GjNVklb35rElptQ41h20dByRbsqPvE8LSLlO0qHLbNfupJmjpBvoa4RNiWeKmFmSNOt1fq098vSjnAE1xvvOkHqmr2CUMvsdp3YM6jqBQ4UN6zg5wsjg"}],"group":"cf-nel","max_age":604800}
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-ray
8d75bf43ea54aae4-SYD
cf-polished
origSize=62389
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 23 Oct 2024 23:56:29 GMT
vary
Accept-Encoding
server
cloudflare
adsct
t.co/1/i/ 		43 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=85b71027-a6a5-46cc-8d9c-84b444513e49&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f70055f2-dd58-408d-8239-a834b08c2e23&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=0&txn_id=olqt8&type=javascript&version=2.3.30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_m /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=0
x-transaction-id
9dd912e08f4efa82
cache-control
no-cache, no-store, max-age=0
x-connection-hash
78ef0698cccc738475b77db8a9ea2bc46176a302d17f43579c790c87c41090db
cf-cache-status
DYNAMIC
cf-ray
8d75bf447d24aad7-SYD
x-response-time
96
content-length
43
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_m
adsct
analytics.twitter.com/1/i/ 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=85b71027-a6a5-46cc-8d9c-84b444513e49&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f70055f2-dd58-408d-8239-a834b08c2e23&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=0&txn_id=olqt8&type=javascript&version=2.3.30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_m /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
54893411b3700aa8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
7aac4b84007aaf47f0e334b7eaf44c0ec23063445be04c674b5e08eca4813ebb
x-response-time
96
content-length
43
date
Thu, 24 Oct 2024 00:11:00 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_m
attribution_trigger
px.ads.linkedin.com/ 		2 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=&time=1729728661158&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Referer
https://www.heraldsun.com.au/

Response headers

x-li-pop
afd-prod-lor1-x
content-encoding
gzip
x-fs-uuid
0006252dd66c4419e0e4fc40dc54c446
x-msedge-ref
Ref A: B6C171E0704E4A85887F46458D478210 Ref B: SYD03EDGE2008 Ref C: 2024-10-24T00:11:01Z
x-li-fabric
prod-lor1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYlLdZsRBng5PxA3FTERg==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/json
access-control-allow-headers
*
collect
px.ads.linkedin.com/ 		0
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1729728661158&li_adsId=f1937bd7-4133-4046-acd9-23cc4cc3d37d&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: C16D170259DC454C96D1433582F750C1 Ref B: SYD03EDGE1019 Ref C: 2024-10-24T00:11:01Z
x-li-fabric
prod-lva1
x-li-uuid
AAYlLdZsnDEsQVyP1T/e6g==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
application/javascript
/
geo.privacymanager.io/ 		31 B
629 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.86.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-86-93.sfo5.r.cloudfront.net
Software
/
Resource Hash
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-apigw-id
AINR6EZjDoEEGBg=
age
342
x-amzn-trace-id
Root=1-67198f3f-727a4c5e5268555a3b64bc48;Parent=2a2d7f46810543af;Sampled=0;Lineage=1:06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid
76d6172f-93b4-42c3-864f-3798384f8856
via
1.1 c12dc5a7470811b7785c781e3f388796.cloudfront.net (CloudFront), 1.1 e4c0014a384c62a3cb7a89a15c1fb004.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
31
x-amz-cf-id
Zxix-ClCINjPt8UzXiMz5SB9vU-28WyBTbtihtwvP1M1EgOyyqw-nQ==
date
Thu, 24 Oct 2024 00:05:19 GMT
content-type
application/json
x-amz-cf-pop
SFO53-P6, SFO5-P3
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=C0VMylweycY1dqrp&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=hwt&n=1&f=00001&c=0&x=0&m=0&y=14613&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2F&b=3094&t=Bx9WiyBPnym0BeYva0BqLwXvh66dy&V=147&i=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=-480&_acct=anon&sn=1&sv=DgTfdeDSEgWOB8bnueEy7RqB-1CbP&sr=external&sd=1&im=067b2ffa&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.224.56.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-56-38.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

expires
0
cache-control
no-cache, no-store, must-revalidate
content-length
43
date
Thu, 24 Oct 2024 00:11:01 GMT
pragma
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
5119
config.aps.amazon-adsystem.com/configs/ 		531 B
796 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/5119
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-114.syd3.r.cloudfront.net
Software
CloudFront /
Resource Hash
b8464dcb7e2e01bf45bea28cd900120b54874408b41a83ccd573931cae12fac8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=3600
age
1152
via
1.1 e5b020a801bdf1ad3db7e2da019dad6c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
531
x-amz-cf-id
VcIvIU8CEBw-TZftTWUeiVPxf3GcqBSx9IyP9e63LEKHrui1remdPQ==
date
Wed, 23 Oct 2024 23:51:49 GMT
content-type
application/javascript
x-amz-cf-pop
SYD3-P2
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		636 B
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-125.syd62.r.cloudfront.net
Software
Server /
Resource Hash
0e53454a6a3599c9e3c46ed4eb2132a19bd03b72d6be5282a2d4fb093249751f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
10001
access-control-allow-credentials
true
via
1.1 8ccca629f0b1ca48e2e69a056f61f9a6.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.heraldsun.com.au
x-cache
Hit from cloudfront
content-length
636
x-amz-cf-id
1U8UQvU7fI2FvwIjnck-6ffhn4tkTLQX2i5AXwNlXP8YXeoAq5ZRPA==
date
Wed, 23 Oct 2024 21:24:19 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
SYD62-P3
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-125.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
22991
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
KriQ6Wma2koLCwyQlQ_4ms6PIL73wjfL8j-Bu_XABAkkR6c4-nLzJg==
date
Wed, 23 Oct 2024 17:47:50 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 0462a83c1b4a9fa5a2554db6feb3a19c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
SYD62-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241024
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b770bbaa551a531819d5760dee31f35917591c94a47b8d9b59965b56f13a21fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"642-ACHatWxRolOGKv5f+6bqL+uwTTY"
age
23807
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LbXu8cx773VDC85u3rMLj00xCBUv5sXiWLoWLYMbceuPHR5Ru40BUaYeBc99QEJD7Vo1cfDEXTU8nlNkQ5iwU2g3%2BQQxFRN5M2Xwqeq1378je2mGNUQ%2FnEEHBWyLsGRnFfF68rLtcxfWl2WT4%2FM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21928-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d75bf453af6a965-SYD
accept-ranges
bytes
access-control-allow-origin
*
content-length
834
server
cloudflare
x-jsd-version
1.0.2218
prebid
id5-sync.com/api/config/ 		167 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
b693ff17985bc54be8d357b5ac2ddc78e06c64df046d38aadad3d9bee7ec2439
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
283 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.26.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.26.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 google
access-control-allow-origin
https://www.heraldsun.com.au
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:11:01 GMT
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.54.124.222 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-124-222.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Thu, 24 Oct 2024 00:11:01 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.54.124.222 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-124-222.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://www.heraldsun.com.au/

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.heraldsun.com.au
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
2
Date
Thu, 24 Oct 2024 00:11:01 GMT
Content-Type
text/plain; charset=UTF-8
Server
nginx
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame 2770 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-54.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Age
160
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 24 Oct 2024 00:08:22 GMT
ETag
W/"fbee957879301d939e1c5ea8e01d09a8"
Last-Modified
Tue, 16 May 2023 02:16:02 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 b862c6b18a44c823dd40d8d760097ee2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
xkmAQuAg0eJVQYtQECLz6EJ3zwwORE9KiK7i-LEJMR6RRLDil-vRXg==
X-Amz-Cf-Pop
SYD3-P2
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256
id5-api.js
cdn.id5-sync.com/api/1.0/ 		98 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-id-2
rzak4ZtVOK8sAp6+KWuwYOUe4hQApvVoZGBuHd+fDtwF+V46gxmHbrJK0jwqFEtsKCWudoPjfqY=
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"f24286e1b73c01841e789906d50ce23f"
age
982
x-amz-request-id
AXB7VRXMXHCPXR6J
cf-ray
8d75bf41b979a883-SYD
date
Thu, 24 Oct 2024 00:11:00 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 02 Oct 2024 12:26:13 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20241022/r20110914/elements/html/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241022/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=573509194775.0692?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
e8c2b09805222af84f814e922b1c551a12c39bc10c5d1634513781f77829c4a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
15651656464653560102
age
32662
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 15:06:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 23 Oct 2024 15:06:39 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
4392
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstT8GnI2KbeA_4a8_CSWBrzIxwri8u6VkzXhEAx5LbnsdC0yFcFgMD1D8-qRMsG0GkWhlK9kp7Ezr207w4QOuHTvjgSn327nZrF9WmttXvE9xH-zuXTfwx0dyS0-hYAfwcOuklFE5B9A2J1QI05yNdZvPPOx8aXL9BF0dFsCoH5Tig&sai=AMfl-YTNFdSyzsQ6mQjfIN3F5S1-r4Twlt2r5F4aJqvFmAuvJx4Ad_oqmTf8WPIFI402wmME4-OEdo9CUd5O&sig=Cg0ArKJSzBVivNCZg_IaEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20241022.78488&arae=1&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=573509194775.0692?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:11:01 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:01 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
97081477.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/97081477.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b3f8887ff1740194500836b11927281f78df0c4b85d0a4d32eeba1386845c8ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=60
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DAC03D5A989041B385F990EA68B0E580 Ref B: SYD03EDGE1410 Ref C: 2024-10-24T00:11:01Z
x-cache
CONFIG_NOCACHE
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cookie-sync
sync.outbrain.com/ 		0
218 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sync.outbrain.com/cookie-sync
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.250.45.119 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary9sjFDIBnBtT0nwTh
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
0
date
Thu, 24 Oct 2024 00:11:01 GMT
x-traceid
207bf3cdab93f482402e128c175427af
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=ViewContent&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1729728661396&sw=1600&sh=1200&v=2.9.173&r=stable&ec=1&o=4126&fbp=fb.2.1729728661392.198225713304784187&cs_est=true&est_source=2353117768323382&ler=empty&cdl=API_unavailable&it=1729728661070&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f119:8083:face:b00c:0:25de Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=2889, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=384959879014125&ev=ViewContent&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1729728661396&sw=1600&sh=1200&v=2.9.173&r=stable&ec=1&o=4126&fbp=fb.2.1729728661392.198225713304784187&cs_est=true&est_source=2353117768323382&ler=empty&cdl=API_unavailable&it=1729728661070&coo=false&es=automatic&tm=3&rqm=FGET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f119:8083:face:b00c:0:25de Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429128031458746384"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x5d5f4e0a9b6cfa95","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["2961425057275799"]},"debug_reporting":true,"debug_key":"2718718979725135687"}
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
UCaVcOvxTsejLjAUfFE2xUMc4RT+Yrq9cqgCTpBdGyq12IUpzmY3wdeM2PsRWAa0iRrUiezzKItfQYd3T6zryQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429128031458746384", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=3435, tp=-1, tpl=-1, uplat=176, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1729728661397&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=4126&fbp=fb.2.1729728661392.198225713304784187&cs_est=true&ler=empty&cdl=API_unavailable&it=1729728661070&coo=false&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f119:8083:face:b00c:0:25de Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=3289, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1729728661397&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=4126&fbp=fb.2.1729728661392.198225713304784187&cs_est=true&ler=empty&cdl=API_unavailable&it=1729728661070&coo=false&rqm=FGET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f119:8083:face:b00c:0:25de Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429128031929766351"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
tBnvCAGJaVpAc4pkjkRTs1TuWDxRO4huhixoe9ad/6Jacj5B1obEt9FLok27KOOtKn1ohU/W1ldYbg68ax3rGA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429128031929766351", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=6975, tp=-1, tpl=-1, uplat=177, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?0
hit.gif
au-script.dotmetrics.net/ 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1729728661424&pvs=1&ecid=5f0c58bd-c429-40ed-b7e8-568fb53a0d0b&c=true&tzOffset=-480&doorUrl=http%3a%2f%2fau-script.dotmetrics.net%2fdoor.js%3fid%3d13062&dfph=&ver=323
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-61.syd62.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
dotmetrics-hit-status
01 OK
via
1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
x-amz-cf-id
h9vTJMPExYnl0wnxKbJlMXAZ0e1Kq-O_IyuoX83GGMQ7So_y_IPeHQ==
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
image/gif
x-amz-cf-pop
SYD62-P1
server
Kestrel
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1729728661424&pvs=1&pvid=5f0c58bd-c429-40ed-b7e8-568fb53a0d0b&c=true&tzOffset=-480
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:8e00:d:5ce3:a4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

vary
Accept-Encoding
cache-control
max-age=86400
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
age
30345
via
1.1 8783138ea9666e4b4e108d637479e468.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
807
x-amz-cf-id
ocGq1qd8asmiElFopvhSTKbQlrytStoKBB6c3jaF0wgJgL2zPx4AJQ==
date
Wed, 23 Oct 2024 15:45:17 GMT
content-type
image/gif
last-modified
Tue, 18 Apr 2023 12:25:02 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
www.heraldsun.com.au.json
script.crazyegg.com/pages/data-scripts/0018/2988/site/ 		1 KB
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0018/2988/site/www.heraldsun.com.au.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4483fd108fc33c933efe5c6b8d99defd2737fb2fdcb8414b2ba9911f52fd5d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-expose-headers
CE-Version
content-encoding
gzip
cf-cache-status
HIT
age
40087
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json
last-modified
Wed, 23 Oct 2024 13:02:54 GMT
vary
Accept-Encoding
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8d75bf460a087e3f-SYD
accept-ranges
bytes
access-control-allow-origin
*
content-length
473
ce-version
11.5.299
server
cloudflare
undefined_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/undefined_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
config
pixel-config.reddit.com/pixels/t2_vrvmwxuz/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_vrvmwxuz/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1729728661440&id=t2_vrvmwxuz&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=d6ed6a42-571d-4b6f-baf7-4ae83c3aa9e3&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
image/gif
server
Varnish
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/ 		481 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
dad10a832ba51b5db08691887a58b582022dd25c7849e0dd70f1ff8484d74a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
14283833466912019972
age
50144
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 10:15:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 23 Oct 2024 10:15:17 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
152738
x-xss-protection
0
server
cafe
main.97c41ef3.js
s.pinimg.com/ct/lib/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.97c41ef3.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1415:9c00:287::1931 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-max-age
86400
cache-control
max-age=1209600
access-control-expose-headers
X-CDN
content-encoding
br
etag
"e1539e83e14f862d3b381b23e74d63fa"
x-cdn
akamai
access-control-allow-methods
GET
accept-ranges
bytes
access-control-allow-origin
*
content-length
23701
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		199 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:3000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
x-amz-version-id
Aabpvbg3ktgBmwIqp1b4kZ3V88L5QhMx
etag
W/"2be1fe7a43ef5ba626afab2ceddfc177"
age
1370
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Hit from cloudfront
x-amz-cf-id
EhfmBvcVcYOyvAoqs73SD_GnE5a8hwZgJNEy-G76YqUMDlfd1m9BcA==
date
Wed, 23 Oct 2024 23:48:12 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 06 Sep 2023 13:04:53 GMT
cache-control
max-age=86400
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD3-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.54.124.222 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-124-222.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://www.heraldsun.com.au/

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.heraldsun.com.au
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
2
Date
Thu, 24 Oct 2024 00:11:01 GMT
Content-Type
text/plain; charset=UTF-8
Server
nginx
fixturesandresults.json;from=2024-10-21;to=2024-10-31
statsapi.foxsports.com.au/3.0/api/sports/afl/series/4/seasons/129/ 		12 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/afl/series/4/seasons/129/fixturesandresults.json;from=2024-10-21;to=2024-10-31?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.133.233 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-133-233.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
ae023e590bdc03280634be3ff1cf14d2478200705d50179a9a2a521db69a6484

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=2
content-encoding
gzip
access-control-allow-methods
GET
accept-ranges
bytes
x-varnish
18032788 17679574
access-control-allow-origin
*
content-length
1500
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json
vary
Accept-Encoding
server
STATS API
fixturesandresults.json;from=2024-10-21;to=2024-10-31
statsapi.foxsports.com.au/3.0/api/sports/league/series/1/seasons/122/ 		2 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/league/series/1/seasons/122/fixturesandresults.json;from=2024-10-21;to=2024-10-31?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.133.233 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-133-233.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=0
content-encoding
gzip
access-control-allow-methods
GET
accept-ranges
bytes
x-varnish
78313959 78313928
access-control-allow-origin
*
content-length
22
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json
vary
Accept-Encoding
server
STATS API
fixturesandresults.json;from=2024-10-21;to=2024-10-31
statsapi.foxsports.com.au/3.0/api/sports/league/series/32/seasons/122/ 		2 B
645 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/league/series/32/seasons/122/fixturesandresults.json;from=2024-10-21;to=2024-10-31?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.133.233 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-133-233.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=0
content-encoding
gzip
access-control-allow-methods
GET
accept-ranges
bytes
x-varnish
131183841 128438163
access-control-allow-origin
*
content-length
22
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json
vary
Accept-Encoding
server
STATS API
fixturesandresults.json;from=2024-10-21;to=2024-10-31
statsapi.foxsports.com.au/3.0/api/sports/basketball/series/9/seasons/65/ 		11 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/basketball/series/9/seasons/65/fixturesandresults.json;from=2024-10-21;to=2024-10-31?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.133.233 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-133-233.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
12c332cd386d84b39668ef11d0b08bce8d2905fc06aca2d5cd9284f773b1562c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=1
content-encoding
gzip
access-control-allow-methods
GET
accept-ranges
bytes
x-varnish
128791465 130433016
access-control-allow-origin
*
content-length
1180
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json
vary
Accept-Encoding
server
STATS API
/
ct.pinterest.com/user/ 		321 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2612777586108&ov=%7B%22page_name%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22page_category%22%3A%22%22%7D&pd=%7B%22opt_out_type%22%3A%22%22%2C%22st%22%3A%22%22%2C%22country%22%3A%22%22%2C%22np%22%3A%22tealium%22%7D&cb=1729728661511&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
42dc9a6c36ecc26cf9ebfd44eda00c9b
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443";ma=600
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json; charset=utf-8
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-cdn
fastly
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPU5UYzJNVGxqWVdFdE0yTXpPUzAwTmpsa0xUZ3hPVFV0TXpFek16RmpZMlU1WVRBMg
pinterest-version
4c367255c34ed9223ef8c37450ea65abc9db1e3c
access-control-allow-origin
https://www.heraldsun.com.au
content-length
186
x-pinterest-rid
1800876600745735
/
ct.pinterest.com/user/ 		321 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22lead_type%22%3A%22test%22%2C%22event_id%22%3A%221202912f50c0feb14038cb1c5570afaf%22%7D&tid=2612777586108&cb=1729728661513&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
3089d796649e312b3ccfa2d44210121a
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443";ma=600
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json; charset=utf-8
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
0
x-cdn
fastly
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPU1USmhZVE00WlRBdE5qRTVOaTAwTVRReUxUZzJORGN0TmpFeE9XVmpaRGxrWTJZMQ
pinterest-version
4c367255c34ed9223ef8c37450ea65abc9db1e3c
access-control-allow-origin
https://www.heraldsun.com.au
content-length
186
x-pinterest-rid
4381899994979897
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 275B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:2400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
2210
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Wed, 23 Oct 2024 23:34:12 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 06 Sep 2023 13:04:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 998f2e65b8600f6b6ddabdbf7f97c846.cloudfront.net (CloudFront)
x-amz-cf-id
EHah4hXDx_yo6XrCh9q5OwUxSJnTT5gZ5A3WjoB15pGzkqIct7vd8w==
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
CTbRZ.5UlARhD4XceMUpZU1V6DSHtB37
x-cache
Hit from cloudfront
3260c21b_4ca4148dd2233028b86a7fd554fa8d9a0f87599764bb
bedsberry.com/send/ 		299 B
715 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/send/3260c21b_4ca4148dd2233028b86a7fd554fa8d9a0f87599764bb
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b9ac1a13becbf27465f166564d0ccc0415a3ff9acfc27c535787e9cce8b8c13
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-buildname
hoothoot
access-control-allow-methods
POST, OPTIONS
x-hostname
fen-hoothoot-asia-east1-k74r
expires
Thu, 24 Oct 2024 00:11:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security
max-age=15724800; preload
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
x-datacenter
gce-asia-east1
via
1.1 google
cf-ray
8d75bf471b87a96e-SYD
access-control-allow-origin
https://www.heraldsun.com.au
x-buildnumber
1507459579
server
cloudflare
/
ct.pinterest.com/v3/ 		35 B
206 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?tid=2612777586108&ov=%7B%22page_name%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22page_category%22%3A%22%22%7D&pd=%7B%22opt_out_type%22%3A%22%22%2C%22st%22%3A%22%22%2C%22country%22%3A%22%22%2C%22np%22%3A%22tealium%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1729728661548
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-pinterest-rid-128bit
22ebab7957b26df1e6d0e44c1d9c5f58
x-cdn
fastly
access-control-allow-credentials
true
referrer-policy
origin
expires
Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version
4c367255c34ed9223ef8c37450ea65abc9db1e3c
access-control-allow-origin
https://www.heraldsun.com.au
alt-svc
h3=":443";ma=600
content-length
35
date
Thu, 24 Oct 2024 00:11:01 GMT
x-pinterest-rid
1663204443944467
content-type
image/gif
swg-button.css
news.google.com/swg/js/v1/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
age
2881
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:13:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 23:23:00 GMT
last-modified
Wed, 03 Jan 2024 21:19:17 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=3000
cross-origin-opener-policy
same-origin; report-to="news-frontend"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
accept-ranges
bytes
content-length
5195
x-xss-protection
0
server
sffe
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
age
331
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:55:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:05:30 GMT
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public, max-age=3000
cross-origin-opener-policy
same-origin; report-to="news-frontend"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
accept-ranges
bytes
content-length
1049
x-xss-protection
0
server
sffe
serviceiframe
news.google.com/swg/ui/v1/ Frame D4FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=1729728661575&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-37CDVeJSsRE6FEoxN-l2zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://billing-ads-qa-devel.corp.google.com https://payments.google.com https://payments.sandbox.google.com https://sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-37CDVeJSsRE6FEoxN-l2zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://billing-ads-qa-devel.corp.google.com https://payments.google.com https://payments.sandbox.google.com https://sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Thu, 24 Oct 2024 00:11:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/swg/_/SubscribewithgoogleClientUi/web-reports?context=eJzjytHikmLw1pBicDa_xRT35xZT1OlHTE0rnzK1APG3Q8-YfgCxxNeXTBpA7JQ-gzUIiFtvnmOdCsRJ_86zFgEx69OLrOxAbKhwidURiFV7LrGaAnGRxBXWJiB2LL_C6gzEQtwc0xY-28EmMOHZekclo6T8wvji0qTi5KLMpNTyzJKM9Pz89JzU5JzM1LyS4tSistSieCMDIxNDA0MzPQPD-AIDAFknRso"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=7e722840117048d05a069f399fbd80cc&timewithTz=2024-10-24T00:11:00.686Z&country=au&newsconnectId=&fpid=8d7ab3017569bbb26e044e3b23694b8d
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.186.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-186-186.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, DELETE, PUT
content-length
35
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
image/gif
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
arrow_left_black.png
s3-ap-southeast-2.amazonaws.com/resources.newsplus.com.au/resources/cs/chronicle/images/sports/icon/ 		295 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/resources.newsplus.com.au/resources/cs/chronicle/images/sports/icon/arrow_left_black.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.95.131.164 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
d6a2262db41d6daa01a55bff2ad51439054c6b051f070f0b2c3ecb7a3c482489

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://resourcesssl.newscdn.com.au/

Response headers

ETag
"f55d1ae7b7bc941af883ba0e4179a13a"
x-amz-request-id
SFZJXDKM4T9M092H
Accept-Ranges
bytes
Content-Length
295
Date
Thu, 24 Oct 2024 00:11:02 GMT
Last-Modified
Tue, 23 Jan 2018 04:27:10 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-id-2
HORNe4flnusMHx6tkYposqpg+W5GZK36MoXVqWUinKbLhbJ/oMDW3QUjIi6+OZPWfDV6h6iKQLc=
/
geo.privacymanager.io/ 		31 B
628 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.86.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-86-93.sfo5.r.cloudfront.net
Software
/
Resource Hash
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-apigw-id
AINR6EZjDoEEGBg=
age
342
x-amzn-trace-id
Root=1-67198f3f-727a4c5e5268555a3b64bc48;Parent=2a2d7f46810543af;Sampled=0;Lineage=1:06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid
76d6172f-93b4-42c3-864f-3798384f8856
via
1.1 c12dc5a7470811b7785c781e3f388796.cloudfront.net (CloudFront), 1.1 e4c0014a384c62a3cb7a89a15c1fb004.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
31
x-amz-cf-id
NPqGoIBX778EdRCDRZY2tH7o2qOm61kIwphBYpO2_pAUICjM1bIhCw==
date
Thu, 24 Oct 2024 00:05:19 GMT
content-type
application/json
x-amz-cf-pop
SFO53-P6, SFO5-P3
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
script.js
au-script.dotmetrics.net/Scripts/ 		73 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=323
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13062
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-61.syd62.r.cloudfront.net
Software
Kestrel /
Resource Hash
6655ef3bf169f6c264ac3247a09836d290d04bd308c2a8119b637eabfe0a7ba9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-cf-pop
SYD62-P1
content-encoding
br
etag
"1db2085fe7f550e"
via
1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
jd2tBfm5rVuQ7er_mv9vgQn-i96ocXZcm5SciUrr2X4fayQaR_K7_w==
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
text/javascript
last-modified
Thu, 17 Oct 2024 11:16:21 GMT
vary
Accept-Encoding
server
Kestrel
article
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/ 		466 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/article?locked=false&contentType=OPEN
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
789fdaca98f0053076aae5267d8e5af5c31dd5ae1f77bee4d51ffea8374e0e88
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-methods
GET, POST
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.heraldsun.com.au
x-xss-protection
0
server
ESF
nbl.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/nbl.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e248a8753ca54a8f29001df93bb1434aedab002f64b0f49804c6a8162ba7dad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css

Response headers

x-amz-id-2
0K0uT3dOEL/N2RhnL3wts4+ObzRuRD/DKTcfQI+ozXM362XzYgis5EI/NlG84kDRU0fKTk59QqmGDHacfA0quQsvRVOq/M/nwYakM4AFJRc=
cache-control
max-age=508435
etag
"f02ea7e43ffd9076010f11f664f4b75c"
access-control-allow-methods
GET,POST
x-amz-request-id
2V20QW01PNWDJHPE
expires
Tue, 29 Oct 2024 21:24:56 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
48377
date
Thu, 24 Oct 2024 00:11:01 GMT
last-modified
Thu, 03 Oct 2024 23:48:16 GMT
content-type
image/png
server
AmazonS3
x-amz-server-side-encryption
AES256
afl.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/afl.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:286::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5d354f1ff2b84dc02b7f1679bab76c7f7424a3b78948785e1ef5580fd379ad9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css

Response headers

x-amz-id-2
tb05euDsqvnSzFdsKNw1WzRjXESZ0Gv+XKHsGZYuEZSMLJjiUHr156SQslKmEsN14k0qWov50F8=
cache-control
max-age=477419
etag
"0ce93965d72d3a303c54b0987e4f8fea"
access-control-allow-methods
GET,POST
x-amz-request-id
SSD9B8X5QMXNWJ98
expires
Tue, 29 Oct 2024 12:48:00 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
31470
date
Thu, 24 Oct 2024 00:11:01 GMT
last-modified
Wed, 04 Oct 2023 03:59:12 GMT
content-type
image/png
server
AmazonS3
x-amz-server-side-encryption
AES256
events
logx.optimizely.com/v1/ 		0
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.241.49.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.heraldsun.com.au/

Response headers

x-request-id
38b2227d-5cd7-41b3-9b44-d0d8df95db9a
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
via
1.1 google
access-control-allow-origin
https://www.heraldsun.com.au
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
text/plain
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
arrow_right_black.png
s3-ap-southeast-2.amazonaws.com/resources.newsplus.com.au/resources/cs/chronicle/images/sports/icon/ 		294 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/resources.newsplus.com.au/resources/cs/chronicle/images/sports/icon/arrow_right_black.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.95.131.164 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
0ec76d4b6ed8c436113f06a582c476855e784f3226de982d3df06453a35eae3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://resourcesssl.newscdn.com.au/

Response headers

ETag
"0213d7039af05f02cbd9551d0dec8d53"
x-amz-request-id
SFZH1C6ZJXRZYBF0
Accept-Ranges
bytes
Content-Length
294
Date
Thu, 24 Oct 2024 00:11:02 GMT
Last-Modified
Tue, 23 Jan 2018 04:27:38 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-id-2
NG9n3JVv50WjoyYraM5p7rRdvgiZd5l1koRhcaDsx3gVOV48dwxqJdqWyB+1ksJ+MLT2zbyoMm0=
/
px.ads.linkedin.com/wa/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: AFF4CC7DE5AD478A9C92EEF91514B8E8 Ref B: SYD03EDGE1019 Ref C: 2024-10-24T00:11:01Z
x-li-fabric
prod-lva1
access-control-allow-credentials
true
x-li-uuid
AAYlLdZyFGBdJu+qB2spjg==
x-li-proto
http/2
access-control-allow-origin
https://www.heraldsun.com.au
x-cache
CONFIG_NOCACHE
date
Thu, 24 Oct 2024 00:11:01 GMT
vary
Origin
97081477
www.clarity.ms/tag/uet/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/97081477
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/97081477.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0b4b958364c7c60cdfc6e33ea299781b8b764fa11ec8a4f5e8059e0c2b300149

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
1043
date
Thu, 24 Oct 2024 00:11:02 GMT
content-type
application/x-javascript
x-azure-ref
20241024T001102Z-165bdb8c587pwzxlu5wece9dps00000003m000000000ftgg
0
bat.bing.com/action/ 		0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97081477&Ver=2&mid=ffff8d66-91da-4d91-abcf-6ded5c3d513a&bo=1&sid=73e765f0919c11efa91a23d1c1353179&vid=73e78570919c11efba63af3f27eadf95&vids=1&msclkid=N&pi=918639831&lg=en-AU&sw=1600&sh=1200&sc=24&tl=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&p=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=&lt=1892&evt=pageLoad&sv=1&cdb=AQwT&rn=43564
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 743E6C5A06324655B53521D6B3387323 Ref B: SYD03EDGE1410 Ref C: 2024-10-24T00:11:01Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 24 Oct 2024 00:11:01 GMT
activityi;dc_pre=CM-k3rPdpYkDFUKf6QUdeN0IBQ;src=14643376;type=hs;cat=hs_02;ord=7883958760866;npa=0;auiddc=2113534853.1729728662;gdid=dYmQxMT;ps=1;pcor=295108881;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
14643376.fls.doubleclick.net/ Frame 1BA7
Redirect Chain
  • https://14643376.fls.doubleclick.net/activityi;src=14643376;type=hs;cat=hs_02;ord=7883958760866;npa=0;auiddc=2113534853.1729728662;gdid=dYmQxMT;ps=1;pcor=295108881;uaa=;uab=;uafvl=;uamb=0;uam=;uap=...
  • https://14643376.fls.doubleclick.net/activityi;dc_pre=CM-k3rPdpYkDFUKf6QUdeN0IBQ;src=14643376;type=hs;cat=hs_02;ord=7883958760866;npa=0;auiddc=2113534853.1729728662;gdid=dYmQxMT;ps=1;pcor=295108881...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://14643376.fls.doubleclick.net/activityi;dc_pre=CM-k3rPdpYkDFUKf6QUdeN0IBQ;src=14643376;type=hs;cat=hs_02;ord=7883958760866;npa=0;auiddc=2113534853.1729728662;gdid=dYmQxMT;ps=1;pcor=295108881;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101794737~101823848;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-14643376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
362
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 00:11:02 GMT
expires
Thu, 24 Oct 2024 00:11:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 00:11:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://14643376.fls.doubleclick.net/activityi;dc_pre=CM-k3rPdpYkDFUKf6QUdeN0IBQ;src=14643376;type=hs;cat=hs_02;ord=7883958760866;npa=0;auiddc=2113534853.1729728662;gdid=dYmQxMT;ps=1;pcor=295108881;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101794737~101823848;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=14643376;type=hs;cat=hs_02;ord=7883958760866;npa=0;auiddc=2113534853.1729728662;gdid=dYmQxMT;ps=1;pcor=295108881;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm...
td.doubleclick.net/td/fls/rul/ Frame B881 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14643376;type=hs;cat=hs_02;ord=7883958760866;npa=0;auiddc=2113534853.1729728662;gdid=dYmQxMT;ps=1;pcor=295108881;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101794737~101823848;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-14643376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80a::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 00:11:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=14643376;type=hs;cat=hs_02;ord=7883958760866;npa=0;auiddc=2113534853.1729728662;gdid=dYmQxMT;ps=1;pcor=295108881;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;psc...
ad.doubleclick.net/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=14643376;type=hs;cat=hs_02;ord=7883958760866;npa=0;auiddc=2113534853.1729728662;gdid=dYmQxMT;ps=1;pcor=295108881;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9185837162za200;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101794737~101823848;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2F?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f38.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:01 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"15479294759373047868"}],"aggregatable_trigger_data":[{"filters":[{"14":["102302385"]}],"key_piece":"0x8505d636978a41ed","source_keys":["12","13","14","15","16","17","18","19","20","21","26299096","26299097","26299098","26299099","640928816","640928817","640928818","640928819","902572844","902572845","902572846","902572847","902581584","902581585","902581586","902581587"]},{"key_piece":"0xe3dd1869b466516f","not_filters":{"14":["102302385"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","26299096","26299097","26299098","26299099","640928816","640928817","640928818","640928819","902572844","902572845","902572846","902572847","902581584","902581585","902581586","902581587"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"26299096":655,"26299097":655,"26299098":655,"26299099":63569,"640928816":32,"640928817":32,"640928818":32,"640928819":3177,"902572844":32,"902572845":32,"902572846":32,"902572847":3177,"902581584":32,"902581585":32,"902581586":32,"902581587":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"2682968721396625357","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"15479294759373047868","filters":[{"14":["102302385"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"15479294759373047868","filters":[{"14":["102302385"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"15479294759373047868","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"15479294759373047868","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14643376"]}}
content-type
image/png
x-xss-protection
0
server
cafe
/
ct.pinterest.com/v3/ 		35 B
381 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22lead_type%22%3A%22test%22%2C%22event_id%22%3A%221202912f50c0feb14038cb1c5570afaf%22%7D&tid=2612777586108&cb=1729728661791&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22opt_out_type%22%3A%22%22%2C%22st%22%3A%22%22%2C%22country%22%3A%22%22%2C%22np%22%3A%22tealium%22%2C%22pin_unauth%22%3A%22dWlkPU5UYzJNVGxqWVdFdE0yTXpPUzAwTmpsa0xUZ3hPVFV0TXpFek16RmpZMlU1WVRBMg%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Afalse%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
2
x-pinterest-rid-128bit
10e3948b81ae14b12e9a89d40e25f380
x-cdn
fastly
access-control-allow-credentials
true
referrer-policy
origin
expires
Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version
4c367255c34ed9223ef8c37450ea65abc9db1e3c
access-control-allow-origin
https://www.heraldsun.com.au
alt-svc
h3=":443";ma=600
content-length
35
date
Thu, 24 Oct 2024 00:11:02 GMT
x-pinterest-rid
3358148016021566
content-type
image/gif
pub
pixel.adsafeprotected.com/services/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.90%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600,160.600,120.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x90-1,ss:%5B300.90,315.90%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=9a4b4af2-c386-21c2-ef06-aae3368bc894&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.62.126.64 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-126-64.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
d9f8c3a55321bbb56396e34c6b1d34a98975205c47d54453707d7abce4e92507

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
timing-allow-origin
*
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/json
access-control-allow-credentials
true
bid
aax.amazon-adsystem.com/e/dtb/ 		122 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&pid=lEVyxN0woJv5X&cb=0&ws=1600x1200&v=24.910.1025&t=2000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%2C%221000x150%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-2%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-2%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sm=21c2a92d-b171-4fcb-830c-1239e7c15af0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.35.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-35-170.syd3.r.cloudfront.net
Software
Server /
Resource Hash
d45c970754b1c9d73f6cd8b1e508b949a38c38beb0c94b9f436eab85795b9c41

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 4445030cc387fae2e8f01664465bd4fc.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.heraldsun.com.au
x-cache
Miss from cloudfront
content-length
129
x-amz-cf-id
duPtXssD2xIAMNXc2Zud9GitK1ijzcUJF7vTORuViM-s2TPdLCF7-w==
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
SYD3-P2
server
Server
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 8C64 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
378
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29523
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 00:04:44 GMT
expires
Thu, 24 Oct 2024 00:54:44 GMT
last-modified
Mon, 21 Oct 2024 19:45:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		398 B
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?r=1729728661974&v=eyJpZCI6MTMwNjIsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS8iLCJydXJsIjoiIiwiZWNpZCI6IjVmMGM1OGJkLWM0MjktNDBlZC1iN2U4LTU2OGZiNTNhMGQwYiIsImRjIjoiMDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAwIiwidmVyIjozMjMsImRmcGgiOiIiLCJ0ek9mZnNldCI6LTQ4MCwib3NzIjp0cnVlLCJvc2VzIjp0cnVlfQ%3D%3D
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-61.syd62.r.cloudfront.net
Software
Kestrel /
Resource Hash
495900a276e6fd4db3a909d90cbbacce932c24db77169024268d54e0ac73ee4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
content-encoding
br
via
1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
x-amz-cf-id
vgQ3e1UCbT6zsR_Vlfgxu_S-mlA-k2t4mPiY2Adnoz_R3L0qP3oKfA==
date
Thu, 24 Oct 2024 00:11:01 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Kestrel
x-amz-cf-pop
SYD62-P1
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 0B43 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.55.6.117 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-6-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=141202
content-encoding
gzip
content-length
859
content-type
text/html
date
Thu, 24 Oct 2024 00:11:02 GMT
expires
Fri, 25 Oct 2024 15:24:24 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
topicsapi.html
topics.authorizedvault.com/ Frame 9F0A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:db00::1 Sydney, Australia, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=604800
content-encoding
gzip
content-type
text/html
date
Thu, 24 Oct 2024 00:11:02 GMT
etag
W/"b1da2234a554ee8bc6519a75d88402d9"
expires
Tue, 11 Jul 2023 17:48:38 GMT
last-modified
Mon, 26 Jun 2023 15:39:25 GMT
server
CDN77-Turbo
vary
Accept-Encoding
via
1.1 google
x-77-age
268795
x-77-cache
HIT
x-77-nzt
EQwBj/Q+BAH3+xkEAA
x-77-nzt-ray
79dc8806fd95e0bf96901967db037e05
x-77-pop
sydneyAU
x-goog-generation
1687793965818864
x-goog-hash
crc32c=LvKeBQ== md5=sdoiNKVU7ovGUZp12IQC2Q==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1404
x-guploader-uploadid
ADPycdued6PJ1Ep6vC99ldIvPcD5Q2n4Vg8uR6Rg6Yvlhb0rOni3e-zPqu0tM_qE0XDXhy3ZRyO_fFEoqU_Ehpk5Zagd
prebid
ib.adnxs.com/ut/v3/ 		16 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
997fd3aab65bafb174d1de27fc119e6c0f537910fc43ba067420412f1f35dda2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.200.96; 146.70.200.96; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.heraldsun.com.au
an-x-request-uuid
a652314a-51e8-4624-9005-7573515847d2
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 24 Oct 2024 00:11:02 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx/1.23.4
cdb
bidder.criteo.com/ 		0
527 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=34648736778&lsavail=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::2a , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 24 Oct 2024 00:11:01 GMT
vary
Origin
server
Kestrel
bid-request
a.teads.tv/hb/ 		16 B
520 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.116.109.111 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-109-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 24 Oct 2024 00:11:02 GMT
access-control-allow-origin
https://www.heraldsun.com.au
content-length
42
date
Thu, 24 Oct 2024 00:11:02 GMT
content-type
application/json
vary
Accept-Encoding
imp
g2.gumgum.com/hbid/ 		40 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1729728662028&to=-480&aun=ad-block-728x90-1&gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&t=jlltldhf&pi=8&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.heraldsun.com.au%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.23.0%22%7D&ogu=https%3A%2F%2Fwww.heraldsun.com.au%2F&ns=10240
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.102.255 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-102-255.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
833740144a8433071f624673879fdbe0c67004801646e63a8eaf71b3fb9985bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 24 Oct 2024 00:11:02 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1729728662029&to=-480&aun=ad-block-300x250-1&gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&t=jlltldhf&pi=3&maxw=300&maxh=600&si=985713&bf=300x250%2C300x600%2C160x600%2C120x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.heraldsun.com.au%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.23.0%22%7D&ogu=https%3A%2F%2Fwww.heraldsun.com.au%2F&ns=10240
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.102.255 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-102-255.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8369b4de78e42f3f6eeca0e442bbf953c47124769ee63a11a1b3141d01574c3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 24 Oct 2024 00:11:02 GMT
content-type
application/json;charset=UTF-8
server
nginx
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=277566
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30f9c7848ce25d092c8cfe3010c90dab25d77fca13bde43ec1ad5986112ab3f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YdKklQ1azFtUsAEKukrW7XkrrFCJoDEioZHH6spyMQFJzP4uLSZ3JrU3ZeRMU%2BgrZ2Uswt3fkY9%2F7e8HNqUvrMf84WRwnz%2FRytDDOfQkavy25QZXilU%2Ferg4qkHOLcgHNbA0VgCZ"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 00:11:02 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8d75bf4aaa1a7e42-SYD
access-control-allow-origin
https://www.heraldsun.com.au
content-length
37
server
cloudflare
fastlane.json
fastlane.rubiconproject.com/a/api/ 		499 B
533 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_v.adl=false&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.adl=false&tg_i.pos=1%2C1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&tg_i.refreshed=false&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=2831c8b49fac7cd&p_screen_res=1600x1200&o_ae=1&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&slots=1&rand=0.8185038455045934
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3702b18678f08099de9b74acfcb8dfd52fa6880ed3100fe636e5ebb37512695f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.heraldsun.com.au
content-length
499
date
Thu, 24 Oct 2024 00:11:02 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
fastlane.json
fastlane.rubiconproject.com/a/api/ 		502 B
535 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&alt_size_ids=9%2C8%2C10&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_v.adl=false&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.adl=false&tg_i.pos=1%2C1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&tg_i.refreshed=false&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=29a4c288505a02a&p_screen_res=1600x1200&o_ae=1&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&slots=1&rand=0.8446921487482704
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dce97af42f431abedfdfb718cc3918b8d72dff4ac1275f7a582ae46c4bb0b403

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.heraldsun.com.au
content-length
502
date
Thu, 24 Oct 2024 00:11:02 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
fastlane.json
fastlane.rubiconproject.com/a/api/ 		476 B
510 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_v.adl=false&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.adl=false&tg_i.pos=2%2C2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&tg_i.refreshed=false&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=30c165c0a8df6d9&p_screen_res=1600x1200&o_ae=1&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&slots=1&rand=0.3073749872945446
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bc50ac6bdc60d17d5112f4427769f1d22385fc6192b24debe955243cd0e0f93b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.heraldsun.com.au
content-length
476
date
Thu, 24 Oct 2024 00:11:02 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
fastlane.json
fastlane.rubiconproject.com/a/api/ 		478 B
691 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_v.adl=false&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.adl=false&tg_i.pos=2%2C2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&tg_i.refreshed=false&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=31c017b34b6192a&p_screen_res=1600x1200&o_ae=1&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&slots=1&rand=0.8583990695440198
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5fb53e0ee3d5d2c7593dc6e3a24d4a59612ce85727ab88d2a024f7e5877a2f2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.heraldsun.com.au
content-length
478
date
Thu, 24 Oct 2024 00:11:02 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
prebid
ads.playground.xyz/host-config/ 		0
346 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/host-config/prebid?v=2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

x-request-id
3ef6a047-83fa-485d-82ca-cd28e4a3eab3
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.heraldsun.com.au
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:11:02 GMT
x-powered-by
Express
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.87 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 24 Oct 2024 00:11:02 GMT
access-control-allow-credentials
true
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1729728662153
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.55.50.85 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-55-50-85.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
1b6a9b2842a91f58414e31a83ea6c7832694fc8ee3c7cceccded6b3a2caa1450
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-apse2-2-v066-02fd0d74a.edge-apse2.demdex.com 3 ms
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
x-tid
76sy9chaQ24=
expires
Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin
https://www.heraldsun.com.au
content-length
1557
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 24 Oct 2024 00:11:02 GMT
content-type
application/json;charset=utf-8
vary
Origin
bounce
id5-sync.com/ 		29 B
458 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
date
Thu, 24 Oct 2024 00:11:02 GMT
content-type
text/plain;charset=utf-8
vary
Origin
v1
lb.eu-1-id5-sync.com/lb/ 		56 B
303 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a4916cd004bb774fa474d4bb0ad789bf42e4740b8598b9d0708c4cd20eaff81f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 24 Oct 2024 00:11:02 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
dest5.html
newscorpau.demdex.net/ Frame F5E6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.55.50.85 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-55-50-85.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 24 Oct 2024 00:11:02 GMT
dcs
dcs-prod-apse2-2-v066-0ea8f86ff.edge-apse2.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 16 Oct 2024 09:34:11 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
exLg5i27TO4=
id
newscorpau.sc.omtrdc.net/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newscorpau.sc.omtrdc.net/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=20459222592212899612512259419371935967&ts=1729728662224
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.224 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-224.data.adobedc.net
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
content-length
2
date
Thu, 24 Oct 2024 00:11:02 GMT
x-xss-protection
1; mode=block
content-type
application/x-javascript;charset=utf-8
vary
Origin
server
jag
ibs:dpid=411&dpuuid=ZxmQlgAAAB6fIgOn
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=20480451223360826752510154147301968325
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZxmQlgAAAB6fIgOn
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZxmQlgAAAB6fIgOn
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.55.50.85 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-55-50-85.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-apse2-1-v066-0021d9814.edge-apse2.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
I7eJF1p1Rlk=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 24 Oct 2024 00:11:02 GMT
content-type
image/gif

Redirect headers

Cache-Control
no-cache
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZxmQlgAAAB6fIgOn
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length
0
Date
Thu, 24 Oct 2024 00:11:02 GMT
Connection
close
Server
AMO-cookiemap/1.1
iu3
s.amazon-adsystem.com/ Frame 5AD7
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg_3lift&dcc=t
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-107.compute-1.amazonaws.com
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
292
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 24 Oct 2024 00:11:03 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
934DJMW5J9R307TZ1908

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 24 Oct 2024 00:11:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
G34TE9NNX19MH7DP4D17
3360c21b_4ca4148dd2233028b86a7fd554fa8d9a0f87599764bb
bedsberry.com/ 		3 B
456 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/3360c21b_4ca4148dd2233028b86a7fd554fa8d9a0f87599764bb
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.heraldsun.com.au/

Response headers

cf-cache-status
DYNAMIC
x-buildname
hoothoot
access-control-allow-methods
POST, OPTIONS
x-hostname
fen-hoothoot-asia-east1-k74r
expires
Thu, 24 Oct 2024 00:11:01 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 00:11:02 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security
max-age=15724800; preload
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
x-datacenter
gce-asia-east1
via
1.1 google
cf-ray
8d75bf4b1840a96e-SYD
access-control-allow-origin
https://www.heraldsun.com.au
content-length
3
x-buildnumber
1507459579
server
cloudflare
v1
lb.eu-1-id5-sync.com/lb/ 		56 B
302 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
d3d6922dcd19b6fab55b14e2d9154548cc0f8c1e9e0064e9b4cbbd8d36dd464e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 24 Oct 2024 00:11:03 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
clarity.js
www.clarity.ms/s/0.7.49/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.49/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/97081477
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-azure-ref
20241024T001102Z-165bdb8c587pwzxlu5wece9dps00000003m000000000ftgv
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCF0FBF8E94E61"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
9faea5d1-501e-0064-0fe8-22df43000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Thu, 24 Oct 2024 00:11:02 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Sun, 20 Oct 2024 11:40:18 GMT
collect
o.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/

Response headers

Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Thu, 24 Oct 2024 00:11:03 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=20459222592212899612512259419371935967&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%018d7ab3017569bbb26e044e3b23694b8d%011&ts=1729728663039
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.55.50.85 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-55-50-85.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
0f073a026620057066cb4593f2416fff79782b62ad9a45fd4b1a56ad178dcdd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-apse2-1-v066-091038da0.edge-apse2.demdex.com 3 ms
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
x-tid
jIQh+uSYSmw=
expires
Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin
https://www.heraldsun.com.au
content-length
1560
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 24 Oct 2024 00:11:03 GMT
content-type
application/json;charset=utf-8
vary
Origin
s05242521847599
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.25.0/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.25.0/s05242521847599?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=24%2F9%2F2024%208%3A11%3A3%204%20-480&cid.&newsnkidcookie.&id=8d7ab3017569bbb26e044e3b23694b8d&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=8d7ab3017569bbb26e044e3b23694b8d&mid=20459222592212899612512259419371935967&aamlh=8&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPercentPageViewed=5.0.1&getPreviousValue=3.0&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D8%2Cevent18%2Cevent63%3D18.917000000476836%2Cevent118&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Ccustom%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=11%3A11%20AM%7CThursday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Clinux%7C-&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=18.917000000476836&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=pdf%20viewer%3Bchrome%20pdf%20viewer%3Bchromium%20pdf%20viewer%3Bmicrosoft%20edge%20pdf%20viewer%3Bwebkit%20built-in%20pdf&v77=D%3Dmid&v78=au%7Cnsw%7Csydney%7C-33.88%7C151.22%7Cgmt%2B10%7Cunknown&v79=au&v80=8d7ab3017569bbb26e044e3b23694b8d-00000000000000000000000000000000-1729728660513-81269&v110=2024-10-24%2008%3A10%3A58&v111=0&v199=en-US%2Cen&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.82 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-82.data.adobedc.net
Software
jag /
Resource Hash
d248502b57238172e3d927381423c17fcc3538bb0fcdcdfe22f7f8ad00ec68c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-aam-tid
TM4/x7BDQcc=
etag
3714564020374503424-4618271277233601253
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 00:11:03 GMT
p3p
CP="This is not a P3P policy"
date
Thu, 24 Oct 2024 00:11:04 GMT
last-modified
Fri, 25 Oct 2024 00:11:03 GMT
vary
*
content-type
application/x-javascript;charset=utf-8
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, max-age=0, no-transform, private
dcs
dcs-prod-apse2-2-v066-09a83421e.edge-apse2.demdex.com 6 ms
pragma
no-cache
access-control-allow-origin
*
content-length
4969
x-xss-protection
1; mode=block
server
jag
/
d0.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d0.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.140.162 , France, ASN16276 (OVH, FR),
Reverse DNS
ip162.ip-135-125-140.eu
Software
/
Resource Hash
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d1.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d1.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.127.115 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip115.ip-51-195-127.eu
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d2.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.140.162 , France, ASN16276 (OVH, FR),
Reverse DNS
ip162.ip-135-125-140.eu
Software
/
Resource Hash
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d3.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d3.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.145.78 , France, ASN16276 (OVH, FR),
Reverse DNS
ip78.ip-135-125-145.eu
Software
/
Resource Hash
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d4.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d4.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.146.82 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip82.ip-135-125-146.eu
Software
/
Resource Hash
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d5.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d5.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.145.78 , France, ASN16276 (OVH, FR),
Reverse DNS
ip78.ip-135-125-145.eu
Software
/
Resource Hash
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d6.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d6.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.36 , France, ASN16276 (OVH, FR),
Reverse DNS
ip36.ip-51-195-115.eu
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d7.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d7.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.146.86 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip86.ip-135-125-146.eu
Software
/
Resource Hash
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d0.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d0.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.36 , France, ASN16276 (OVH, FR),
Reverse DNS
ip36.ip-51-195-115.eu
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d1.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d1.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.36 , France, ASN16276 (OVH, FR),
Reverse DNS
ip36.ip-51-195-115.eu
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d2.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.145.78 , France, ASN16276 (OVH, FR),
Reverse DNS
ip78.ip-135-125-145.eu
Software
/
Resource Hash
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d3.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d3.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.73.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ip82.ip-51-195-73.eu
Software
/
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d4.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d4.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.73.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ip82.ip-51-195-73.eu
Software
/
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d5.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d5.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.73.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ip71.ip-51-195-73.eu
Software
/
Resource Hash
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d6.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d6.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.127.100 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-195-127.eu
Software
/
Resource Hash
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d7.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d7.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.127.100 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-195-127.eu
Software
/
Resource Hash
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
701.json
id5-sync.com/g/v2/ 		632 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
e90ab85fe566782e65b68b5d8d2f7961931f7a1c962579aa5003552143a7589e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
date
Thu, 24 Oct 2024 00:11:03 GMT
content-type
application/json
vary
Origin
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=n0unhafncbucvnogt9r4ewtcc8he91729728661&fp_cr_tm=1729728661532&fp_acc_tm=1729728661532&fp_emm_tm=1729728661532&ve_id=&sessionId=kq6orxpv0ey7hmmapivz5gbkafzfa1729728661&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,tyalpkkvgdic4cvwqvbijlitcwyp91729728661&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,17297286615274222&c30=bldv,6.0.0.673&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1729728661016&c3=st,c&c64=starttm,1729728663&adid=1729728661016&c58=isLive,false&c59=sesid,&c61=createtm,1729728662&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&sdd=&c62=sendTime,1729728662&rnd=362311
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.180.72 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-180-72.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
cross-origin-resource-policy
cross-origin
access-control-allow-methods
POST, OPTIONS
expires
Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin
*
content-length
44
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
date
Thu, 24 Oct 2024 00:11:03 GMT
content-type
image/gif
server
nginx
ads
securepubads.g.doubleclick.net/gampad/ 		251 KB
41 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4358164203298233&correlator=3067734556157716&hxva=1&scor=3824189415535872&eid=31083342%2C31088330%2C31088275%2C31088251%2C31088277&output=ldjh&gdfp_req=1&vrg=202410210101&ptt=17&impl=fifs&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C300x600%7C160x600%7C120x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C300x90%7C315x90%2C1x1&ifi=1&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1729728663982&lmt=1729728663&adxs=436%2C1112%2C1112%2C0%2C176%2C1112%2C0&adys=28%2C354%2C13442%2C13892%2C7367%2C328%2C14613&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C0%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&vis=1&psz=1600x134%7C312x250%7C312x250%7C1600x720%7C1248x0%7C312x0%7C1600x14631&msz=728x133%7C312x250%7C312x250%7C1600x0%7C1248x0%7C312x0%7C1600x0&fws=512%2C512%2C0%2C0%2C0%2C516%2C0&ohw=0%2C0%2C0%2C0%2C0%2C312%2C0&td=1&egid=47235&tan=476c2452-a5dc-4910-97dd-90adbf9a02b3%2C476c2452-a5dc-4910-97dd-90adbf9a02b4%2C476c2452-a5dc-4910-97dd-90adbf9a02b5%2C476c2452-a5dc-4910-97dd-90adbf9a02b6%2C476c2452-a5dc-4910-97dd-90adbf9a02b7%2C476c2452-a5dc-4910-97dd-90adbf9a02b8%2C476c2452-a5dc-4910-97dd-90adbf9a02b9&tdf=2&topics=1&tps=1&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KkgwUW9mellJSkNXTTRxNmlhZFE2b0tpazZVYS1lWHFZU09rZTd3Q3dRMVBSdXpGNGd6WTM1RTRkR2gydFVOa2dYAQ..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729728659341&idt=2457&prev_scp=in2w_key16%3D-1p%2C1p1%2C_1pb%2C_1pg%26in2w_key20%3D1p1b%2C1p1r%2C1p1x%2C_1pbb%2C_1pbr%2C_1pbx%2C_1pgb%2C_1pgr%2C_1pgx%26in2w_key21%3D1649893594%26in2w_key23%3D18_3825704713%26in2w_key24%3D6_964721604%2Co_6_964721604%26in2w_key26%3D2_1671229399%2C5_1058473646%2Co_2_1671229399%2Co_5_1058473646%26in2w_key27%3Di%2Ci1%2Co_i%2Co_i1%26in2w_key28%3D1%2C8%2C11l%2Co_1%2Co_8%2Co_11l%26in2w_key30%3D17%26in2w_key31%3D11%2Co_11%26in2w_key33%3D121%2Co_121%26in2w_upa_bidder%3Dappnexus%26in2w_upa_price%3D2500%2Co_2500%26in2w_upa_size%3Dp970x250%26pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D740058b4-919c-11ef-9989-4a6c65c49a86%26hb_format_gumgum%3Dbanner%26hb_size_gumgum%3D970x250%26hb_pb_gumgum%3D12.00%26hb_adid_gumgum%3D41045cc914c73cb%26hb_bidder_gumgum%3Dgumgum%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D25.00%26hb_adid_appnexus%3D39d3ed8db7117c7%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D25.00%26hb_adid%3D39d3ed8db7117c7%26hb_bidder%3Dappnexus%26in2w_key15%3Do0%7Cin2w_key16%3D-1p%2C1px%2C_1pb%2C_1pg%26in2w_key20%3D1pxb%2C1pxr%2C1pxx%2C_1pbb%2C_1pbr%2C_1pbx%2C_1pgb%2C_1pgr%2C_1pgx%26in2w_key21%3D3480591124%26in2w_key23%3D18_3825704713%26in2w_key24%3D6_964721604%2Co_6_964721604%26in2w_key26%3D2_1671229399%2C5_1058473646%2Co_2_1671229399%2Co_5_1058473646%26in2w_key27%3Di%2Ci1%2Co_i%2Co_i1%26in2w_key28%3D1%2C8%2C11l%2Co_1%2Co_8%2Co_11l%26in2w_key30%3D18%26in2w_key31%3D11%2Co_11%26in2w_key33%3D121%2Co_121%26in2w_upa_bidder%3Dnobidder%26in2w_upa_price%3D-1%2Co_-1%26in2w_upa_size%3D-1%26pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D740058b5-919c-11ef-9989-4a6c65c49a86%26vw%3D40%2C50%2C60%26vw05%3D40%2C50%2C60%26vw15%3D40%2C50%26grm%3D40%2C50%2C60%2C70%26vw10%3D40%2C50%26pub%3D40%2C50%2C60%26in2w_key15%3Do0%7Cin2w_key16%3D-1p%2C1px%2C_1pb%2C_1pg%26in2w_key20%3D1pxb%2C1pxr%2C1pxx%2C_1pbb%2C_1pbr%2C_1pbx%2C_1pgb%2C_1pgr%2C_1pgx%26in2w_key21%3D3713366199%26in2w_key23%3D18_3825704713%26in2w_key24%3D6_964721604%2Co_6_964721604%26in2w_key26%3D2_1671229399%2C5_1058473646%2Co_2_1671229399%2Co_5_1058473646%26in2w_key27%3Db%2Cb9%2Cbg3%2Co_b%2Co_b9%2Co_bg3%26in2w_key28%3D1%2C8%2C11l%2Co_1%2Co_8%2Co_11l%26in2w_key30%3D17%26in2w_key31%3D11%2Co_11%26in2w_key33%3D121%2Co_121%26in2w_upa_bidder%3Dnobidder%26in2w_upa_price%3D-1%2Co_-1%26in2w_upa_size%3D-1%26pos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D740058b6-919c-11ef-9989-4a6c65c49a86%26in2w_key15%3Do0%7Cin2w_key16%3D-1p%2C1p1%2C_1pb%2C_1pg%26in2w_key20%3D1p1b%2C1p1r%2C1p1x%2C_1pbb%2C_1pbr%2C_1pbx%2C_1pgb%2C_1pgr%2C_1pgx%26in2w_key21%3D1118675666%26in2w_key23%3D18_3825704713%26in2w_key24%3D6_964721604%2Co_6_964721604%26in2w_key26%3D2_1671229399%2C5_1058473646%2Co_2_1671229399%2Co_5_1058473646%26in2w_key27%3Db%2Cb9%2Cbg3%2Co_b%2Co_b9%2Co_bg3%26in2w_key28%3D1%2C8%2C11l%2Co_1%2Co_8%2Co_11l%26in2w_key30%3D19%26in2w_key31%3D11%2Co_11%26in2w_key33%3D121%2Co_121%26in2w_upa_bidder%3Dnobidder%26in2w_upa_price%3D-1%2Co_-1%26in2w_upa_size%3D-1%26pos%3D1%26refreshed%3Dfalse%26id%3D740058b7-919c-11ef-9989-4a6c65c49a86%26in2w_key15%3Do0%7Cin2w_key16%3D-1p%2C1p1%2C_1pb%2C_1pg%26in2w_key20%3D1p1b%2C1p1r%2C1p1x%2C_1pbb%2C_1pbr%2C_1pbx%2C_1pgb%2C_1pgr%2C_1pgx%26in2w_key21%3D3352303955%26in2w_key23%3D18_3825704713%26in2w_key24%3D6_964721604%2Co_6_964721604%26in2w_key26%3D2_1671229399%2C5_1058473646%2Co_2_1671229399%2Co_5_1058473646%26in2w_key27%3Db%2Cb6%2Cbg2%2Co_b%2Co_b6%2Co_bg2%26in2w_key28%3D1%2C8%2C11l%2Co_1%2Co_8%2Co_11l%26in2w_key30%3D11%26in2w_key31%3D11%2Co_11%26in2w_key33%3D121%2Co_121%26in2w_upa_bidder%3Dnobidder%26in2w_upa_price%3D-1%2Co_-1%26in2w_upa_size%3D-1%26pos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D740058b8-919c-11ef-9989-4a6c65c49a86%26in2w_key15%3Do0%7Cin2w_key16%3D-1p%2C1px%2C_1pb%2C_1pg%26in2w_key20%3D1pxb%2C1pxr%2C1pxx%2C_1pbb%2C_1pbr%2C_1pbx%2C_1pgb%2C_1pgr%2C_1pgx%26in2w_key21%3D2956941887%26in2w_key23%3D18_3825704713%26in2w_key24%3D6_964721604%2Co_6_964721604%26in2w_key26%3D2_1671229399%2C5_1058473646%2Co_2_1671229399%2Co_5_1058473646%26in2w_key27%3Di%2Ci1%2Co_i%2Co_i1%26in2w_key28%3D1%2C8%2C11l%2Co_1%2Co_8%2Co_11l%26in2w_key30%3D01%26in2w_key31%3D11%2Co_11%26in2w_key33%3D121%2Co_121%26in2w_upa_bidder%3Dnobidder%26in2w_upa_price%3D-1%2Co_-1%26in2w_upa_size%3D-1%26pos%3D1%26refreshed%3Dfalse%26id%3D740058b9-919c-11ef-9989-4a6c65c49a86%26in2w_key15%3Do0%7Cin2w_key16%3D-19%2C191%2C_19b%2C_19g%26in2w_key20%3D191b%2C191r%2C191x%2C_19bb%2C_19br%2C_19bx%2C_19gb%2C_19gr%2C_19gx%26in2w_key23%3D18_3825704713%26in2w_key24%3D6_964721604%2Co_6_964721604%26in2w_key26%3D2_1671229399%2C5_1058473646%2Co_2_1671229399%2Co_5_1058473646%26in2w_key27%3Db%2Cb9%2Cbg3%2Co_b%2Co_b9%2Co_bg3%26in2w_key28%3D1%2C8%2C11l%2Co_1%2Co_8%2Co_11l%26in2w_key30%3D17%26in2w_key31%3D11%2Co_11%26in2w_key33%3D121%2Co_121%26in2w_upa_bidder%3Dnobidder%26in2w_upa_price%3D-1%2Co_-1%26in2w_upa_size%3D-1%26pos%3D1%26id%3D740058ba-919c-11ef-9989-4a6c65c49a86%26in2w_key15%3Do0&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3D8d7ab3017569bbb26e044e3b23694b8d%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26pid%3Dnone%26adl%3Dfalse%26sssw%3Dtrue%26abtest%3Da%26pvid%3D8d7ab3017569bbb26e044e3b23694b8d-00000000000000000000000000000000-1729728660513-81269%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_1509996_PG%252CIAS_3006636_PG%252CIAS_3011766_PG%252CIAS_3017933_PG%252CIAS_3011682_PG%252CIAS_1509463_PG%252CIAS_3012931_PG%252CIAS_3011704_PG%252CIAS_3011723_PG%252CIAS_1507106_PG%252CIAS_1518880_PG%252CIAS_1518255_PG%252CIAS_1518884_PG%252CIAS_3016149_PG%252CIAS_3011776_PG%252CIAS_1508970_PG%252CIAS_1518695_PG%252CIAS_1506123_PG%252CIAS_1510661_PG%252CIAS_1518629_PG%252CIAS_3017867_PG%252CIAS_1513474_PG%252CIAS_1507080_PG%252CIAS_3011701_PG%252CIAS_3012914_PG%252CIAS_1518639_PG%252CIAS_1516347_PG%252CIAS_1507540_PG%252CIAS_3017877_PG%252CIAS_1510566_PG%252CIAS_3016043_PG%252CIAS_1518885_PG%252CIAS_1507653_PG%252CIAS_3011680_PG%252CIAS_3014835_PG%252CIAS_3012763_PG%252CIAS_1507473_PG%252CIAS_3011702_PG%252CIAS_3017822_PG%252CIAS_1508986_PG%252CIAS_3006644_PG%252CIAS_3018126_PG%252CIAS_3013279_PG%252CIAS_1500903_PG%252CIAS_3011694_PG%252CIAS_3012926_PG%252CIAS_1518584_PG%252CIAS_3017909_PG%252CIAS_3012922_PG%252CIAS_3011734_PG%252CIAS_1508625_PG%252CIAS_1510275_PG%252CIAS_1508646_PG%252CIAS_3011728_PG%252CIAS_1506436_PG%252CIAS_3012764_PG%252CIAS_3011703_PG%252CIAS_3011773_PG%252CIAS_3018121_PG%252CIAS_3018125_PG%252CIAS_1509981_PG%252CIAS_3011691_PG%252CIAS_1500692_PG%252CIAS_3017493_PG%252CIAS_1512539_PG%252CIAS_1518671_PG%252CIAS_1500902_PG%252CIAS_3011699_PG%252CIAS_3011731_PG&adks=1798527053%2C1263259910%2C1415436295%2C1982096792%2C3785065344%2C2320616304%2C3544675803&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
1e7fc93c689c90fd9dd4c28b974050a523b88d9dea143c16d1fbcda36a6a8cf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
google-lineitem-id
6765373081,6765373081,5276126762,-2,6765373081,5969529023,-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 24 Oct 2024 00:11:04 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138493502319,138493502325,138472924819,-2,138493502322,138491351429,-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.heraldsun.com.au
content-length
42443
x-xss-protection
0
server
cafe
container.html
5e5a2302d9c6be5d3eab8b0e5bd66b7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C71D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5e5a2302d9c6be5d3eab8b0e5bd66b7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 00:11:04 GMT
expires
Thu, 24 Oct 2024 00:11:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653a6f57-17cae"
cross-origin-resource-policy
cross-origin
expires
Fri, 25 Oct 2024 00:11:04 GMT
access-control-allow-origin
*
date
Thu, 24 Oct 2024 00:11:04 GMT
content-type
text/javascript
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
v3
id5-sync.com/gm/ 		700 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
e6e41ceb3c0b66c9ff38173d37833e764d8e80c26db337c9d08f29247672c50f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
date
Thu, 24 Oct 2024 00:11:04 GMT
content-type
application/json
vary
Origin
8.gif
id5-sync.com/i/701/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/701/8.gif?o=api&id5id=ID5*AGfN1SkrwY-TwUsIdvffCreHDOyhWp8yV8r7RR-TpvnRuyCLKupyN3AkM4fyF5b_&gdpr_consent=undefined&gdpr=false
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="CAO PSA OUR"
date
Thu, 24 Oct 2024 00:11:04 GMT
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
v3
id5-sync.com/gm/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
040828ed96eddf753ba7680e0d1046d69de4583ee364ce8075982379a2369585
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
date
Thu, 24 Oct 2024 00:11:04 GMT
content-type
application/json
vary
Origin
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653a6f57-17cae"
cross-origin-resource-policy
cross-origin
expires
Fri, 25 Oct 2024 00:11:04 GMT
access-control-allow-origin
*
date
Thu, 24 Oct 2024 00:11:04 GMT
content-type
text/javascript
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 4885 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqRA142HjSZlR04ODXMGEv2Azno-Nu0Sx_tFniZ5dVavroml4KL4cZBI0VH4JsbWRfj27aDw3EKGugGg-Am209BkWDRw1B6nyR6AEZ9ICB_6__U07a--i98RsT5kYOF5ZCWbDbX_S4t_H0bmfH7iPgEUhYkIOEcoFrofQhXqK4yydaPw3cGxFfn0zo5NzTtIFZisEwF-RFZ5Lf-uZNbohoDovxjLqNC-ZbHEP44nipd_FmnFNbX8vYwTV9pXXchwK7RN8GCQZasv6K-5wdbenU6XCNTKCOTJJM3DHJGimjL1kOZoBUWvTDBD3jvpJBgOvPGJz4cGRynKjcuL_znwI8BzU1MxeFvx1KTX-2N8R5fCEEn8r6z3Sy8e_l5ANzjeA5&sai=AMfl-YSNGvfoJ2ejMeQcWQO_oTaGXADhpNvF20SuWXJUBi980y8s1AIxUP-o9fzJPIlZ4JLL9wI66Wx6mL8pEoPnuT5Eb7fbDJlsR1xb1ipks4VylzDHebd0pBaqJSsK&sig=Cg0ArKJSzNw-3e5Q7SfoEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
invoke.do
invoke.bonzai.co/mizu/ Frame 4885 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=2666106558900752878&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=2663757807404422135&rnd=1630185055
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.206.197.152 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-206-197-152.ap-southeast-2.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
4e6fcf939ccf60a1338da1a183af754e88fa9a714da348a0d13a36af304216dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
9629
date
Thu, 24 Oct 2024 00:11:04 GMT
content-type
text/html;charset=ISO-8859-1
server
Jetty(8.1.7.v20120910)
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4885 		207 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
24dccd731e4b42b3c3e43cb9ac9205879143ebb4de7658ab9222dd3b0458b086
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
15148186343628264731
age
1456
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:46:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 23 Oct 2024 23:46:48 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=Shift_JIS
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
65423
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame E01F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDRnHiKrsLMIuLq7yTcrCZeDYlu8goKUe5-fY1aLsgEIKf-kj9H404iXKr_fueBwun-ZqPwNcyNgAjEh9JKUZdUM58hnEqOA7t7IS5MyUTLsRewzZhMSTXVmCTx4P5glUZQElX3KTvEHDC1VNkVrelgtCMcBOzJaKAZzoAbqT16q51dHS14TqfI7t9Tj-yKHNBei0cwXgAtYlNAgdzN-zdd-scdfyiUGvw4yCaBNrWYc_zehcdk3QRyzrD6ualuYLqk5WIU8rzd_p0xoKKE_0_zoSCPFMO0aYR65c1HXOaJZliDhl-XeIWRkT185EDl7Oj596Aj1VCV1Pc5kGGROoD_PohzWIx65UcI5Xi320fE0PN2Y8oHfVrI6nRK-kWKFHD&sai=AMfl-YRNyIJWQ2J4xsiqyrxL9GxkKGprWpH1YVpiKhR5D8v1e0AANT7CF5MbpvUL7J7dqDhakQSFR5SS1P3DgfymIjXgLJhKX2JCOnw_xmuy63V7FNtYA595623AHUKt&sig=Cg0ArKJSzPlDKP99gUwiEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
dcmads.js
www.googletagservices.com/dcm/ Frame E01F 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
646de26aca05b66f1af42326f476fa9e9fd0fe1ae0e6b84c8df43a371fff71ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
age
2173
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:34:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 23:34:52 GMT
last-modified
Wed, 25 Sep 2024 14:24:55 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
accept-ranges
bytes
content-length
8436
x-xss-protection
0
server
sffe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E01F 		207 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
24dccd731e4b42b3c3e43cb9ac9205879143ebb4de7658ab9222dd3b0458b086
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
15148186343628264731
age
1456
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:46:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 23 Oct 2024 23:46:48 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=Shift_JIS
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
65423
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame A707 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfAJjXZxBEKn55ygIs0W0xARAdG35afCW9GVK5H_SKay7ZnM1jK1C2MW2MgcWWIrfTh2ZC-JjaJvv1g9B4iyttodTkHuQ4k1QekGJU0YbCQo_dlCmLE5InYFr3F_z8-0iV4e0QJnDvpC0aB6b4klIEda0ThexBL-MJF0KFoUFRB_zfsgnlUkDQ7pCnjpgm3SMEYLtPeDDNuYzbocL2ENb1gj-i433Vn3LCIOmbKnFFPGvk9nhSPmei9-ohsDgMfrYeoW8wvBUbyUdVmN2Q3nGtFWmNAiTt6rAa-HLCgXjBfOmMrViJer8YfyaxvAExbordhTBET2n1xuyoJSKu569NpM5wVpjRdRnlotuXX2viOITITr6YzALJWis19djP4Tgv&sai=AMfl-YRaDBkOGQUjXR3DhXEovtxTBZsywUQkEusxXv7rP_scf7y8GHy1AbGodsm9ZGeFPDs-hDRfgek0mEiO2W6fAeUxBhKkhuhfwqCEGClghfXEKAwj3mJZ6dmo_Gjc&sig=Cg0ArKJSzKwG_n8h3Z9BEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
dcmads.js
www.googletagservices.com/dcm/ Frame A707 		19 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
646de26aca05b66f1af42326f476fa9e9fd0fe1ae0e6b84c8df43a371fff71ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
age
2173
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:34:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 23:34:52 GMT
last-modified
Wed, 25 Sep 2024 14:24:55 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
accept-ranges
bytes
content-length
8436
x-xss-protection
0
server
sffe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A707 		207 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
24dccd731e4b42b3c3e43cb9ac9205879143ebb4de7658ab9222dd3b0458b086
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
15148186343628264731
age
1456
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:46:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 23 Oct 2024 23:46:48 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=Shift_JIS
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
65423
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame BE8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWrRC2eBCezUGjb9XltbXtpQtIBWV3HcVROeO6OMOo1dGBLJbvH0gnygNvsKhRBGD7fC5_JFP9gLavqXo-xfQ17-Mhmh3P2hze4wDdD5X8-MFsLSsRRh4dmo8kK_jx49kCvMV7gMhb7rOcFM4uVqyfcR7-9MmV1WO_1bnUj-QzdmC13799_-Sirfs_ElBGgyhDju5-2-ql5muWV0KVLzJ3WssDyE3m2DsLsDCM0akPEAuxai7e5OQ692HBtWQxlzvLAABUygTCQUasMOLyI6TGCiZTsTasDOLZ7FY-do5jqUoHMFfQ7ENaZlqqT887OABSLR3u14JAwYOJy_XRjWHkJkg-WYkliNmSw9mpz8bhhq7ROda4IDuo55HptFjCuVlAQ7oSFaT8EjayVnXT6XW9PAzISOTNa6A-&sai=AMfl-YTCFXts_0AsMTIkj2eOZxvSHzlH6qwxcStFfG2-HYNK-a48BOrap3PLBTh91y3vgOTouhs9Ky18DDigg2xnl8NXq6qadAXV8ZiMUdvzd5nU1CJxLgCTd1ySOBGA&sig=Cg0ArKJSzAjY_pxZXcirEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241022/r20110914/ Frame BE8E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241022/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdadeba727a1fc1ca6763f597ce67219913281b9941dd02b49e235eaed22d602
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
15219943357344529307
age
36092
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 14:09:33 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 23 Oct 2024 14:09:33 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9340
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241022/r20110914/client/ Frame BE8E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241022/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
16544991220582087243
age
36104
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 14:09:21 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 23 Oct 2024 14:09:21 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1229
x-xss-protection
0
server
cafe
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 96B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
51684
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Oct 2024 09:49:41 GMT
etag
48472445140208031
expires
Thu, 24 Oct 2024 09:49:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BE8E 		207 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
24dccd731e4b42b3c3e43cb9ac9205879143ebb4de7658ab9222dd3b0458b086
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
15148186343628264731
age
1456
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:46:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 23 Oct 2024 23:46:48 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=Shift_JIS
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
65423
x-xss-protection
0
server
cafe
6587209231364139071
tpc.googlesyndication.com/simgad/ Frame BE8E 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6587209231364139071
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44134a27080481601848e49d2d6021a1abbcc683c25f75f797be0fe32bf27bc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

age
161486
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 03:19:39 GMT
alt-svc
h3=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Tue, 22 Oct 2024 03:19:39 GMT
last-modified
Fri, 19 Apr 2024 08:20:17 GMT
content-type
image/gif
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
53175
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame BE8E 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame DC9B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWuqIAV7O_KAP68euCSQOVYR9xlEDZkTbUWBLOKON9G0m1bcoGA6MaqwkoSZNjCt7-4vEfHjmXS__R3d5lG2bxK-qNvBgOH_iZ1UR2zUnWCB-xrGmvECWjPGPDaeNxpKhRMG2MWIDCM50oKPVJzV8bQBsnt0LTOIDJjbo-g2b8ZVTW1WBxxEGpeeOdUj72tbV7tFcQCcYolB8aENV3nz-sG-nOUlAOLge01wmDviw6pwQN69khgFL2sWsbE8ptTYwd5tpsIul3kkk1ZTQ4RU87m2zXhBa5sTC5HdRItU8skWm-adGiI4_SaOGBAYSXmtkgB-BACcp1duqqFSjzk3spMeDAcMfZEcj2zWqtkmNjH2VG_5LllapwlSgUJoq_giPuaA4WNgVxhrMtq90iDHzmHdz-LSLjjz2Y&sai=AMfl-YSCA0S_vs15hfLX73qL2toobU0nYzpx5078AjUIdRrFaalfiOq2HM5OXc4MAG-_ZjstWuVbGGJsrt4_msnq6Dnd1LyT6zMQ5LKZoRg97XXHA6jfO53PeJ-BzfGM&sig=Cg0ArKJSzKoK1EnhqucSEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=8d7ab3017569bbb26e044e3b23694b8d-1729728658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241022/r20110914/ Frame DC9B 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241022/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdadeba727a1fc1ca6763f597ce67219913281b9941dd02b49e235eaed22d602
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
15219943357344529307
age
36092
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 14:09:33 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 23 Oct 2024 14:09:33 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9340
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241022/r20110914/client/ Frame DC9B 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241022/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
16544991220582087243
age
36104
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 14:09:21 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 23 Oct 2024 14:09:21 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1229
x-xss-protection
0
server
cafe
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D29D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
51684
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Oct 2024 09:49:41 GMT
etag
48472445140208031
expires
Thu, 24 Oct 2024 09:49:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DC9B 		207 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
24dccd731e4b42b3c3e43cb9ac9205879143ebb4de7658ab9222dd3b0458b086
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
15148186343628264731
age
1456
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:46:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 23 Oct 2024 23:46:48 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=Shift_JIS
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
65423
x-xss-protection
0
server
cafe
16682677749619543311
tpc.googlesyndication.com/simgad/ Frame DC9B 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16682677749619543311
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c7d94cf72290f0afe885cac865b79ed0faf8175005d60abd2c9d8471f2f8a3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

age
160356
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 03:38:29 GMT
alt-svc
h3=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Tue, 22 Oct 2024 03:38:29 GMT
last-modified
Tue, 01 Oct 2024 03:36:48 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
41941
x-xss-protection
0
server
sffe
truncated
/ Frame BE8E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd08970bfc4c90d6b61f3960d996e37f65ab6b2cf89c9799124d981202d1d442

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame DC9B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dde773cbf10e110c07d568df6d39b830fcaa31913f871f6cc96556fcad2838b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
8.gif
id5-sync.com/i/701/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/701/8.gif?o=api&id5id=ID5*3jIogvd-JNhNlK5fqKI6XWnS6bt_D3pliZ8eEsHGQ67Ru5_FcbjH1D433UR7oSwB&gdpr_consent=undefined&gdpr=false
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="CAO PSA OUR"
date
Thu, 24 Oct 2024 00:11:04 GMT
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
LiveRampId
au.audience.newscgp.com/ 		94 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/LiveRampId?device_id_type=newskey&device_id=8d7ab3017569bbb26e044e3b23694b8d&bust=16905034818750.019150480735628417&errors-in-body=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.7.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-7-117.cgk51.r.cloudfront.net
Software
nginx /
Resource Hash
87c8ddabc3b0867256ac13945528f0d652d6777428003103d891291ba7c25e8c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
via
1.1 915f16c10ff9fd732011829fc442bd6e.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.heraldsun.com.au
x-cache
Miss from cloudfront
content-length
94
x-amz-cf-id
sjEzTbVcpGnVkX65jemv4ri-3gYaAjbY6vliaw5it8gx3UO6q8qw-Q==
date
Thu, 24 Oct 2024 00:11:05 GMT
content-type
application/json
x-amz-cf-pop
CGK51-P2
server
nginx
dvbm.js
cdn.doubleverify.com/ Frame 4885 		435 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbm.js
Requested by
Host: invoke.bonzai.co
URL: https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=2666106558900752878&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=2663757807404422135&rnd=1630185055
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1415:9c00:7::1728:3448 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1dd77277ff82fb5d8efd81c42e455b018c203052b947039fbcaf99b92a6c763e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Access-Control-Expose-Headers
*
Cache-Control
max-age=900
Content-Encoding
gzip
ETag
"0d49f26f0d230f209bffb8a87bbc5d2a"
Connection
keep-alive
Expires
Thu, 24 Oct 2024 00:26:05 GMT
Access-Control-Allow-Origin
*
Content-Length
109592
Date
Thu, 24 Oct 2024 00:11:05 GMT
Last-Modified
Mon, 21 Oct 2024 18:13:22 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
2666106558900752878_1729221724613_script.js
massets.bonzai.co/ Frame 4885 		325 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/2666106558900752878_1729221724613_script.js
Requested by
Host: invoke.bonzai.co
URL: https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=2666106558900752878&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=2663757807404422135&rnd=1630185055
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277a:2400:5:ff46:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26a1033a756249e223ffbab2b723460bb520f651276d65e9d1b1157689ab6756

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31104000
content-encoding
gzip
etag
"4b95775c8c4a3352b94ff57b8400bd62"
age
252300
via
1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
121589
x-amz-cf-id
9E4Yv2ZpOX_tt7u9bTt0VRuYuB3Tyvi6DkzWU1dJwnzxV6YjiEm9Ew==
date
Mon, 21 Oct 2024 02:06:06 GMT
content-type
text/javascript
last-modified
Fri, 18 Oct 2024 03:22:11 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
rec
collector.bonzai.co/ Frame 4885 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=pre-preimp&tk=6aef8b6bc47e11952fc12bdcb26a6511&ad=2666106558900752878&brkp=1920x1080&brkpid=dtsMain&cw=970&ch=250
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:1000:a:709a:e000:93a1 , United States, ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
expries
-1
pragma
no-cache
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
tqiYdhvo4BuSBobnoNmd-4xZZPi1ckN1X2uZzWUU70-K-G2dOB037Q==
date
Thu, 24 Oct 2024 00:11:05 GMT
content-type
image/gif
vary
Accept-Encoding
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
B32551608.402775176;dc_pre=CJy-jbXdpYkDFTahZgIdTiwPgg;dc_trk_aid=594358249;dc_trk_cid=206347952;ord=1630185055;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_t...
ad.doubleclick.net/ddm/trackimp/N2182548.2810019NEWSCORPAUSTRALI/ Frame 4885
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402775176;dc_trk_aid=594358249;dc_trk_cid=206347952;ord=1630185055;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402775176;dc_pre=CJy-jbXdpYkDFTahZgIdTiwPgg;dc_trk_aid=594358249;dc_trk_cid=206347952;ord=1630185055;dc_lat=;dc_rd...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402775176;dc_pre=CJy-jbXdpYkDFTahZgIdTiwPgg;dc_trk_aid=594358249;dc_trk_cid=206347952;ord=1630185055;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f38.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Thu, 24 Oct 2024 00:11:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ad.doubleclick.net/ddm/trackimp/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402775176;dc_pre=CJy-jbXdpYkDFTahZgIdTiwPgg;dc_trk_aid=594358249;dc_trk_cid=206347952;ord=1630185055;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:05 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
adServerESI.aspx
secure.insightexpressai.com/adServer/ Frame 4885 		35 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.insightexpressai.com/adServer/adServerESI.aspx?script=false&bannerID=12257767&rnd=1630185055&redir=https://secure.insightexpressai.com/adserver/1pixel.gif
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1415:3c00:282::1ec4 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Access-Control-Expose-Headers
Request-Context
X-Content-Type-Options
nosniff
Expires
Thu, 24 Oct 2024 00:11:05 GMT
P3P
CP="NOI DSP COR NID CUR ADMa OUR STP STA"
Date
Thu, 24 Oct 2024 00:11:05 GMT
Content-Type
image/gif
Vary
Accept-Encoding
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
X-Frame-Options
ALLOWALL
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Cache-Control
max-age=0, no-cache
Pragma
no-cache
Connection
keep-alive
Referrer-Policy
unsafe-url
Request-Context
appId=cid-v1:47139b8a-696d-4ae8-b194-53d8c1af57ca
Access-Control-Allow-Origin
*
Content-Length
35
X-XSS-Protection
1; mode=block
rec
collector.bonzai.co/ Frame 4885 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?mode=test&adid=2666106558900752878&tk=6aef8b6bc47e11952fc12bdcb26a6511&domain=www.heraldsun.com.au&pagename=/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:1000:a:709a:e000:93a1 , United States, ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
expries
-1
pragma
no-cache
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
Hx40vtLH0Lz5oA7QVSrUotkon4L14-fjk5XqtRs4VoGcOCVbGOuUiQ==
date
Thu, 24 Oct 2024 00:11:05 GMT
content-type
image/gif
vary
Accept-Encoding
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
interact
edge.adobedc.net/ee/v1/ 		731 B
827 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=7bfca0f4-beaa-4f4b-aa7c-b3c26f090914
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/aep/nca_aep.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.56.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-56-177.data.adobedc.net
Software
jag /
Resource Hash
774b97b71d3de8625578dcbff0d71d28e48a0766abbea586e4651f9513558035
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
7bfca0f4-beaa-4f4b-aa7c-b3c26f090914
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-encoding
gzip
x-adobe-edge
AUS3;8
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 24 Oct 2024 00:11:04 GMT
x-xss-protection
1; mode=block
x-konductor
24.10.41:5f1850742
vary
Origin
server
jag
content-type
application/json;charset=utf-8
jload
pixel.adsafeprotected.com/ Frame 6BD9 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=4570579583&chanId=171638111&placementId=6765373081&pubCreative=138493502319&pubOrder=3573136523&cb=1436500954&custom=homepage&custom3=168400391&adsafe_par&impId=740058b4-919c-11ef-9989-4a6c65c49a86
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.62.126.64 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-126-64.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ccea63ca0a7054548a1eca2920d803cb20259cd3cdab12903b7a436d774eefb6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin
pixel.adsafeprotected.com
date
Thu, 24 Oct 2024 00:11:05 GMT
content-type
application/javascript;charset=utf-8
vary
accept-encoding
jload
pixel.adsafeprotected.com/ Frame CCBC 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=171638111&placementId=5969529023&pubCreative=138491351429&pubOrder=3004275014&cb=208616831&custom=homepage&custom3=168400391&adsafe_par&impId=740058b9-919c-11ef-9989-4a6c65c49a86
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.62.126.64 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-126-64.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
57fb3fa12f9e3aa665f8f56db2501c3b9b6a28a668049d4a6ac05856e1fb18a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin
pixel.adsafeprotected.com
date
Thu, 24 Oct 2024 00:11:05 GMT
content-type
application/javascript;charset=utf-8
vary
accept-encoding
truncated
/ Frame 4885 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10e1d59e15a77cee890fb49329f24258466921a046d32ab7cd9539af14945d9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 2036 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5276126762&pubCreative=138472924819&pubOrder=2553375348&cb=1114352645&custom=homepage&custom3=168400391&adsafe_par&impId=740058b6-919c-11ef-9989-4a6c65c49a86
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.62.126.64 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-126-64.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
16832f835fc97c425352dcd5fe00d30cb6ccaf0c70ab7651974e02e7ba88cbda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin
pixel.adsafeprotected.com
date
Thu, 24 Oct 2024 00:11:05 GMT
content-type
application/javascript;charset=utf-8
vary
accept-encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4885 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 24 Oct 2024 00:11:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
13726
check.analytics.rlcdn.com/check/ 		25 B
385 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-35.syd62.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.heraldsun.com.au/

Response headers

x-amz-apigw-id
AIOIBHiADoEEIxA=
x-amzn-trace-id
Root=1-67199099-58e91d943bed21c2237b219d
x-amzn-requestid
63a0f283-0149-4026-aa47-6a4c368f87da
via
1.1 8dadf490fcfee4214b49a3509dc76616.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
25
x-amz-cf-id
cH11IK8bPjIhNkRNQFb4a-Gk5Fsl3Yh2QcqeQMOp7AcKUPEamLxEpg==
date
Thu, 24 Oct 2024 00:11:05 GMT
content-type
application/json
x-amz-cf-pop
SYD62-P3
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC9B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 24 Oct 2024 00:11:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 24 Oct 2024 00:11:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
impl_v102.js
www.googletagservices.com/dcm/ Frame E01F 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v102.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed2a473cfa3c4774bf40ecd7bf40b712194e6fb12bfe8da6be047d867a7baa61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
age
204731
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
x-content-type-options
nosniff
expires
Tue, 21 Oct 2025 15:18:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 15:18:54 GMT
last-modified
Mon, 23 Sep 2024 13:13:16 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
accept-ranges
bytes
content-length
25384
x-xss-protection
0
server
sffe
impl_v102.js
www.googletagservices.com/dcm/ Frame A707 		64 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v102.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed2a473cfa3c4774bf40ecd7bf40b712194e6fb12bfe8da6be047d867a7baa61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
age
204731
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
x-content-type-options
nosniff
expires
Tue, 21 Oct 2025 15:18:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 15:18:54 GMT
last-modified
Mon, 23 Sep 2024 13:13:16 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
accept-ranges
bytes
content-length
25384
x-xss-protection
0
server
sffe
desktop_truskinwww.heraldsun.com.au.js
massets.bonzai.co/c2/jd/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/c2/jd/desktop_truskinwww.heraldsun.com.au.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2666106558900752878_1729221724613_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277a:2400:5:ff46:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abacf250d50fb0fcb7d95bf85146ce5ef54ac8954c2a0a0f1810339bbab63f00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=0
content-encoding
gzip
etag
"2a14133919f728041cb3929aea11a93e"
via
1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
RefreshHit from cloudfront
content-length
1068
x-amz-cf-id
QGXmhcfanqpn4keZPE6ZtxfLaDa6cEjB-mPkwAM80uAoiwuRUFADDA==
date
Thu, 24 Oct 2024 00:11:06 GMT
content-type
text/javascript
last-modified
Thu, 20 Jun 2024 21:18:03 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
moatad.js
z.moatads.com/bonzai678688331786/ Frame 4885 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/bonzai678688331786/moatad.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2666106558900752878_1729221724613_script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 24 Oct 2024 00:11:05 GMT
Content-Length
27
Date
Thu, 24 Oct 2024 00:11:05 GMT
AK-GRN
0.60464868.1729728665.3ad492f
Content-Type
text/html
rec
collector.bonzai.co/ Frame 4885 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=preimp&tk=6aef8b6bc47e11952fc12bdcb26a6511&ad=2666106558900752878&brkp=1920x1080&brkpid=dtsMain&cw=970&ch=250
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:1000:a:709a:e000:93a1 , United States, ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
expries
-1
pragma
no-cache
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
SVKAoWfoe1-HUOXaa8P7D-TV4nDbQBAd4h3lK6l5rhlHXdLoUwGuLA==
date
Thu, 24 Oct 2024 00:11:05 GMT
content-type
image/gif
vary
Accept-Encoding
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
1px.gif
dcollector.bonzai.co/ Frame 4885 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzI5NzI4NjY1MjgyLCJmaSI6ZmFsc2UsInRrIjoiNmFlZjhiNmJjNDdlMTE5NTJmYzEyYmRjYjI2YTY1MTEiLCJhZCI6IjI2NjYxMDY1NTg5MDA3NTI4NzgiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjYzNzU3ODA3NDA0NDIyMTM1IiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiRGV0ZWN0ZWQgU0RLLCBXZWIifQ==&etc=0.8513257426583141
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:9e00:16:b51d:cf40:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

etag
"28d6814f309ea289f847c69cf91194c6"
age
30585
via
1.1 c2fff340a6d5f4b9c17041a88b37f0f4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
35
x-amz-cf-id
jma-lq7G-3Vox_nBHmMNmRlHcwHLJzClFi8efoQqMWOrlzscimgHFg==
date
Wed, 23 Oct 2024 15:41:21 GMT
content-type
image/gif
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
rec
collector.bonzai.co/ Frame 4885 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=imp&tk=6aef8b6bc47e11952fc12bdcb26a6511&ad=2666106558900752878
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:1000:a:709a:e000:93a1 , United States, ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
expries
-1
pragma
no-cache
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
2NwwINYuL3fSnPYbNb-7Wz4YQWLf_DgDktgfd9BnaxEloSYGr8U59Q==
date
Thu, 24 Oct 2024 00:11:05 GMT
content-type
image/gif
vary
Accept-Encoding
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
visit.js
tps.doubleverify.com/ Frame 4885 		578 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=1&ttmms=48&ttfrms=57&brid=96&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3E%5D2FTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3E%5D2FTar9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3E%5D2FU42%3FFC%3Dl9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3E%5D2FTau&srcurlD=0&aUrlD=0&ssl=https:&dfs=266&ddur=66&uid=1729728665406940&jsCallback=dvCallback_1729728665406530&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=6844&tgjsver=6844&lvvn=28&m1=96&refD=1&referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&fwc=6&fcl=3927&flt=0&fec=3321&fcifrms=19&brh=2&dvp_epl=238&noc=16&nav_pltfrm=Linux%20x86_64&ctx=34659441&cmp=32551608&sid=9180920&plc=402775176&btreg=HOTSPOT_V2&adsrv=1&advid=13954933&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&mon=1&blk=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=6780058277.048548&ee_dp_sukv=6780058277.048548&dvp_tukv=208708559072.34824&ee_dp_tukv=208708559072.34824&dvp_tuid=1692576537685&jurtd=4020396066
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
39de8fe1c33544f2897d96eab2295bb56635b2c8ee4a5c7099407507e8746fb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=0
Timing-Allow-Origin
*
Content-Encoding
br
Pragma
no-cache
Connection
keep-alive
Expires
10/23/2024 00:11:05
Date
Thu, 24 Oct 2024 00:11:05 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
main.19.8.544.js
static.adsafeprotected.com/ Frame 6BD9 		233 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.544.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=4570579583&chanId=171638111&placementId=6765373081&pubCreative=138493502319&pubOrder=3573136523&cb=1436500954&custom=homepage&custom3=168400391&adsafe_par&impId=740058b4-919c-11ef-9989-4a6c65c49a86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25f0:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5caf87c23afe05fabd8fc2498af2c877ff7e016807967f41a9908c16f2bf5ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
x-amz-version-id
RQT2xGQUnDUcFBtJMyY3..AzGbUMEvUa
etag
W/"27bb8c42465d2d4be61c1af73ab0c59e"
age
95807
x-cache
Hit from cloudfront
x-amz-cf-id
91snahgPj_Ay42DjIW5YmVQerbdwPxDorenHGhOlE_Y9QgRA1-P5Vg==
date
Tue, 22 Oct 2024 21:34:19 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 17 Oct 2024 21:10:47 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
main.19.8.544.js
static.adsafeprotected.com/ Frame CCBC 		233 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.544.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=171638111&placementId=5969529023&pubCreative=138491351429&pubOrder=3004275014&cb=208616831&custom=homepage&custom3=168400391&adsafe_par&impId=740058b9-919c-11ef-9989-4a6c65c49a86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25f0:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5caf87c23afe05fabd8fc2498af2c877ff7e016807967f41a9908c16f2bf5ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
x-amz-version-id
RQT2xGQUnDUcFBtJMyY3..AzGbUMEvUa
etag
W/"27bb8c42465d2d4be61c1af73ab0c59e"
age
95807
x-cache
Hit from cloudfront
x-amz-cf-id
91snahgPj_Ay42DjIW5YmVQerbdwPxDorenHGhOlE_Y9QgRA1-P5Vg==
date
Tue, 22 Oct 2024 21:34:19 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 17 Oct 2024 21:10:47 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.43.77 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-43-77.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.heraldsun.com.au/

Response headers

date
Thu, 24 Oct 2024 00:11:06 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin
*
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.43.77 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-43-77.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 24 Oct 2024 00:11:05 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
B32551608.402385435;dc_ver=102.299;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;dc_adk=3381720797;ord=cava8p;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3QYV6rAFBG2HUlW4F6...
ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/ Frame E01F 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402385435;dc_ver=102.299;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;dc_adk=3381720797;ord=cava8p;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3QYV6rAFBG2HUlW4F6GZBQqM4m65HjynCy5d_Ae7KnEuwCn1DMSzY4Z4VEEaPFS74E6ymsmQQfkj4m2LWpW4nRnIy0JnyHGqna39tKP0TF_1TAQkYdEwSp6ppEiDN219WLGh7KEwIqBbgz1RfCDZqmjnnJ26VaLCPVXaKfNNfeFBDX5gFm3Tx6MfcUEiBM632obapKOc0YnstWKDGbeQGKVdG5u300fzsa0k-h3wLiAo1vezQqOOvG2bP6Di-vQORHHr47KqltOTh8mGSXg7gqvGGQ1RicNP2wal4qyfBweYcsUfbZsWnXjWX59MHju150UiEEUysQJBhxAGi8_pcdJTWBAUifCHQ4zlEa9y1hd72TS4%26sai%3DAMfl-YSE1W8SGsOt4bKFwn5feZe5C_eTbz7lXx4a3hFQ0fh-ZqjEgNpA99hQivlC9X4Qr3tWkkQ_GR9RgkfQ_r-I2W6ge-_tqLBehmLZViCOmfCvAX1aoMybPZYuZnXi%26sig%3DCg0ArKJSzP1PwAV28WUeEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=rq1h9aU'CN;gcsr=m;stc=1;chaa=1;sttr=259;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f38.1e100.net
Software
cafe /
Resource Hash
b7f3d4a89ece6736955d1cdfc3095fc5cd7633c7de02f460d4150a79d3c3d4cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
20270
date
Thu, 24 Oct 2024 00:11:05 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
B32551608.402385438;dc_ver=102.299;sz=728x90;u_sd=1;nel=1;dc_adk=2291409874;ord=m5gic7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3ZxqyjbmDqcSK_EG4txABIMqHoRNChLQg1U...
ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/ Frame A707 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402385438;dc_ver=102.299;sz=728x90;u_sd=1;nel=1;dc_adk=2291409874;ord=m5gic7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3ZxqyjbmDqcSK_EG4txABIMqHoRNChLQg1Ul39WL7NFPKkVYD39kLCuViHCa3tXC7OkWylXkMkuwjeyxgGFZPERoXVQmz03_XxQoFkg4vrxvpiegO3zrJkBBefmB8xujXH79PCtnh1zYcz8jpB5ReRmP_x67bCk6KQnjGChoPDlN4j7gs8BZJKZmaUPQpoCi2DmURFjDssz9ryNTiL6WGCLTmKBpN-plqC7RahsWtPQlQEuq9ADA4ZdR6_SWe8_9XGpyK9LiszfaH-5B78MIpSgrXOK6zi59aKLqyTcsPYePLJnVLFs8PDYFZym_vkM87nbvd3tyqK_afAkd3pICglIsFKDgv7twY7zm2ggtbZEPgQKI%26sai%3DAMfl-YTyL6w0Xhu3izJPJYJNwauHfX2q-yfMHep141ydwDNMkmrs4BtjM9jBXlvcN8KLeTQGJI641f469YZAmTsf-nzQ2f3PUVyGI-eWNifahOuuMXHuU2-B54tiQznh%26sig%3DCg0ArKJSzHuSSnmg46imEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=rq1h9aU'CN;gcsr=m;stc=1;chaa=1;sttr=265;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f38.1e100.net
Software
cafe /
Resource Hash
1426f89c1ad2aba1cfec5da8de020d1e1fb8a7e3bc4540fafd0c4550782c59e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
20284
date
Thu, 24 Oct 2024 00:11:05 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
main.19.8.544.js
static.adsafeprotected.com/ Frame 2036 		233 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.544.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5276126762&pubCreative=138472924819&pubOrder=2553375348&cb=1114352645&custom=homepage&custom3=168400391&adsafe_par&impId=740058b6-919c-11ef-9989-4a6c65c49a86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25f0:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5caf87c23afe05fabd8fc2498af2c877ff7e016807967f41a9908c16f2bf5ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
x-amz-version-id
RQT2xGQUnDUcFBtJMyY3..AzGbUMEvUa
etag
W/"27bb8c42465d2d4be61c1af73ab0c59e"
age
95807
x-cache
Hit from cloudfront
x-amz-cf-id
91snahgPj_Ay42DjIW5YmVQerbdwPxDorenHGhOlE_Y9QgRA1-P5Vg==
date
Tue, 22 Oct 2024 21:34:19 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 17 Oct 2024 21:10:47 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
1px.gif
dcollector.bonzai.co/ Frame 4885 		35 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoiZXJyb3IiLCJldnQiOiJBdXRvIiwiZXZuIjoiV2luZG93IEVycm9yIiwibW9kZSI6InRlc3QiLCJjdHoiOi00ODAsImN0cyI6MTcyOTcyODY2NTUzOCwiZmkiOmZhbHNlLCJ0ayI6IjZhZWY4YjZiYzQ3ZTExOTUyZmMxMmJkY2IyNmE2NTExIiwiYWQiOiIyNjY2MTA2NTU4OTAwNzUyODc4IiwiY250IjoiZGl2Iiwic24iOiJERlAgKFBHKSIsInBsIjoiMjY2Mzc1NzgwNzQwNDQyMjEzNSIsImNzIjoiIiwic2NyIjoiYm9uemFpX3NjcmlwdF8wIiwianNvbiI6eyJtZXNzYWdlIjoiIiwidXJsIjoiIiwibGluZW5vIjoiIiwiY29sdW1uIjoiIn19&etc=0.39980101366603216
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:9e00:16:b51d:cf40:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

etag
"28d6814f309ea289f847c69cf91194c6"
age
30585
via
1.1 c2fff340a6d5f4b9c17041a88b37f0f4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
35
x-amz-cf-id
AMDY4Od5AzhnPIg5ESwnlXaW3ggPsXaXohZDh4ceSqJyfqaiIyxgwg==
date
Wed, 23 Oct 2024 15:41:21 GMT
content-type
image/gif
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
view
securepubads.g.doubleclick.net/pcs/ Frame DC9B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszTwqGT3suJPN_YGdL-qzMCleUj6WQyOd5LZ7xwp6ke9ZiAY_oLJPdgDEOAK3R-iVojc04plsE4LEWO9bZDaBLD3Ly_fJ5Ie_eE4KporfWnpLkKDiNxMBmdQ3ICVhnixw6IvpLzUoDrVhuSuJ62iywcNtTb2qkFwiAy-BXk5jn6IW6DvUe_dEHooEyESlns5dVEpzoYlJVyobWTLllLxDw8a7ACowbxn60kS89lfU6Y54j1HsHmFdHNyj5zccHxcUt0EGJbBn1nTzH2uAlWpBtF2eOSDVJHiQwMGbKr865BNOk5zOuAjPsxvhQgDof5Nlegmn50pWvzsanRb8sSQsNQHJEfIat8C_wGepwYA-LkFpvImRw5en4UAHVn4mR3L8wki1ql-Xk4EDy9BeQeu51RkQnZnugDh2FbPc&sai=AMfl-YSN6liBTuOnPTFF8ZTAP9G88UfwwHwyi6MXulzdwnDH_bo8_aQrvyYEPAlDc_fywLTZCFep_ox_d0e2xfAyJBjNvbOjnNcCd60JOSLyj9zMNWUkEZnLG2aPVJ8d&sig=Cg0ArKJSzPNVXV-kAZ-5EAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:11:05 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame BE8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXxh_FA14npXXt-11qDcCfKUKu9sXEz79bn0IcjzqCRQPAiZdy17kpA2bpKgzgHpJ1vLDZwd3wArMWepEhBKItmqsoIZLAL7n1Lv0C2ZVExN31MnWEDBeTQ9gIMKMZkYwhqmvjCZQUWTO1tl2hRR9Mu1U06IR8ovQ0y35SkaLgHlXC9GJSN9Z5k_ZteLOWwx9D5ci-ZXhgvzes2NADAfiEFgYstmOgvQedOlZcAn91e4w2siZ0478JZPGcYRsAjiavGggd5RWW65EmqdJijzx2Lbww0g1gQLgaURnGR76RnsuEBU9S6LXUprXv-MYt3syx8vTJOvNZ0q_ljLchXtW33uw5z0RhgJMu_kOjtS49Dgyqu5AHFD5FLuEMJbWZUw_mD6SPzm5hcl_f3XEbh8u5DIhc37JjJ4B45CY&sai=AMfl-YQZ5Z8Pl_XyP-JHrqglnfMWVmmDNqdmlFOHLCm5nJkx6OTC2PDTEU97Vkp4N143lofvXIYZ6Oq1glD0h2Afn0Pav6dhlwXqGUPU71mXQdMRrCOb2-i9y6D4SIWa&sig=Cg0ArKJSzL6SDCflMO4oEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:11:05 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
desktop_truskinwww.heraldsun.com.au.js
massets.bonzai.co/c2/jd/ Frame 4885 		3 KB
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/c2/jd/desktop_truskinwww.heraldsun.com.au.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2666106558900752878_1729221724613_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277a:2400:5:ff46:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abacf250d50fb0fcb7d95bf85146ce5ef54ac8954c2a0a0f1810339bbab63f00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=0
content-encoding
gzip
etag
"2a14133919f728041cb3929aea11a93e"
via
1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
RefreshHit from cloudfront
content-length
1068
x-amz-cf-id
U_WTuCOM5e24HwcW8lSYsbOi1CLcaSXPJhiIAHALcnojvPaIoy4QJQ==
date
Thu, 24 Oct 2024 00:11:06 GMT
last-modified
Thu, 20 Jun 2024 21:18:03 GMT
x-amz-cf-pop
SYD3-P1
server
AmazonS3
content-type
text/javascript
x-amz-server-side-encryption
AES256
dvbm.js
cdn.doubleverify.com/ Frame E01F 		435 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbm.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402385435;dc_ver=102.299;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;dc_adk=3381720797;ord=cava8p;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3QYV6rAFBG2HUlW4F6GZBQqM4m65HjynCy5d_Ae7KnEuwCn1DMSzY4Z4VEEaPFS74E6ymsmQQfkj4m2LWpW4nRnIy0JnyHGqna39tKP0TF_1TAQkYdEwSp6ppEiDN219WLGh7KEwIqBbgz1RfCDZqmjnnJ26VaLCPVXaKfNNfeFBDX5gFm3Tx6MfcUEiBM632obapKOc0YnstWKDGbeQGKVdG5u300fzsa0k-h3wLiAo1vezQqOOvG2bP6Di-vQORHHr47KqltOTh8mGSXg7gqvGGQ1RicNP2wal4qyfBweYcsUfbZsWnXjWX59MHju150UiEEUysQJBhxAGi8_pcdJTWBAUifCHQ4zlEa9y1hd72TS4%26sai%3DAMfl-YSE1W8SGsOt4bKFwn5feZe5C_eTbz7lXx4a3hFQ0fh-ZqjEgNpA99hQivlC9X4Qr3tWkkQ_GR9RgkfQ_r-I2W6ge-_tqLBehmLZViCOmfCvAX1aoMybPZYuZnXi%26sig%3DCg0ArKJSzP1PwAV28WUeEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=rq1h9aU'CN;gcsr=m;stc=1;chaa=1;sttr=259;prcl=s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1415:9c00:7::1728:3448 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1dd77277ff82fb5d8efd81c42e455b018c203052b947039fbcaf99b92a6c763e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Access-Control-Expose-Headers
*
Cache-Control
max-age=900
Content-Encoding
gzip
ETag
"0d49f26f0d230f209bffb8a87bbc5d2a"
Connection
keep-alive
Expires
Thu, 24 Oct 2024 00:26:05 GMT
Access-Control-Allow-Origin
*
Content-Length
109592
Date
Thu, 24 Oct 2024 00:11:05 GMT
Last-Modified
Mon, 21 Oct 2024 18:13:22 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
66c838879059f612fc3010f0
c.bannerflow.net/a/ Frame E01F 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/66c838879059f612fc3010f0?did=5ced17d285b1c200019c3fe1&deeplink=on&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsso0cKcOvs9a7HHXcjBnmx3_Q2McR-pnyyMVVaW17U5Jkx6p-DXCC_RPj2-EZm5NNTvrfsusomJMr1sVZPRlJw0AORV44d5QqCBFeG7uuC1aUc8_xyIrWUgYGWoXnKw54K9WNhAzPP2hpFK8nFWiq9zdL4cd2XeCFnRyHZ97W2jTEXJ3b8Fl6zgb705yMktgBtAwXlM3peygM8Z9AMrMwKfOhTHewrhn_gEIfX3FDOtH5ooEyeWYJVSEV0V6U4%26sai%3DAMfl-YTLbdBXU4pT7MqNM7JPBlymXLtBtXpcXuoEgWu0LrAWYYHxfGtpxzCx8lLnkK2aMeGBFxlon5sf_Akw3ZVRnnuJg7Rag5kYwXA%26sig%3DCg0ArKJSzC8d7bNlHiSdEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsv3QYV6rAFBG2HUlW4F6GZBQqM4m65HjynCy5d_Ae7KnEuwCn1DMSzY4Z4VEEaPFS74E6ymsmQQfkj4m2LWpW4nRnIy0JnyHGqna39tKP0TF_1TAQkYdEwSp6ppEiDN219WLGh7KEwIqBbgz1RfCDZqmjnnJ26VaLCPVXaKfNNfeFBDX5gFm3Tx6MfcUEiBM632obapKOc0YnstWKDGbeQGKVdG5u300fzsa0k-h3wLiAo1vezQqOOvG2bP6Di-vQORHHr47KqltOTh8mGSXg7gqvGGQ1RicNP2wal4qyfBweYcsUfbZsWnXjWX59MHju150UiEEUysQJBhxAGi8_pcdJTWBAUifCHQ4zlEa9y1hd72TS4%2526sai%253DAMfl-YSE1W8SGsOt4bKFwn5feZe5C_eTbz7lXx4a3hFQ0fh-ZqjEgNpA99hQivlC9X4Qr3tWkkQ_GR9RgkfQ_r-I2W6ge-_tqLBehmLZViCOmfCvAX1aoMybPZYuZnXi%2526sig%253DCg0ArKJSzP1PwAV28WUeEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&cb=1817257075&domain=N2182548.2810019NEWSCORPAUSTRALI
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402385435;dc_ver=102.299;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;dc_adk=3381720797;ord=cava8p;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3QYV6rAFBG2HUlW4F6GZBQqM4m65HjynCy5d_Ae7KnEuwCn1DMSzY4Z4VEEaPFS74E6ymsmQQfkj4m2LWpW4nRnIy0JnyHGqna39tKP0TF_1TAQkYdEwSp6ppEiDN219WLGh7KEwIqBbgz1RfCDZqmjnnJ26VaLCPVXaKfNNfeFBDX5gFm3Tx6MfcUEiBM632obapKOc0YnstWKDGbeQGKVdG5u300fzsa0k-h3wLiAo1vezQqOOvG2bP6Di-vQORHHr47KqltOTh8mGSXg7gqvGGQ1RicNP2wal4qyfBweYcsUfbZsWnXjWX59MHju150UiEEUysQJBhxAGi8_pcdJTWBAUifCHQ4zlEa9y1hd72TS4%26sai%3DAMfl-YSE1W8SGsOt4bKFwn5feZe5C_eTbz7lXx4a3hFQ0fh-ZqjEgNpA99hQivlC9X4Qr3tWkkQ_GR9RgkfQ_r-I2W6ge-_tqLBehmLZViCOmfCvAX1aoMybPZYuZnXi%26sig%3DCg0ArKJSzP1PwAV28WUeEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=rq1h9aU'CN;gcsr=m;stc=1;chaa=1;sttr=259;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47da335a89c20bd0deecb63a13b4255aeeae5fd1df10388ba99f52ee2dda8a0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
public, s-maxage=10
content-encoding
br
cf-cache-status
MISS
cf-ray
8d75bf617c44a81f-SYD
date
Thu, 24 Oct 2024 00:11:05 GMT
content-type
application/javascript
last-modified
Thu, 24 Oct 2024 00:11:05 GMT
vary
Accept-Encoding
server
cloudflare
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E01F 		207 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402385435;dc_ver=102.299;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;dc_adk=3381720797;ord=cava8p;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3QYV6rAFBG2HUlW4F6GZBQqM4m65HjynCy5d_Ae7KnEuwCn1DMSzY4Z4VEEaPFS74E6ymsmQQfkj4m2LWpW4nRnIy0JnyHGqna39tKP0TF_1TAQkYdEwSp6ppEiDN219WLGh7KEwIqBbgz1RfCDZqmjnnJ26VaLCPVXaKfNNfeFBDX5gFm3Tx6MfcUEiBM632obapKOc0YnstWKDGbeQGKVdG5u300fzsa0k-h3wLiAo1vezQqOOvG2bP6Di-vQORHHr47KqltOTh8mGSXg7gqvGGQ1RicNP2wal4qyfBweYcsUfbZsWnXjWX59MHju150UiEEUysQJBhxAGi8_pcdJTWBAUifCHQ4zlEa9y1hd72TS4%26sai%3DAMfl-YSE1W8SGsOt4bKFwn5feZe5C_eTbz7lXx4a3hFQ0fh-ZqjEgNpA99hQivlC9X4Qr3tWkkQ_GR9RgkfQ_r-I2W6ge-_tqLBehmLZViCOmfCvAX1aoMybPZYuZnXi%26sig%3DCg0ArKJSzP1PwAV28WUeEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=rq1h9aU'CN;gcsr=m;stc=1;chaa=1;sttr=259;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
24dccd731e4b42b3c3e43cb9ac9205879143ebb4de7658ab9222dd3b0458b086
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
15148186343628264731
age
2041
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:37:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 23 Oct 2024 23:37:04 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=EUC-KR
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
65423
x-xss-protection
0
server
cafe
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20241022/r20110914/elements/html/ Frame E01F 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241022/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402385435;dc_ver=102.299;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;dc_adk=3381720797;ord=cava8p;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3QYV6rAFBG2HUlW4F6GZBQqM4m65HjynCy5d_Ae7KnEuwCn1DMSzY4Z4VEEaPFS74E6ymsmQQfkj4m2LWpW4nRnIy0JnyHGqna39tKP0TF_1TAQkYdEwSp6ppEiDN219WLGh7KEwIqBbgz1RfCDZqmjnnJ26VaLCPVXaKfNNfeFBDX5gFm3Tx6MfcUEiBM632obapKOc0YnstWKDGbeQGKVdG5u300fzsa0k-h3wLiAo1vezQqOOvG2bP6Di-vQORHHr47KqltOTh8mGSXg7gqvGGQ1RicNP2wal4qyfBweYcsUfbZsWnXjWX59MHju150UiEEUysQJBhxAGi8_pcdJTWBAUifCHQ4zlEa9y1hd72TS4%26sai%3DAMfl-YSE1W8SGsOt4bKFwn5feZe5C_eTbz7lXx4a3hFQ0fh-ZqjEgNpA99hQivlC9X4Qr3tWkkQ_GR9RgkfQ_r-I2W6ge-_tqLBehmLZViCOmfCvAX1aoMybPZYuZnXi%26sig%3DCg0ArKJSzP1PwAV28WUeEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=rq1h9aU'CN;gcsr=m;stc=1;chaa=1;sttr=259;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
e8c2b09805222af84f814e922b1c551a12c39bc10c5d1634513781f77829c4a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
15651656464653560102
age
32662
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 15:06:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 23 Oct 2024 15:06:39 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
4392
x-xss-protection
0
server
cafe
view
ad.doubleclick.net/pcs/ Frame E01F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu2_gAmekMGuw9ho8jd3Ls13ftJ-bxvzcIC-HwBtlTDoTLsipj8sbxyewtMjtWFwdIEhgKeLhQrwQqrvzDoAEHPzp4muvBFANSVH3783DkcMVCnu719H1FHODv4eaLHJ1LKXtVoyh-EHhfchFCYn8ytuNxBMJ-f1TqRQgJD0juG_bLB0eMocMfx7cM1Ne6lhUIbq5Zet79XmQNF1dgsgfZHCAEQ_HT4qgAe3WAAZw&sai=AMfl-YR-IYSY0sdlYP7Lj2Bos2iTvmQItk5ft0xbBr3H6ARXs6LoCkQ0lGVr3b8pIcKVYQIf28K1IzYMX521mTz4gMm3QwJ41Y_QRz8&sig=Cg0ArKJSzA9Qqxe6432QEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9hcHAubGluaw&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20241022.29607&arae=1&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402385435;dc_ver=102.299;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;dc_adk=3381720797;ord=cava8p;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3QYV6rAFBG2HUlW4F6GZBQqM4m65HjynCy5d_Ae7KnEuwCn1DMSzY4Z4VEEaPFS74E6ymsmQQfkj4m2LWpW4nRnIy0JnyHGqna39tKP0TF_1TAQkYdEwSp6ppEiDN219WLGh7KEwIqBbgz1RfCDZqmjnnJ26VaLCPVXaKfNNfeFBDX5gFm3Tx6MfcUEiBM632obapKOc0YnstWKDGbeQGKVdG5u300fzsa0k-h3wLiAo1vezQqOOvG2bP6Di-vQORHHr47KqltOTh8mGSXg7gqvGGQ1RicNP2wal4qyfBweYcsUfbZsWnXjWX59MHju150UiEEUysQJBhxAGi8_pcdJTWBAUifCHQ4zlEa9y1hd72TS4%26sai%3DAMfl-YSE1W8SGsOt4bKFwn5feZe5C_eTbz7lXx4a3hFQ0fh-ZqjEgNpA99hQivlC9X4Qr3tWkkQ_GR9RgkfQ_r-I2W6ge-_tqLBehmLZViCOmfCvAX1aoMybPZYuZnXi%26sig%3DCg0ArKJSzP1PwAV28WUeEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=rq1h9aU'CN;gcsr=m;stc=1;chaa=1;sttr=259;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f38.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:11:05 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:05 GMT
x-xss-protection
0
content-type
image/png
attribution-reporting-register-source
{"aggregation_keys":{"628667540":"0x3d274bd8b1a7c5a40000000000000000","628667541":"0x34b2461d62fcb2ea0000000000000000","628667542":"0x7e030552c1b702520000000000000000","628667543":"0x90b099266313f0c00000000000000000"},"debug_key":"6175848725531927441","debug_reporting":true,"destination":["https://tab.com.au","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,604800,2592000]},"expiry":"691200","filter_data":{"14":[],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["13954933"]},"max_event_level_reports":2,"priority":"0","source_event_id":"3566420067615241230"}
server
cafe
adServerESI.aspx
secure.insightexpressai.com/adServer/ Frame E01F 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.insightexpressai.com/adServer/adServerESI.aspx?bannerID=12267671&siteID=N2182548.2810019NEWSCORPAUSTRALI&creativeID=221763543&placementID=402385435&rnd=1817257075
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402385435;dc_ver=102.299;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;dc_adk=3381720797;ord=cava8p;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3QYV6rAFBG2HUlW4F6GZBQqM4m65HjynCy5d_Ae7KnEuwCn1DMSzY4Z4VEEaPFS74E6ymsmQQfkj4m2LWpW4nRnIy0JnyHGqna39tKP0TF_1TAQkYdEwSp6ppEiDN219WLGh7KEwIqBbgz1RfCDZqmjnnJ26VaLCPVXaKfNNfeFBDX5gFm3Tx6MfcUEiBM632obapKOc0YnstWKDGbeQGKVdG5u300fzsa0k-h3wLiAo1vezQqOOvG2bP6Di-vQORHHr47KqltOTh8mGSXg7gqvGGQ1RicNP2wal4qyfBweYcsUfbZsWnXjWX59MHju150UiEEUysQJBhxAGi8_pcdJTWBAUifCHQ4zlEa9y1hd72TS4%26sai%3DAMfl-YSE1W8SGsOt4bKFwn5feZe5C_eTbz7lXx4a3hFQ0fh-ZqjEgNpA99hQivlC9X4Qr3tWkkQ_GR9RgkfQ_r-I2W6ge-_tqLBehmLZViCOmfCvAX1aoMybPZYuZnXi%26sig%3DCg0ArKJSzP1PwAV28WUeEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=rq1h9aU'CN;gcsr=m;stc=1;chaa=1;sttr=259;prcl=s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1415:3c00:282::1ec4 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Access-Control-Expose-Headers
Request-Context
X-Content-Type-Options
nosniff
Expires
Thu, 24 Oct 2024 00:11:05 GMT
P3P
CP="NOI DSP COR NID CUR ADMa OUR STP STA"
Date
Thu, 24 Oct 2024 00:11:05 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
X-Frame-Options
ALLOWALL
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Cache-Control
max-age=0, no-cache
Pragma
no-cache
Connection
keep-alive
Referrer-Policy
unsafe-url
Request-Context
appId=cid-v1:47139b8a-696d-4ae8-b194-53d8c1af57ca
Access-Control-Allow-Origin
*
Content-Length
0
X-XSS-Protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame E01F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 24 Oct 2024 00:11:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame E01F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 24 Oct 2024 00:11:06 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
jload
pixel.adsafeprotected.com/ Frame 40CE 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=4570579583&chanId=171638111&placementId=6765373081&pubCreative=138493502325&pubOrder=3573136523&cb=614708568&custom=homepage&custom3=168400391&adsafe_par&impId=740058b5-919c-11ef-9989-4a6c65c49a86
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.62.126.64 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-126-64.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
792e548163bda85401efb84a13a1b67f1c48befdba16c266d3771c9312f6c328

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin
pixel.adsafeprotected.com
date
Thu, 24 Oct 2024 00:11:05 GMT
content-type
application/javascript;charset=utf-8
vary
accept-encoding
truncated
/ Frame E01F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b7aa615cdaa53d884b03a52de9116e66ced911ecba1e231ef4b46255099a42d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
visit.js
tps.doubleverify.com/ Frame E01F 		578 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=1&ttmms=11&ttfrms=11&brid=96&bridua=3&bds=1&tstype=2&prndr=1&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3E%5D2FTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3E%5D2FTar9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3E%5D2FU42%3FFC%3Dl9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3E%5D2FTau&srcurlD=0&aUrlD=0&ssl=https:&dfs=1045&ddur=0&uid=1729728665902821&jsCallback=dvCallback_1729728665902344&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=6844&tgjsver=6844&lvvn=28&m1=96&refD=1&referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&fwc=6&fcl=4149&flt=0&fec=3324&fcifrms=19&brh=2&dvp_epl=238&noc=16&nav_pltfrm=Linux%20x86_64&ctx=34659441&cmp=32551608&sid=9180920&plc=402385435&crt=221763543&adsrv=1&advid=13954933&unit=300x250&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&mon=1&blk=0&dvp_cawf=crtwrp&cm360cw=1&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=30034920802.312946&ee_dp_sukv=30034920802.312946&dvp_tukv=982638785.3475296&ee_dp_tukv=982638785.3475296&dvp_tuid=44647921265&jurtd=1288464688
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
4a3d37bb3060d3890a88ead4a5de72430686740a2c02518241c5392d5150facf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=0
Timing-Allow-Origin
*
Content-Encoding
br
Pragma
no-cache
Connection
keep-alive
Expires
10/23/2024 00:11:06
Date
Thu, 24 Oct 2024 00:11:06 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
dvbm.js
cdn.doubleverify.com/ Frame A707 		435 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbm.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402385438;dc_ver=102.299;sz=728x90;u_sd=1;nel=1;dc_adk=2291409874;ord=m5gic7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3ZxqyjbmDqcSK_EG4txABIMqHoRNChLQg1Ul39WL7NFPKkVYD39kLCuViHCa3tXC7OkWylXkMkuwjeyxgGFZPERoXVQmz03_XxQoFkg4vrxvpiegO3zrJkBBefmB8xujXH79PCtnh1zYcz8jpB5ReRmP_x67bCk6KQnjGChoPDlN4j7gs8BZJKZmaUPQpoCi2DmURFjDssz9ryNTiL6WGCLTmKBpN-plqC7RahsWtPQlQEuq9ADA4ZdR6_SWe8_9XGpyK9LiszfaH-5B78MIpSgrXOK6zi59aKLqyTcsPYePLJnVLFs8PDYFZym_vkM87nbvd3tyqK_afAkd3pICglIsFKDgv7twY7zm2ggtbZEPgQKI%26sai%3DAMfl-YTyL6w0Xhu3izJPJYJNwauHfX2q-yfMHep141ydwDNMkmrs4BtjM9jBXlvcN8KLeTQGJI641f469YZAmTsf-nzQ2f3PUVyGI-eWNifahOuuMXHuU2-B54tiQznh%26sig%3DCg0ArKJSzHuSSnmg46imEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=rq1h9aU'CN;gcsr=m;stc=1;chaa=1;sttr=265;prcl=s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1415:9c00:7::1728:3448 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1dd77277ff82fb5d8efd81c42e455b018c203052b947039fbcaf99b92a6c763e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Access-Control-Expose-Headers
*
Cache-Control
max-age=900
Content-Encoding
gzip
ETag
"0d49f26f0d230f209bffb8a87bbc5d2a"
Connection
keep-alive
Expires
Thu, 24 Oct 2024 00:26:05 GMT
Access-Control-Allow-Origin
*
Content-Length
109592
Date
Thu, 24 Oct 2024 00:11:05 GMT
Last-Modified
Mon, 21 Oct 2024 18:13:22 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
66c838879059f612fc3010f3
c.bannerflow.net/a/ Frame A707 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/66c838879059f612fc3010f3?did=5ced17d285b1c200019c3fe1&deeplink=on&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuMF_ppYH_sQYxkn4RwJfZkrtJYPtLeJ1-noGWpiRkVvXgQGYOwH_kdWV8FEDW7d1fdep3foF86msdkxbXQNoeDT3JdqSBrGIG3xsUkjgNvqt4VMvu81XLE4k89y3coM47fpzRYfF0qBL1uazEP8KGKxCx6ke-9sldBQ1914pDo6c4469Lugkf1Zp1n2vOE-aCnplrp0mSGkrb64dKOo0ik0S-GHU7ch79daTD1PgyUjuCu5wJK1o127ofsHxg%26sai%3DAMfl-YR4aPNjC2Di7l60UxwWz0Oi6CLWAs9_RqmeUxaIxXRqoCvs8LB1FrbYkL2SIPExClXlWfGh0nr2V75j2mNZwGqfj63McWtgLC4%26sig%3DCg0ArKJSzFowJMvr0nnWEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsv3ZxqyjbmDqcSK_EG4txABIMqHoRNChLQg1Ul39WL7NFPKkVYD39kLCuViHCa3tXC7OkWylXkMkuwjeyxgGFZPERoXVQmz03_XxQoFkg4vrxvpiegO3zrJkBBefmB8xujXH79PCtnh1zYcz8jpB5ReRmP_x67bCk6KQnjGChoPDlN4j7gs8BZJKZmaUPQpoCi2DmURFjDssz9ryNTiL6WGCLTmKBpN-plqC7RahsWtPQlQEuq9ADA4ZdR6_SWe8_9XGpyK9LiszfaH-5B78MIpSgrXOK6zi59aKLqyTcsPYePLJnVLFs8PDYFZym_vkM87nbvd3tyqK_afAkd3pICglIsFKDgv7twY7zm2ggtbZEPgQKI%2526sai%253DAMfl-YTyL6w0Xhu3izJPJYJNwauHfX2q-yfMHep141ydwDNMkmrs4BtjM9jBXlvcN8KLeTQGJI641f469YZAmTsf-nzQ2f3PUVyGI-eWNifahOuuMXHuU2-B54tiQznh%2526sig%253DCg0ArKJSzHuSSnmg46imEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&cb=917676590&domain=N2182548.2810019NEWSCORPAUSTRALI
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402385438;dc_ver=102.299;sz=728x90;u_sd=1;nel=1;dc_adk=2291409874;ord=m5gic7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3ZxqyjbmDqcSK_EG4txABIMqHoRNChLQg1Ul39WL7NFPKkVYD39kLCuViHCa3tXC7OkWylXkMkuwjeyxgGFZPERoXVQmz03_XxQoFkg4vrxvpiegO3zrJkBBefmB8xujXH79PCtnh1zYcz8jpB5ReRmP_x67bCk6KQnjGChoPDlN4j7gs8BZJKZmaUPQpoCi2DmURFjDssz9ryNTiL6WGCLTmKBpN-plqC7RahsWtPQlQEuq9ADA4ZdR6_SWe8_9XGpyK9LiszfaH-5B78MIpSgrXOK6zi59aKLqyTcsPYePLJnVLFs8PDYFZym_vkM87nbvd3tyqK_afAkd3pICglIsFKDgv7twY7zm2ggtbZEPgQKI%26sai%3DAMfl-YTyL6w0Xhu3izJPJYJNwauHfX2q-yfMHep141ydwDNMkmrs4BtjM9jBXlvcN8KLeTQGJI641f469YZAmTsf-nzQ2f3PUVyGI-eWNifahOuuMXHuU2-B54tiQznh%26sig%3DCg0ArKJSzHuSSnmg46imEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=rq1h9aU'CN;gcsr=m;stc=1;chaa=1;sttr=265;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee472dfdc2f730a1b1c87d81fd2e55936c747bc363a2ebe34154d5a40d080203

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
public, s-maxage=10
content-encoding
br
cf-cache-status
MISS
cf-ray
8d75bf621d0ba81f-SYD
date
Thu, 24 Oct 2024 00:11:06 GMT
content-type
application/javascript
last-modified
Thu, 24 Oct 2024 00:11:06 GMT
vary
Accept-Encoding
server
cloudflare
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A707 		207 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402385438;dc_ver=102.299;sz=728x90;u_sd=1;nel=1;dc_adk=2291409874;ord=m5gic7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3ZxqyjbmDqcSK_EG4txABIMqHoRNChLQg1Ul39WL7NFPKkVYD39kLCuViHCa3tXC7OkWylXkMkuwjeyxgGFZPERoXVQmz03_XxQoFkg4vrxvpiegO3zrJkBBefmB8xujXH79PCtnh1zYcz8jpB5ReRmP_x67bCk6KQnjGChoPDlN4j7gs8BZJKZmaUPQpoCi2DmURFjDssz9ryNTiL6WGCLTmKBpN-plqC7RahsWtPQlQEuq9ADA4ZdR6_SWe8_9XGpyK9LiszfaH-5B78MIpSgrXOK6zi59aKLqyTcsPYePLJnVLFs8PDYFZym_vkM87nbvd3tyqK_afAkd3pICglIsFKDgv7twY7zm2ggtbZEPgQKI%26sai%3DAMfl-YTyL6w0Xhu3izJPJYJNwauHfX2q-yfMHep141ydwDNMkmrs4BtjM9jBXlvcN8KLeTQGJI641f469YZAmTsf-nzQ2f3PUVyGI-eWNifahOuuMXHuU2-B54tiQznh%26sig%3DCg0ArKJSzHuSSnmg46imEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=rq1h9aU'CN;gcsr=m;stc=1;chaa=1;sttr=265;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
24dccd731e4b42b3c3e43cb9ac9205879143ebb4de7658ab9222dd3b0458b086
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
15148186343628264731
age
2041
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:37:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 23 Oct 2024 23:37:04 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=EUC-KR
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
65423
x-xss-protection
0
server
cafe
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20241022/r20110914/elements/html/ Frame A707 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241022/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402385438;dc_ver=102.299;sz=728x90;u_sd=1;nel=1;dc_adk=2291409874;ord=m5gic7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3ZxqyjbmDqcSK_EG4txABIMqHoRNChLQg1Ul39WL7NFPKkVYD39kLCuViHCa3tXC7OkWylXkMkuwjeyxgGFZPERoXVQmz03_XxQoFkg4vrxvpiegO3zrJkBBefmB8xujXH79PCtnh1zYcz8jpB5ReRmP_x67bCk6KQnjGChoPDlN4j7gs8BZJKZmaUPQpoCi2DmURFjDssz9ryNTiL6WGCLTmKBpN-plqC7RahsWtPQlQEuq9ADA4ZdR6_SWe8_9XGpyK9LiszfaH-5B78MIpSgrXOK6zi59aKLqyTcsPYePLJnVLFs8PDYFZym_vkM87nbvd3tyqK_afAkd3pICglIsFKDgv7twY7zm2ggtbZEPgQKI%26sai%3DAMfl-YTyL6w0Xhu3izJPJYJNwauHfX2q-yfMHep141ydwDNMkmrs4BtjM9jBXlvcN8KLeTQGJI641f469YZAmTsf-nzQ2f3PUVyGI-eWNifahOuuMXHuU2-B54tiQznh%26sig%3DCg0ArKJSzHuSSnmg46imEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=rq1h9aU'CN;gcsr=m;stc=1;chaa=1;sttr=265;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
e8c2b09805222af84f814e922b1c551a12c39bc10c5d1634513781f77829c4a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
br
etag
15651656464653560102
age
32662
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 15:06:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 23 Oct 2024 15:06:39 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
4392
x-xss-protection
0
server
cafe
view
ad.doubleclick.net/pcs/ Frame A707 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvNfSsb4PqXff2LSovy3ZOCZtLaSbN3IkBYv7SjY3c29zMUm0azeeMMJfjKzIAn36qxXm666w4UyDolxz3AzIqsbgaMGfTonHlF-Vv3EZBOXSPSQYoI3j2Ym0a3PxXVAgljd4MXHQVcAahDt4M3HgpS5jXdC8u7vb2k8WNzvS1m4VxnwILbenTYT6MvzEgOeCrbee0hDF0z4-ZGjIzkynod17KpZbrsKGsPsMOJFw&sai=AMfl-YS66ONHC8yAAqn6YQJnqZBL6NJ35E23WY_s99lfNhxC-0raxIBuFAOYnZ133ILHwUwCo6FfCHbOHlJhHW_7HvY9eFgfea7CPPY&sig=Cg0ArKJSzLRLatA9kxNKEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9hcHAubGluaw&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20241022.68035&arae=1&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402385438;dc_ver=102.299;sz=728x90;u_sd=1;nel=1;dc_adk=2291409874;ord=m5gic7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3ZxqyjbmDqcSK_EG4txABIMqHoRNChLQg1Ul39WL7NFPKkVYD39kLCuViHCa3tXC7OkWylXkMkuwjeyxgGFZPERoXVQmz03_XxQoFkg4vrxvpiegO3zrJkBBefmB8xujXH79PCtnh1zYcz8jpB5ReRmP_x67bCk6KQnjGChoPDlN4j7gs8BZJKZmaUPQpoCi2DmURFjDssz9ryNTiL6WGCLTmKBpN-plqC7RahsWtPQlQEuq9ADA4ZdR6_SWe8_9XGpyK9LiszfaH-5B78MIpSgrXOK6zi59aKLqyTcsPYePLJnVLFs8PDYFZym_vkM87nbvd3tyqK_afAkd3pICglIsFKDgv7twY7zm2ggtbZEPgQKI%26sai%3DAMfl-YTyL6w0Xhu3izJPJYJNwauHfX2q-yfMHep141ydwDNMkmrs4BtjM9jBXlvcN8KLeTQGJI641f469YZAmTsf-nzQ2f3PUVyGI-eWNifahOuuMXHuU2-B54tiQznh%26sig%3DCg0ArKJSzHuSSnmg46imEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=rq1h9aU'CN;gcsr=m;stc=1;chaa=1;sttr=265;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f38.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:11:05 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:05 GMT
x-xss-protection
0
content-type
image/png
attribution-reporting-register-source
{"aggregation_keys":{"628667540":"0x3d274bd8b1a7c5a40000000000000000","628667541":"0x34b2461d62fcb2ea0000000000000000","628667542":"0x7e030552c1b702520000000000000000","628667543":"0x4a5dc7e7484bfa3d0000000000000000"},"debug_key":"1687240290359221486","debug_reporting":true,"destination":["https://tab.com.au","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,604800,2592000]},"expiry":"691200","filter_data":{"14":[],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["13954933"]},"max_event_level_reports":2,"priority":"0","source_event_id":"3499187304241027905"}
server
cafe
adServerESI.aspx
secure.insightexpressai.com/adServer/ Frame A707 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.insightexpressai.com/adServer/adServerESI.aspx?bannerID=12267671&siteID=N2182548.2810019NEWSCORPAUSTRALI&creativeID=221170732&placementID=402385438&rnd=917676590
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402385438;dc_ver=102.299;sz=728x90;u_sd=1;nel=1;dc_adk=2291409874;ord=m5gic7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3ZxqyjbmDqcSK_EG4txABIMqHoRNChLQg1Ul39WL7NFPKkVYD39kLCuViHCa3tXC7OkWylXkMkuwjeyxgGFZPERoXVQmz03_XxQoFkg4vrxvpiegO3zrJkBBefmB8xujXH79PCtnh1zYcz8jpB5ReRmP_x67bCk6KQnjGChoPDlN4j7gs8BZJKZmaUPQpoCi2DmURFjDssz9ryNTiL6WGCLTmKBpN-plqC7RahsWtPQlQEuq9ADA4ZdR6_SWe8_9XGpyK9LiszfaH-5B78MIpSgrXOK6zi59aKLqyTcsPYePLJnVLFs8PDYFZym_vkM87nbvd3tyqK_afAkd3pICglIsFKDgv7twY7zm2ggtbZEPgQKI%26sai%3DAMfl-YTyL6w0Xhu3izJPJYJNwauHfX2q-yfMHep141ydwDNMkmrs4BtjM9jBXlvcN8KLeTQGJI641f469YZAmTsf-nzQ2f3PUVyGI-eWNifahOuuMXHuU2-B54tiQznh%26sig%3DCg0ArKJSzHuSSnmg46imEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=rq1h9aU'CN;gcsr=m;stc=1;chaa=1;sttr=265;prcl=s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1415:3c00:282::1ec4 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Access-Control-Expose-Headers
Request-Context
X-Content-Type-Options
nosniff
Expires
Thu, 24 Oct 2024 00:11:06 GMT
P3P
CP="NOI DSP COR NID CUR ADMa OUR STP STA"
Date
Thu, 24 Oct 2024 00:11:06 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
X-Frame-Options
ALLOWALL
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Cache-Control
max-age=0, no-cache
Pragma
no-cache
Connection
keep-alive
Referrer-Policy
unsafe-url
Request-Context
appId=cid-v1:47139b8a-696d-4ae8-b194-53d8c1af57ca
Access-Control-Allow-Origin
*
Content-Length
0
X-XSS-Protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame A707 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 24 Oct 2024 00:11:06 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame A707 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 24 Oct 2024 00:11:06 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
jload
pixel.adsafeprotected.com/ Frame 5185 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=4570579583&chanId=171638111&placementId=6765373081&pubCreative=138493502322&pubOrder=3573136523&cb=571927999&custom=homepage&custom3=168400391&adsafe_par&impId=740058b8-919c-11ef-9989-4a6c65c49a86
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.62.126.64 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-126-64.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
9e02b4a68451198879b768f76ce6a8f1c644be757d46e8dd3734777996cc92f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin
pixel.adsafeprotected.com
date
Thu, 24 Oct 2024 00:11:06 GMT
content-type
application/javascript;charset=utf-8
vary
accept-encoding
truncated
/ Frame A707 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef7849df10429e7efe676feafc2f2a6a676bdeaf34f4932ca0cae909be573cde

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
usync.html
eus.rubiconproject.com/ Frame 21F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.116.109.67 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-109-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Thu, 24 Oct 2024 00:11:06 GMT
etag
"28052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D8DC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
46935
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 24 Oct 2024 00:11:06 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 17 May 2024 08:31:56 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
4613281, 40563
X-Served-By
cache-lga21993-LGA, cache-syd10122-SYD
X-Timer
S1729728666.188147,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame E775 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
954
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8d75bf63c98dab07-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 24 Oct 2024 00:11:06 GMT
expires
Thu, 24 Oct 2024 04:11:06 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame 95AB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZxmQmgAAJ2Ao4gAX
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZxmQmgAAJ2Ao4gAX
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
3096
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 24 Oct 2024 00:11:06 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
6249
x-robots-tag
noindex
x-served-by
cache-syd10135-SYD
x-timer
S1729728666.318311,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 24 Oct 2024 00:11:06 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZxmQmgAAJ2Ao4gAX
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-robots-tag
noindex
x-served-by
cache-syd10135-SYD
x-timer
S1729728666.105873,VS0,VE208
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 72E1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.55.6.117 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-6-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=18352
content-encoding
gzip
content-length
5633
content-type
text/html
date
Thu, 24 Oct 2024 00:11:06 GMT
expires
Thu, 24 Oct 2024 05:16:58 GMT
last-modified
Mon, 26 Aug 2024 15:25:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=7171260968332764503
43 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=7171260968332764503
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

x-request-id
e8fe1019-907b-4729-8902-a89fc52e2272
cache-control
no-cache
access-control-allow-credentials
true
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:11:06 GMT
content-type
image/gif
x-powered-by
Express
vary
Origin

Redirect headers

cache-control
no-store, no-cache, private
location
https://ads.playground.xyz/usersync?partner=appnexus&uid=7171260968332764503
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.200.96; 146.70.200.96; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
91a4b9dd-e315-48e3-bc8e-c0d8cdcce57d
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 24 Oct 2024 00:11:06 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
visit.js
tps.doubleverify.com/ Frame A707 		578 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=1&ttmms=13&ttfrms=18&brid=96&bridua=3&bds=1&tstype=2&prndr=1&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3E%5D2FTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3E%5D2FTar9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3E%5D2FU42%3FFC%3Dl9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3E%5D2FTau&srcurlD=0&aUrlD=0&ssl=https:&dfs=1171&ddur=0&uid=1729728666117859&jsCallback=dvCallback_1729728666117486&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=6844&tgjsver=6844&lvvn=28&m1=96&refD=1&referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&fwc=6&fcl=4149&flt=0&fec=3330&fcifrms=24&brh=2&dvp_epl=238&noc=16&nav_pltfrm=Linux%20x86_64&ctx=34659441&cmp=32551608&sid=9180920&plc=402385438&crt=221170732&adsrv=1&advid=13954933&unit=728x90&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&mon=1&blk=0&dvp_cawf=crtwrp&cm360cw=1&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=3445887365.6069236&ee_dp_sukv=3445887365.6069236&dvp_tukv=19874306132.694756&ee_dp_tukv=19874306132.694756&dvp_tuid=463050675978&jurtd=2825480667
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3a99c59035afe08394af0df08cf38548bbfcfdd86680d98f632f23951c2298d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=0
Timing-Allow-Origin
*
Content-Encoding
br
Pragma
no-cache
Connection
keep-alive
Expires
10/23/2024 00:11:06
Date
Thu, 24 Oct 2024 00:11:06 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
collect
o.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/

Response headers

Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Thu, 24 Oct 2024 00:11:06 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
sca.17.6.4.js
static.adsafeprotected.com/ Frame A421 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25f0:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
age
95808
x-cache
Hit from cloudfront
x-amz-cf-id
FIfgtXMDANM1HNkGgQt72cwPJEw0sljVe0XgdlNMECYxxaRLoiPcyw==
date
Tue, 22 Oct 2024 21:34:19 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 13 May 2024 16:44:02 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
mon
pixel.adsafeprotected.com/ 		43 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=970x250|1&pubId=4570579583&chanId=171638111&placementId=6765373081&pubCreative=138493502319&pubOrder=3573136523&cb=1436500954&custom=homepage&custom3=168400391&adsafe_par&impId=740058b4-919c-11ef-9989-4a6c65c49a86&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:29b937a5-3e6d-1cc1-6fc7-7605d2e02781,c:s2BJOF,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-55c7f7c47d-pvx6t,rg:au,pt:1-5-15,wc:180.180.1600.1200,ac:495.208.970.250,am:i,cc:495.208.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.IASCertification1,mtim:733,mot:0,app:0,maw:0,tdt:s,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f*.10507%7C1f1%7C1g1%7C1h1%7C1i1%7C1i2%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1f*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:777,oid:75eb1152-919c-11ef-ad33-16df3cb82287,v:19.8.544,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.62.126.64 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-126-64.ap-southeast-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:06 GMT
pragma
no-cache
content-type
image/gif
server
Apache-Coyote/1.1
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=29b937a5-3e6d-1cc1-6fc7-7605d2e02781&tv=%7Bc:s2BJOH,pingTime:-8,time:778,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:778,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:775,wc:180.180.1600.1200,ac:495.208.970.250,am:i,cc:495.208.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~100%5D,as:%5B37~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f*.10507%7C1f1%7C1g1%7C1h1%7C1i1%7C1i2%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:778%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:06 GMT
content-type
image/gif
server
nginx
x-server-name
dt32.va.303net.net
sca.17.6.4.js
static.adsafeprotected.com/ Frame 0A8D 		91 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25f0:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
age
95808
x-cache
Hit from cloudfront
x-amz-cf-id
FIfgtXMDANM1HNkGgQt72cwPJEw0sljVe0XgdlNMECYxxaRLoiPcyw==
date
Tue, 22 Oct 2024 21:34:19 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 13 May 2024 16:44:02 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
mon
pixel.adsafeprotected.com/ 		43 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x90|1&pubId=36557831&chanId=171638111&placementId=5969529023&pubCreative=138491351429&pubOrder=3004275014&cb=208616831&custom=homepage&custom3=168400391&adsafe_par&impId=740058b9-919c-11ef-9989-4a6c65c49a86&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:7cdd1ba3-f425-afb6-7f64-946745d9735b,c:s2BJPJ,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-55c7f7c47d-m6rxr,rg:au,pt:1-5-15,wc:180.180.1600.1200,ac:1298.668.300.90,am:i,cc:1298.668.300.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.IASCertification1,mtim:822,mot:0,app:0,maw:0,tdt:s,fm:us4JcCP+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f1%7C1f2%7C1g1%7C1h1%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1j*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:836,oid:75f04163-919c-11ef-8b1e-a6896de817dd,v:19.8.544,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.62.126.64 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-126-64.ap-southeast-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:06 GMT
pragma
no-cache
content-type
image/gif
server
Apache-Coyote/1.1
sca.17.6.4.js
static.adsafeprotected.com/ Frame 412E 		91 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25f0:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
age
95808
x-cache
Hit from cloudfront
x-amz-cf-id
FIfgtXMDANM1HNkGgQt72cwPJEw0sljVe0XgdlNMECYxxaRLoiPcyw==
date
Tue, 22 Oct 2024 21:34:19 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 13 May 2024 16:44:02 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
mon
pixel.adsafeprotected.com/ 		43 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5276126762&pubCreative=138472924819&pubOrder=2553375348&cb=1114352645&custom=homepage&custom3=168400391&adsafe_par&impId=740058b6-919c-11ef-9989-4a6c65c49a86&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:70969dc1-d50c-64ec-f6bd-3334191dafa2,c:s2BJQb,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-55c7f7c47d-mhfnd,rg:au,pt:1-5-15,wc:180.180.1600.1200,ac:1298.13872.300.250,am:i,cc:1298.13872.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.IASCertification1,mtim:784,mot:0,app:0,maw:0,tdt:s,fm:us4JcDV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f1%7C1f2%7C1g1%7C1h1%7C1i*.10507%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1i*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:797,oid:75f87ef0-919c-11ef-bc5e-aa7948e8b025,v:19.8.544,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.62.126.64 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-126-64.ap-southeast-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:06 GMT
pragma
no-cache
content-type
image/gif
server
Apache-Coyote/1.1
moatad.js
z.moatads.com/bonzai678688331786/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/bonzai678688331786/moatad.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2666106558900752878_1729221724613_script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 24 Oct 2024 00:11:06 GMT
Content-Length
27
Date
Thu, 24 Oct 2024 00:11:06 GMT
AK-GRN
0.60464868.1729728666.3ad4930
Content-Type
text/html
main.19.8.544.js
static.adsafeprotected.com/ Frame 40CE 		233 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.544.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=4570579583&chanId=171638111&placementId=6765373081&pubCreative=138493502325&pubOrder=3573136523&cb=614708568&custom=homepage&custom3=168400391&adsafe_par&impId=740058b5-919c-11ef-9989-4a6c65c49a86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25f0:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5caf87c23afe05fabd8fc2498af2c877ff7e016807967f41a9908c16f2bf5ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
x-amz-version-id
RQT2xGQUnDUcFBtJMyY3..AzGbUMEvUa
etag
W/"27bb8c42465d2d4be61c1af73ab0c59e"
age
95807
x-cache
Hit from cloudfront
x-amz-cf-id
91snahgPj_Ay42DjIW5YmVQerbdwPxDorenHGhOlE_Y9QgRA1-P5Vg==
date
Tue, 22 Oct 2024 21:34:19 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 17 Oct 2024 21:10:47 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
trace
c.bannerflow.net/cdn-cgi/ Frame E01F 		315 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/cdn-cgi/trace
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66c838879059f612fc3010f0?did=5ced17d285b1c200019c3fe1&deeplink=on&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsso0cKcOvs9a7HHXcjBnmx3_Q2McR-pnyyMVVaW17U5Jkx6p-DXCC_RPj2-EZm5NNTvrfsusomJMr1sVZPRlJw0AORV44d5QqCBFeG7uuC1aUc8_xyIrWUgYGWoXnKw54K9WNhAzPP2hpFK8nFWiq9zdL4cd2XeCFnRyHZ97W2jTEXJ3b8Fl6zgb705yMktgBtAwXlM3peygM8Z9AMrMwKfOhTHewrhn_gEIfX3FDOtH5ooEyeWYJVSEV0V6U4%26sai%3DAMfl-YTLbdBXU4pT7MqNM7JPBlymXLtBtXpcXuoEgWu0LrAWYYHxfGtpxzCx8lLnkK2aMeGBFxlon5sf_Akw3ZVRnnuJg7Rag5kYwXA%26sig%3DCg0ArKJSzC8d7bNlHiSdEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsv3QYV6rAFBG2HUlW4F6GZBQqM4m65HjynCy5d_Ae7KnEuwCn1DMSzY4Z4VEEaPFS74E6ymsmQQfkj4m2LWpW4nRnIy0JnyHGqna39tKP0TF_1TAQkYdEwSp6ppEiDN219WLGh7KEwIqBbgz1RfCDZqmjnnJ26VaLCPVXaKfNNfeFBDX5gFm3Tx6MfcUEiBM632obapKOc0YnstWKDGbeQGKVdG5u300fzsa0k-h3wLiAo1vezQqOOvG2bP6Di-vQORHHr47KqltOTh8mGSXg7gqvGGQ1RicNP2wal4qyfBweYcsUfbZsWnXjWX59MHju150UiEEUysQJBhxAGi8_pcdJTWBAUifCHQ4zlEa9y1hd72TS4%2526sai%253DAMfl-YSE1W8SGsOt4bKFwn5feZe5C_eTbz7lXx4a3hFQ0fh-ZqjEgNpA99hQivlC9X4Qr3tWkkQ_GR9RgkfQ_r-I2W6ge-_tqLBehmLZViCOmfCvAX1aoMybPZYuZnXi%2526sig%253DCg0ArKJSzP1PwAV28WUeEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&cb=1817257075&domain=N2182548.2810019NEWSCORPAUSTRALI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52672673bb2e2c369b1b964258bd987b5afc981ffeba7a5c5ac21d8fb3498380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8d75bf658f56aaf6-SYD
expires
Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin
*
date
Thu, 24 Oct 2024 00:11:06 GMT
content-type
text/plain
server
cloudflare
x-frame-options
DENY
preload.jpg
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/9521384/11223296/ Frame E01F 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/9521384/11223296/preload.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
421c66dcb237d7e017c2a648019f0e8902c87ffeba0564f40516ecea6b202517

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-md5
x2G7FpZHl1W+fgtSXB2jQg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
h2pri
etag
"0x8DCEF386DC9CC50"
x-ms-version
2011-08-18
cf-cache-status
HIT
age
385862
date
Thu, 24 Oct 2024 00:11:06 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 05:48:01 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
73bca90e-501e-0022-3022-2110cc000000
cf-ray
8d75bf657974a81f-SYD
accept-ranges
bytes
access-control-allow-origin
*
content-length
15419
x-ms-blob-type
BlockBlob
server
cloudflare
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=29b937a5-3e6d-1cc1-6fc7-7605d2e02781&tv=%7Bc:s2BJSO,pingTime:0,time:1033,type:pf,sca:%7Blts:2024-10-24%2008.11.06%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:776%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1033,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:775,wc:180.180.1600.1200,ac:180.180.970.250,am:i,cc:180.180.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B293~100%5D,as:%5B293~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f*.10507%7C1f1%7C1g1%7C1h1%7C1i1%7C1i2%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:778%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:06 GMT
content-type
image/gif
server
nginx
x-server-name
dt02.va.303net.net
view
securepubads.g.doubleclick.net/pcs/ Frame 4885 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdGaH9JaS5YzzqNQRtAIgpz-75JL8nxHeFHwONx0m4JCpYVyOUkJO3vWB73ffgx8dGpo9nFuaE_36p0zIjWpMcJESm7SPIN3upU9Oh25WQFwgEOiJK6MpWppblBvdAgkkCKet6aZnkeewuPEaPqx1OYcFne7Poely0qiZVcoH4GEwwdv3Bwxo6Nc9K_ewuwoMTZy7Sq6J2azQCto-3fawK1OajJLaQz0I9aucN0IzTMQ846hbN5cdfvFQp9nfaW9juoUPE3abnnlwrxi3MU_KgPnGuiHngyUt-7IZb6SLCG10UhlBZuT1k0tEpeyK8Cypj8y4FE711c1sDz5o-WwBkSjspEd932pHO6pjoONVYQ9q_zmVIswUvYK6K6S35LHRoDHE&sai=AMfl-YTDl-cY6TJtiPHaoI4Zm3Z54lvP8D0i8HqIHFZ9JH1-LPt1fZlNDdvLNWFuH2zuTcUaVigebezc5rJ9OPzLjyFsNyGvK2EapjtwzrGsgJZToCqMDODVzqozIr03&sig=Cg0ArKJSzI33ikX8t1lHEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:11:06 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:06 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cdd1ba3-f425-afb6-7f64-946745d9735b&tv=%7Bc:s2BJTv,pingTime:0,time:1070,type:pf,sca:%7Blts:2024-10-24%2008.11.06%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1070,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:1298.624.300.90,am:i,cc:1298.624.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B247~100%5D,as:%5B247~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g1%7C1h1%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs,siq:836%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:06 GMT
content-type
image/gif
server
nginx
x-server-name
dt03.va.303net.net
main.19.8.544.js
static.adsafeprotected.com/ Frame 5185 		233 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.544.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=4570579583&chanId=171638111&placementId=6765373081&pubCreative=138493502322&pubOrder=3573136523&cb=571927999&custom=homepage&custom3=168400391&adsafe_par&impId=740058b8-919c-11ef-9989-4a6c65c49a86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25f0:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5caf87c23afe05fabd8fc2498af2c877ff7e016807967f41a9908c16f2bf5ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
x-amz-version-id
RQT2xGQUnDUcFBtJMyY3..AzGbUMEvUa
etag
W/"27bb8c42465d2d4be61c1af73ab0c59e"
age
95807
x-cache
Hit from cloudfront
x-amz-cf-id
91snahgPj_Ay42DjIW5YmVQerbdwPxDorenHGhOlE_Y9QgRA1-P5Vg==
date
Tue, 22 Oct 2024 21:34:19 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 17 Oct 2024 21:10:47 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
sca.17.6.4.js
static.adsafeprotected.com/ Frame F517 		91 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25f0:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
age
95808
x-cache
Hit from cloudfront
x-amz-cf-id
FIfgtXMDANM1HNkGgQt72cwPJEw0sljVe0XgdlNMECYxxaRLoiPcyw==
date
Tue, 22 Oct 2024 21:34:19 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 13 May 2024 16:44:02 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
mon
pixel.adsafeprotected.com/ 		43 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|1&pubId=4570579583&chanId=171638111&placementId=6765373081&pubCreative=138493502325&pubOrder=3573136523&cb=614708568&custom=homepage&custom3=168400391&adsafe_par&impId=740058b5-919c-11ef-9989-4a6c65c49a86&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:ec10f065-7462-e9ea-ed20-9781b44dd93f,c:s2BJUE,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-55c7f7c47d-m6rxr,rg:au,pt:1-5-15,wc:180.180.1600.1200,ac:1298.740.300.250,am:i,cc:1298.740.300.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.IASCertification1,mtim:184,mot:0,app:0,maw:0,tdt:s,fm:us4JcS4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h1%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1n%7C1o,idMap:1g*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:197,oid:7664fc3d-919c-11ef-8b1e-a6896de817dd,v:19.8.544,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.62.126.64 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-126-64.ap-southeast-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:06 GMT
pragma
no-cache
content-type
image/gif
server
Apache-Coyote/1.1
trace
c.bannerflow.net/cdn-cgi/ Frame A707 		315 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/cdn-cgi/trace
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66c838879059f612fc3010f3?did=5ced17d285b1c200019c3fe1&deeplink=on&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuMF_ppYH_sQYxkn4RwJfZkrtJYPtLeJ1-noGWpiRkVvXgQGYOwH_kdWV8FEDW7d1fdep3foF86msdkxbXQNoeDT3JdqSBrGIG3xsUkjgNvqt4VMvu81XLE4k89y3coM47fpzRYfF0qBL1uazEP8KGKxCx6ke-9sldBQ1914pDo6c4469Lugkf1Zp1n2vOE-aCnplrp0mSGkrb64dKOo0ik0S-GHU7ch79daTD1PgyUjuCu5wJK1o127ofsHxg%26sai%3DAMfl-YR4aPNjC2Di7l60UxwWz0Oi6CLWAs9_RqmeUxaIxXRqoCvs8LB1FrbYkL2SIPExClXlWfGh0nr2V75j2mNZwGqfj63McWtgLC4%26sig%3DCg0ArKJSzFowJMvr0nnWEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsv3ZxqyjbmDqcSK_EG4txABIMqHoRNChLQg1Ul39WL7NFPKkVYD39kLCuViHCa3tXC7OkWylXkMkuwjeyxgGFZPERoXVQmz03_XxQoFkg4vrxvpiegO3zrJkBBefmB8xujXH79PCtnh1zYcz8jpB5ReRmP_x67bCk6KQnjGChoPDlN4j7gs8BZJKZmaUPQpoCi2DmURFjDssz9ryNTiL6WGCLTmKBpN-plqC7RahsWtPQlQEuq9ADA4ZdR6_SWe8_9XGpyK9LiszfaH-5B78MIpSgrXOK6zi59aKLqyTcsPYePLJnVLFs8PDYFZym_vkM87nbvd3tyqK_afAkd3pICglIsFKDgv7twY7zm2ggtbZEPgQKI%2526sai%253DAMfl-YTyL6w0Xhu3izJPJYJNwauHfX2q-yfMHep141ydwDNMkmrs4BtjM9jBXlvcN8KLeTQGJI641f469YZAmTsf-nzQ2f3PUVyGI-eWNifahOuuMXHuU2-B54tiQznh%2526sig%253DCg0ArKJSzHuSSnmg46imEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&cb=917676590&domain=N2182548.2810019NEWSCORPAUSTRALI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bf323f64158f948068d5d536a049ddd8e8cc9a7d814d683595bcf7983153f68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8d75bf668884aaf6-SYD
expires
Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin
*
date
Thu, 24 Oct 2024 00:11:06 GMT
content-type
text/plain
server
cloudflare
x-frame-options
DENY
preload.jpg
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/9521386/11223296/ Frame A707 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/9521386/11223296/preload.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d207aa8b03fc309c866e75e437e7a928c976399c3f469eb3932897b2e3fa632b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-md5
bzW/4kjhfeIccR/XS+worQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
h2pri
etag
"0x8DCEF386DCD4AD4"
x-ms-version
2011-08-18
cf-cache-status
HIT
age
25254
date
Thu, 24 Oct 2024 00:11:06 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 05:48:01 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
65728957-201e-0065-1422-217b97000000
cf-ray
8d75bf668ab7a81f-SYD
accept-ranges
bytes
access-control-allow-origin
*
content-length
14307
x-ms-blob-type
BlockBlob
server
cloudflare
lookuplist
au.audience.newscgp.com/ 		108 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=8d7ab3017569bbb26e044e3b23694b8d&&bust=17297286666550.7954441425004071&errors-in-body=1
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.7.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-7-117.cgk51.r.cloudfront.net
Software
nginx /
Resource Hash
63c0cc5e06cb36ca4f6dc793280e81511b28378cf3f9cd29094a36647d3fb46c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
via
1.1 6d26f03d50e1b3f2e126d642a8ef8428.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.heraldsun.com.au
x-cache
Miss from cloudfront
content-length
108
x-amz-cf-id
0VIiWutqWn5EgJJc8GA0bPH8dWVCupiIXcr6i83sT4hqTlEmfxorRg==
date
Thu, 24 Oct 2024 00:11:06 GMT
content-type
application/json
x-amz-cf-pop
CGK51-P2
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=29b937a5-3e6d-1cc1-6fc7-7605d2e02781&tv=%7Bc:s2BJW7,pingTime:-2,time:1238,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:372,beZ:373,mfA:1104,cmA:1109,inA:1110,inZ:1118,prA:1118,prZ:1133,si:1148,poA:1151,poZ:1191,cmZ:1191,mfZ:1191,loA:1418,loZ:1423,ecZ:1451,ltA:1609,ltZ:1609,mdA:374,mdZ:747%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:776%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1238,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:775,wc:180.180.1600.1200,ac:180.180.970.250,am:i,cc:180.180.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B496~100%5D,as:%5B496~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f*.10507%7C1f1%7C1g1%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1f*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:778,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1%5D,sis:1080,sinceFw:457,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:06 GMT
content-type
image/gif
server
nginx
x-server-name
dt01.va.303net.net
/
c.bannerflow.net/tr/v2/pixel/ Frame E01F 		0
92 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66c838879059f612fc3010f0?did=5ced17d285b1c200019c3fe1&deeplink=on&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsso0cKcOvs9a7HHXcjBnmx3_Q2McR-pnyyMVVaW17U5Jkx6p-DXCC_RPj2-EZm5NNTvrfsusomJMr1sVZPRlJw0AORV44d5QqCBFeG7uuC1aUc8_xyIrWUgYGWoXnKw54K9WNhAzPP2hpFK8nFWiq9zdL4cd2XeCFnRyHZ97W2jTEXJ3b8Fl6zgb705yMktgBtAwXlM3peygM8Z9AMrMwKfOhTHewrhn_gEIfX3FDOtH5ooEyeWYJVSEV0V6U4%26sai%3DAMfl-YTLbdBXU4pT7MqNM7JPBlymXLtBtXpcXuoEgWu0LrAWYYHxfGtpxzCx8lLnkK2aMeGBFxlon5sf_Akw3ZVRnnuJg7Rag5kYwXA%26sig%3DCg0ArKJSzC8d7bNlHiSdEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsv3QYV6rAFBG2HUlW4F6GZBQqM4m65HjynCy5d_Ae7KnEuwCn1DMSzY4Z4VEEaPFS74E6ymsmQQfkj4m2LWpW4nRnIy0JnyHGqna39tKP0TF_1TAQkYdEwSp6ppEiDN219WLGh7KEwIqBbgz1RfCDZqmjnnJ26VaLCPVXaKfNNfeFBDX5gFm3Tx6MfcUEiBM632obapKOc0YnstWKDGbeQGKVdG5u300fzsa0k-h3wLiAo1vezQqOOvG2bP6Di-vQORHHr47KqltOTh8mGSXg7gqvGGQ1RicNP2wal4qyfBweYcsUfbZsWnXjWX59MHju150UiEEUysQJBhxAGi8_pcdJTWBAUifCHQ4zlEa9y1hd72TS4%2526sai%253DAMfl-YSE1W8SGsOt4bKFwn5feZe5C_eTbz7lXx4a3hFQ0fh-ZqjEgNpA99hQivlC9X4Qr3tWkkQ_GR9RgkfQ_r-I2W6ge-_tqLBehmLZViCOmfCvAX1aoMybPZYuZnXi%2526sig%253DCg0ArKJSzP1PwAV28WUeEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&cb=1817257075&domain=N2182548.2810019NEWSCORPAUSTRALI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.heraldsun.com.au/

Response headers

request-context
appId=cid-v1:8527b91e-6382-46d9-9ab2-ac92345de2c8
cf-ray
8d75bf66eb50a81f-SYD
content-length
0
cf-cache-status
DYNAMIC
date
Thu, 24 Oct 2024 00:11:06 GMT
server
cloudflare
view
ad.doubleclick.net/pcs/ Frame E01F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu2_gAmekMGuw9ho8jd3Ls13ftJ-bxvzcIC-HwBtlTDoTLsipj8sbxyewtMjtWFwdIEhgKeLhQrwQqrvzDoAEHPzp4muvBFANSVH3783DkcMVCnu719H1FHODv4eaLHJ1LKXtVoyh-EHhfchFCYn8ytuNxBMJ-f1TqRQgJD0juG_bLB0eMocMfx7cM1Ne6lhUIbq5Zet79XmQNF1dgsgfZHCAEQ_HT4qgAe3WAAZw&sai=AMfl-YR-IYSY0sdlYP7Lj2Bos2iTvmQItk5ft0xbBr3H6ARXs6LoCkQ0lGVr3b8pIcKVYQIf28K1IzYMX521mTz4gMm3QwJ41Y_QRz8&sig=Cg0ArKJSzA9Qqxe6432QEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9hcHAubGluaw&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=912&vt=11&dtpt=911&dett=4&cstd=0&cisv=r20241022.29607&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402385435;dc_ver=102.299;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;dc_adk=3381720797;ord=cava8p;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3QYV6rAFBG2HUlW4F6GZBQqM4m65HjynCy5d_Ae7KnEuwCn1DMSzY4Z4VEEaPFS74E6ymsmQQfkj4m2LWpW4nRnIy0JnyHGqna39tKP0TF_1TAQkYdEwSp6ppEiDN219WLGh7KEwIqBbgz1RfCDZqmjnnJ26VaLCPVXaKfNNfeFBDX5gFm3Tx6MfcUEiBM632obapKOc0YnstWKDGbeQGKVdG5u300fzsa0k-h3wLiAo1vezQqOOvG2bP6Di-vQORHHr47KqltOTh8mGSXg7gqvGGQ1RicNP2wal4qyfBweYcsUfbZsWnXjWX59MHju150UiEEUysQJBhxAGi8_pcdJTWBAUifCHQ4zlEa9y1hd72TS4%26sai%3DAMfl-YSE1W8SGsOt4bKFwn5feZe5C_eTbz7lXx4a3hFQ0fh-ZqjEgNpA99hQivlC9X4Qr3tWkkQ_GR9RgkfQ_r-I2W6ge-_tqLBehmLZViCOmfCvAX1aoMybPZYuZnXi%26sig%3DCg0ArKJSzP1PwAV28WUeEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=rq1h9aU'CN;gcsr=m;stc=1;chaa=1;sttr=259;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f38.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:11:06 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:06 GMT
x-xss-protection
0
content-type
image/png
attribution-reporting-register-source
{"aggregation_keys":{"628667540":"0x3d274bd8b1a7c5a40000000000000000","628667541":"0x34b2461d62fcb2ea0000000000000000","628667542":"0x7e030552c1b702520000000000000000","628667543":"0x90b099266313f0c00000000000000000"},"debug_key":"1788850770889010867","debug_reporting":true,"destination":["https://tab.com.au","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,604800,2592000]},"expiry":"691200","filter_data":{"14":[],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["13954933"]},"max_event_level_reports":2,"priority":"0","source_event_id":"10706308462824482895"}
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame E01F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHHumfzbe1oHw0pu6b-vucsSLw0ybZG4dY9YL1nEkpRhmT9Nd51X_nwGUJRp1nniFlDESQFJ_uufYmGDgH7eeTNog3QLni_B-h65Zo4sgsTbhEIXImiMXNeCGjTjOL8Vrjw_142QZdT78ridIwfK4ERcfSzo32nioAzZW3kj07CW-ITjEvCAVD_d59-YTbBSZQcc6Mtr727-oTAmpTsPmc4x3hTySNM30v2kjbsqLJlPbtAdv4nKSEJ-vC5p141paPmVnCmUXajg0lxYCm85o3ZQpCt_IPsJ556c9dYMUKzmesp6NEHZxZscI4_h6lrOKEWB8TASqmRjGDxGh6R55irW0SpSRWn3WJ7-W53jCwIvFn9nSoqVv_ULwvDKoF9Hn3R3s&sai=AMfl-YQxnACWCZie8ywltoD8ixk3rlgPaPHPAM0yBpCQHIXc1DvHs4w8tSsuAyPBp-bEsFsrVU_ZOdqB5bqR4bcq6b2ZOwy6M3FMc7k1X-XfHR510aj4lJ0VvTAJb7X1&sig=Cg0ArKJSzDnxdwrkCZ9_EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:11:06 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:06 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cdd1ba3-f425-afb6-7f64-946745d9735b&tv=%7Bc:s2BJXm,pingTime:-2,time:1309,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:337,beZ:339,mfA:1159,cmA:1160,inA:1160,inZ:1162,prA:1162,prZ:1168,si:1173,poA:1173,poZ:1185,cmZ:1185,mfZ:1185,loA:1408,loZ:1410,ecZ:1426,ltA:1633,ltZ:1633,mdA:340,mdZ:707%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1309,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:1298.624.300.90,am:i,cc:1298.624.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B487~100%5D,as:%5B487~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g1%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1j*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:836,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_5,google_ads_iframe_/5129/ndm.hwt/home_5__container__,ad-block-300x90-1,group_tops,group_tops%5D,sis:1089,sinceFw:459,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:06 GMT
content-type
image/gif
server
nginx
x-server-name
dt26.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=70969dc1-d50c-64ec-f6bd-3334191dafa2&tv=%7Bc:s2BJXo,pingTime:-2,time:1243,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:346,beZ:349,mfA:1129,cmA:1130,inA:1130,inZ:1132,prA:1132,prZ:1137,si:1142,poA:1143,poZ:1154,cmZ:1154,mfZ:1154,loA:1358,loZ:1366,ecZ:1369,ltA:1589,ltZ:1589,mdA:350,mdZ:648%7D%7D,sca:%7Blts:2024-10-24%2008.11.06,dfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:796%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1243,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:796,wc:180.180.1600.1200,ac:1298.13828.300.250,am:i,cc:1298.13828.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B467~0%5D,as:%5B467~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g1%7C1h1%7C1i*.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1i*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:797,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_2,google_ads_iframe_/5129/ndm.hwt/home_2__container__,ad-block-300x250-2%5D,sis:1023,sinceFw:446,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:06 GMT
content-type
image/gif
server
nginx
x-server-name
dt35.va.303net.net
activeview
pagead2.googlesyndication.com/pcs/ Frame DC9B 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyhHISvjSxFz0b907OFT1i0kqiApezqCRCF-faITgiQ1oAecRDhnBQ_7SdvwHxwIHgjtKg7QfS7WAFLLE3VtQmSL0sYv037hLYC3mXtss0x7rg2PMUmOEEb_Ucb_-SrIqI5tABI5LUDid_PbKitmJytnw21ws4ODtsE9ljHhJiyDGblDBbO7vdkWBz84DA10rQSA&sig=Cg0ArKJSzBC8QyRcnTMqEAE&id=lidar2&mcvt=1216&p=488,1118,578,1418&tm=1668.5&tu=452.2000000476837&mtos=1216,1216,1216,1216,1216&tos=1216,0,0,0,0&v=20241023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2320616304&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2566146500&rst=1729728664933&rpt=606&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 00:11:06 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ec10f065-7462-e9ea-ed20-9781b44dd93f&tv=%7Bc:s2BJY2,pingTime:0,time:406,type:pf,sca:%7Blts:2024-10-24%2008.11.06%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:196%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:406,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:196,wc:180.180.1600.1200,ac:1298.740.300.250,am:i,cc:1298.740.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B221~100%5D,as:%5B221~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:us4JcS4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h1%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1n%7C1o,idMap:1g*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:197%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:06 GMT
content-type
image/gif
server
nginx
x-server-name
dt55.va.303net.net
sca.17.6.4.js
static.adsafeprotected.com/ Frame B549 		91 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25f0:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
age
95808
x-cache
Hit from cloudfront
x-amz-cf-id
FIfgtXMDANM1HNkGgQt72cwPJEw0sljVe0XgdlNMECYxxaRLoiPcyw==
date
Tue, 22 Oct 2024 21:34:19 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 13 May 2024 16:44:02 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
mon
pixel.adsafeprotected.com/ 		43 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=728x90|2&pubId=4570579583&chanId=171638111&placementId=6765373081&pubCreative=138493502322&pubOrder=3573136523&cb=571927999&custom=homepage&custom3=168400391&adsafe_par&impId=740058b8-919c-11ef-9989-4a6c65c49a86&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:6b6bafa8-b599-c6d2-4c6b-8806c64c2736,c:s2BJYF,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-55c7f7c47d-59vs7,rg:au,pt:1-5-15,wc:180.180.1600.1200,ac:616.7663.728.90,am:i,cc:616.7663.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.IASCertification1,mtim:252,mot:0,app:0,maw:0,tdt:s,fm:us4JcUS+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f1%7C1f2%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1n%7C1o,idMap:1h*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:271,oid:767835d2-919c-11ef-9a33-ea63d98d3350,v:19.8.544,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.62.126.64 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-126-64.ap-southeast-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:06 GMT
pragma
no-cache
content-type
image/gif
server
Apache-Coyote/1.1
/
c.bannerflow.net/tr/v2/pixel/ Frame A707 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66c838879059f612fc3010f3?did=5ced17d285b1c200019c3fe1&deeplink=on&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuMF_ppYH_sQYxkn4RwJfZkrtJYPtLeJ1-noGWpiRkVvXgQGYOwH_kdWV8FEDW7d1fdep3foF86msdkxbXQNoeDT3JdqSBrGIG3xsUkjgNvqt4VMvu81XLE4k89y3coM47fpzRYfF0qBL1uazEP8KGKxCx6ke-9sldBQ1914pDo6c4469Lugkf1Zp1n2vOE-aCnplrp0mSGkrb64dKOo0ik0S-GHU7ch79daTD1PgyUjuCu5wJK1o127ofsHxg%26sai%3DAMfl-YR4aPNjC2Di7l60UxwWz0Oi6CLWAs9_RqmeUxaIxXRqoCvs8LB1FrbYkL2SIPExClXlWfGh0nr2V75j2mNZwGqfj63McWtgLC4%26sig%3DCg0ArKJSzFowJMvr0nnWEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsv3ZxqyjbmDqcSK_EG4txABIMqHoRNChLQg1Ul39WL7NFPKkVYD39kLCuViHCa3tXC7OkWylXkMkuwjeyxgGFZPERoXVQmz03_XxQoFkg4vrxvpiegO3zrJkBBefmB8xujXH79PCtnh1zYcz8jpB5ReRmP_x67bCk6KQnjGChoPDlN4j7gs8BZJKZmaUPQpoCi2DmURFjDssz9ryNTiL6WGCLTmKBpN-plqC7RahsWtPQlQEuq9ADA4ZdR6_SWe8_9XGpyK9LiszfaH-5B78MIpSgrXOK6zi59aKLqyTcsPYePLJnVLFs8PDYFZym_vkM87nbvd3tyqK_afAkd3pICglIsFKDgv7twY7zm2ggtbZEPgQKI%2526sai%253DAMfl-YTyL6w0Xhu3izJPJYJNwauHfX2q-yfMHep141ydwDNMkmrs4BtjM9jBXlvcN8KLeTQGJI641f469YZAmTsf-nzQ2f3PUVyGI-eWNifahOuuMXHuU2-B54tiQznh%2526sig%253DCg0ArKJSzHuSSnmg46imEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&cb=917676590&domain=N2182548.2810019NEWSCORPAUSTRALI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.heraldsun.com.au/

Response headers

request-context
appId=cid-v1:8527b91e-6382-46d9-9ab2-ac92345de2c8
cf-ray
8d75bf682ce5a81f-SYD
content-length
0
cf-cache-status
DYNAMIC
date
Thu, 24 Oct 2024 00:11:07 GMT
server
cloudflare
view
ad.doubleclick.net/pcs/ Frame A707 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvNfSsb4PqXff2LSovy3ZOCZtLaSbN3IkBYv7SjY3c29zMUm0azeeMMJfjKzIAn36qxXm666w4UyDolxz3AzIqsbgaMGfTonHlF-Vv3EZBOXSPSQYoI3j2Ym0a3PxXVAgljd4MXHQVcAahDt4M3HgpS5jXdC8u7vb2k8WNzvS1m4VxnwILbenTYT6MvzEgOeCrbee0hDF0z4-ZGjIzkynod17KpZbrsKGsPsMOJFw&sai=AMfl-YS66ONHC8yAAqn6YQJnqZBL6NJ35E23WY_s99lfNhxC-0raxIBuFAOYnZ133ILHwUwCo6FfCHbOHlJhHW_7HvY9eFgfea7CPPY&sig=Cg0ArKJSzLRLatA9kxNKEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9hcHAubGluaw&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=972&vt=11&dtpt=970&dett=4&cstd=0&cisv=r20241022.68035&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2182548.2810019NEWSCORPAUSTRALI/B32551608.402385438;dc_ver=102.299;sz=728x90;u_sd=1;nel=1;dc_adk=2291409874;ord=m5gic7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv3ZxqyjbmDqcSK_EG4txABIMqHoRNChLQg1Ul39WL7NFPKkVYD39kLCuViHCa3tXC7OkWylXkMkuwjeyxgGFZPERoXVQmz03_XxQoFkg4vrxvpiegO3zrJkBBefmB8xujXH79PCtnh1zYcz8jpB5ReRmP_x67bCk6KQnjGChoPDlN4j7gs8BZJKZmaUPQpoCi2DmURFjDssz9ryNTiL6WGCLTmKBpN-plqC7RahsWtPQlQEuq9ADA4ZdR6_SWe8_9XGpyK9LiszfaH-5B78MIpSgrXOK6zi59aKLqyTcsPYePLJnVLFs8PDYFZym_vkM87nbvd3tyqK_afAkd3pICglIsFKDgv7twY7zm2ggtbZEPgQKI%26sai%3DAMfl-YTyL6w0Xhu3izJPJYJNwauHfX2q-yfMHep141ydwDNMkmrs4BtjM9jBXlvcN8KLeTQGJI641f469YZAmTsf-nzQ2f3PUVyGI-eWNifahOuuMXHuU2-B54tiQznh%26sig%3DCg0ArKJSzHuSSnmg46imEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=rq1h9aU'CN;gcsr=m;stc=1;chaa=1;sttr=265;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f38.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:11:06 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:06 GMT
x-xss-protection
0
content-type
image/png
attribution-reporting-register-source
{"aggregation_keys":{"628667540":"0x3d274bd8b1a7c5a40000000000000000","628667541":"0x34b2461d62fcb2ea0000000000000000","628667542":"0x7e030552c1b702520000000000000000","628667543":"0x4a5dc7e7484bfa3d0000000000000000"},"debug_key":"10381693509871566524","debug_reporting":true,"destination":["https://tab.com.au","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,604800,2592000]},"expiry":"691200","filter_data":{"14":[],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["13954933"]},"max_event_level_reports":2,"priority":"0","source_event_id":"11802924399706042032"}
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame A707 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstilsQrngpxX7WyLV54T49IBeoLzhvvKQ0TYQS2k_0sgLmO0EQAWsiXLlpSYm3LpNN6WYxMoUn-RJigjXf9tXNE5CYJn4qeXo1DaNZIio_lZjJU-fzBJ0DSIVWlriG6mP2nbahyxA8VQwt-lkW53BDeAp39bRWM76hCrzK9fJeVt0yBcg_MYr4f_nr-xYzVUGhoAx9KjLid1qKuXdIOQxO-KgTzK0IjaqbLYLm4tSE28ED6Cn9YGwehpxQz5R8c0qFuyKtLFANkHi-wVY4PT2IyYuQB-Z4L1Im0JJ0W5AfPRGVPV0YuLX8aUJ2XBnBU6QnnjoxNJJ4NZMg1A5iZutspcDhHy0v7FdNh2HV63qJsco3vPIapl6WZsiFrz0z7ur5EK_E&sai=AMfl-YTmKcbGkwMUafa-EfzIewBJYRlDxCtDFUnMkgMjM5RX7vD0MBdgBia4tFH9GAbuNhZTpns91fCAcO3d4uuzEykT408XfhmfYyvmen2sPzoZZxbRbGfb764sQUYZ&sig=Cg0ArKJSzGaUBvlgHi1LEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:11:06 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 24 Oct 2024 00:11:06 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ec10f065-7462-e9ea-ed20-9781b44dd93f&tv=%7Bc:s2BK08,pingTime:-2,time:536,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:533,beZ:535,mfA:717,cmA:718,inA:718,inZ:720,prA:720,prZ:725,si:730,poA:730,poZ:763,cmZ:763,mfZ:763,loA:944,loZ:946,ecZ:1029,ltA:1068,ltZ:1068,mdA:536,mdZ:536%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.254,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:196%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:536,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:196,wc:180.180.1600.1200,ac:1298.740.300.250,am:i,cc:1298.740.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B350~100%5D,as:%5B350~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:us4JcS4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h1%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1n%7C1o,idMap:1g*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:197,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1,group_tops,group_tops%5D,sis:497,sinceFw:339,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt23.va.303net.net
1px.gif
dcollector.bonzai.co/ Frame 4885 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzI5NzI4NjY2OTQ5LCJmaSI6ZmFsc2UsInRrIjoiNmFlZjhiNmJjNDdlMTE5NTJmYzEyYmRjYjI2YTY1MTEiLCJhZCI6IjI2NjYxMDY1NTg5MDA3NTI4NzgiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjYzNzU3ODA3NDA0NDIyMTM1IiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSBmdW5jdGlvbiBjYWxsZWQsIGR0c01haW4ifQ==&etc=0.7558626647902569
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:9e00:16:b51d:cf40:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

etag
"28d6814f309ea289f847c69cf91194c6"
age
30586
via
1.1 c2fff340a6d5f4b9c17041a88b37f0f4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
35
x-amz-cf-id
S8DZGAhOJnt5yV3FAmGzSJWGmrulIF4fM-FPRKFmZM5F7H4UD36kSA==
date
Wed, 23 Oct 2024 15:41:21 GMT
content-type
image/gif
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
rec
collector.bonzai.co/ Frame 4885 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJicGlkIjoiZHRzTWFpbiIsInBhZ2VJZCI6ImR0c01haW4iLCJ3aWR0aCI6MTkyMCwiaGVpZ2h0IjoxMDgwLCJldiI6ImluaXRpYWxfYnAiLCJldm4iOiJpbml0aWFsX2JwIiwiZXZ0IjoiQXV0byIsImZpIjpmYWxzZSwibyI6InBvcnRyYWl0IiwiY3R6IjotNDgwLCJjdHMiOjE3Mjk3Mjg2NjY5NTMsIm1vZGUiOiJsaXZlIiwidGsiOiI2YWVmOGI2YmM0N2UxMTk1MmZjMTJiZGNiMjZhNjUxMSIsImFkIjoiMjY2NjEwNjU1ODkwMDc1Mjg3OCJ9&etc=0.22591683607963597
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:1000:a:709a:e000:93a1 , United States, ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
expries
-1
pragma
no-cache
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
gGSpeaVFmt8Kwj43OcdENmtJ80xurZ-5V3CQT_AgLH-bjoH75uG1gw==
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
vary
Accept-Encoding
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
truncated
/ 		44 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9659927633b64bb3f9c5de0f3a5c1a4c4dee37c54b7bb476a455ace8654d521c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Content-Type
image/jpeg
e99efedc-bd6e-4cfd-8215-63420d58e82e_v1_5.jpg
massets.bonzai.co/ Frame 4885 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/e99efedc-bd6e-4cfd-8215-63420d58e82e_v1_5.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277a:2400:5:ff46:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e76eac9832bef72153fd582a66ab73c92f0041c3f374bddfe5a4a6d87371206f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
etag
"57b7cf0e578802d75cce3ce30e623b81"
age
508239
via
1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
28691
x-amz-cf-id
BzBR21gv-3yPMNPd-U73W-Xm55NyoLbq-LiSjdVmD87IZmBFwZjy9Q==
date
Fri, 18 Oct 2024 03:00:28 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:38:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
9e05b416-6ff3-4377-8abe-9e0c4218f3e6_v1_5.jpg
massets.bonzai.co/ Frame 4885 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/9e05b416-6ff3-4377-8abe-9e0c4218f3e6_v1_5.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277a:2400:5:ff46:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35bfa7667debe721daec994bce4582005c529d188c6a8fafe4f82282a5229c62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
etag
"b0079bf2ae3d9422053877c795697c8a"
age
508238
via
1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
191269
x-amz-cf-id
01yhev_ZLFOZq9gTtM8HdIcJSEHANaGJ6WbAHVTgFaclrTZsPe-IVw==
date
Fri, 18 Oct 2024 03:00:28 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:38:16 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
188e3511-8b7a-4cc8-8f93-657070972f25_v1_5.jpg
massets.bonzai.co/ Frame 4885 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/188e3511-8b7a-4cc8-8f93-657070972f25_v1_5.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277a:2400:5:ff46:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e79e8f88809f10c0c0710e3489e1fd554d92670c8740c18349ec47b33a52b1b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
etag
"439f6dce20bcd53272e976814dd4002d"
age
508238
via
1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
74658
x-amz-cf-id
d2rX2HWfK-8HVpvA_W2xxx--UEYzoWuSZZna_Zyl6UNA72iA2MGuWA==
date
Fri, 18 Oct 2024 03:00:28 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:38:25 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
3e3a1779-8b89-4f72-9285-850359468b13_v1_5.jpg
massets.bonzai.co/ Frame 4885 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/3e3a1779-8b89-4f72-9285-850359468b13_v1_5.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277a:2400:5:ff46:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88ef66930de209e8aa2068c8abc9e7a601be489672bcda0f2bb1e903fecc2fa8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
etag
"3b929b149f97f9a2a6f5d14b31597b84"
age
508238
via
1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
48790
x-amz-cf-id
aS3JvZbXfXkMlSH4pvhuzQuDcUXFTh2iwEgXiBtD734Q8znHMheZMg==
date
Fri, 18 Oct 2024 03:00:29 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:38:21 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
5e492c78-4ca3-4095-a40c-e88d6e7aee0f_v1_5.jpg
massets.bonzai.co/ Frame 4885 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/5e492c78-4ca3-4095-a40c-e88d6e7aee0f_v1_5.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277a:2400:5:ff46:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c98e6603fd49de651e18dc99bb708193a316e0f75f3586a5fcb34888f8368361

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
etag
"70c37e647c186f995d29f7d6884be6e3"
age
508238
via
1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
118210
x-amz-cf-id
5DsLyWDPKyyQelHxEAY1vv2kpaLTu1bN2t4vwTh8D4aLZk_JjzxlKw==
date
Fri, 18 Oct 2024 03:00:29 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:38:19 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=6b6bafa8-b599-c6d2-4c6b-8806c64c2736&tv=%7Bc:s2BK12,pingTime:-2,time:418,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:566,beZ:574,mfA:819,cmA:820,inA:820,inZ:823,prA:823,prZ:830,si:838,poA:838,poZ:850,cmZ:850,mfZ:850,loA:934,loZ:938,ecZ:965,ltA:984,ltZ:984,mdA:575,mdZ:575%7D%7D,sca:%7Blts:2024-10-24%2008.11.06,dfp:%7Bdf:3,sz:728.94,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:270%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:418,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:270,wc:180.180.1600.1200,ac:616.7663.728.90,am:i,cc:616.7663.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B164~0%5D,as:%5B164~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:us4JcUS+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f1%7C1f2%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1n%7C1o,idMap:1h*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:271,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-728x90-2%5D,sis:398,sinceFw:147,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt01.va.303net.net
e99efedc-bd6e-4cfd-8215-63420d58e82e_v1_5.jpg
massets.bonzai.co/ 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/e99efedc-bd6e-4cfd-8215-63420d58e82e_v1_5.jpg
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2666106558900752878_1729221724613_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277a:2400:5:ff46:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e76eac9832bef72153fd582a66ab73c92f0041c3f374bddfe5a4a6d87371206f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
etag
"57b7cf0e578802d75cce3ce30e623b81"
age
508239
via
1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
28691
x-amz-cf-id
BzBR21gv-3yPMNPd-U73W-Xm55NyoLbq-LiSjdVmD87IZmBFwZjy9Q==
date
Fri, 18 Oct 2024 03:00:28 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:38:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
9e05b416-6ff3-4377-8abe-9e0c4218f3e6_v1_5.jpg
massets.bonzai.co/ 		187 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/9e05b416-6ff3-4377-8abe-9e0c4218f3e6_v1_5.jpg
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2666106558900752878_1729221724613_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277a:2400:5:ff46:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35bfa7667debe721daec994bce4582005c529d188c6a8fafe4f82282a5229c62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
etag
"b0079bf2ae3d9422053877c795697c8a"
age
508238
via
1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
191269
x-amz-cf-id
01yhev_ZLFOZq9gTtM8HdIcJSEHANaGJ6WbAHVTgFaclrTZsPe-IVw==
date
Fri, 18 Oct 2024 03:00:28 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:38:16 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
188e3511-8b7a-4cc8-8f93-657070972f25_v1_5.jpg
massets.bonzai.co/ 		73 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/188e3511-8b7a-4cc8-8f93-657070972f25_v1_5.jpg
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2666106558900752878_1729221724613_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277a:2400:5:ff46:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e79e8f88809f10c0c0710e3489e1fd554d92670c8740c18349ec47b33a52b1b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
etag
"439f6dce20bcd53272e976814dd4002d"
age
508238
via
1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
74658
x-amz-cf-id
d2rX2HWfK-8HVpvA_W2xxx--UEYzoWuSZZna_Zyl6UNA72iA2MGuWA==
date
Fri, 18 Oct 2024 03:00:28 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:38:25 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
3e3a1779-8b89-4f72-9285-850359468b13_v1_5.jpg
massets.bonzai.co/ 		48 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/3e3a1779-8b89-4f72-9285-850359468b13_v1_5.jpg
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2666106558900752878_1729221724613_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277a:2400:5:ff46:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88ef66930de209e8aa2068c8abc9e7a601be489672bcda0f2bb1e903fecc2fa8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
etag
"3b929b149f97f9a2a6f5d14b31597b84"
age
508238
via
1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
48790
x-amz-cf-id
aS3JvZbXfXkMlSH4pvhuzQuDcUXFTh2iwEgXiBtD734Q8znHMheZMg==
date
Fri, 18 Oct 2024 03:00:29 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:38:21 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
5e492c78-4ca3-4095-a40c-e88d6e7aee0f_v1_5.jpg
massets.bonzai.co/ 		115 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/5e492c78-4ca3-4095-a40c-e88d6e7aee0f_v1_5.jpg
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2666106558900752878_1729221724613_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277a:2400:5:ff46:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c98e6603fd49de651e18dc99bb708193a316e0f75f3586a5fcb34888f8368361

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=31536000
etag
"70c37e647c186f995d29f7d6884be6e3"
age
508238
via
1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
118210
x-amz-cf-id
5DsLyWDPKyyQelHxEAY1vv2kpaLTu1bN2t4vwTh8D4aLZk_JjzxlKw==
date
Fri, 18 Oct 2024 03:00:29 GMT
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 00:38:19 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
1px.gif
dcollector.bonzai.co/ Frame 4885 		35 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzI5NzI4NjY3MDQ3LCJmaSI6ZmFsc2UsInRrIjoiNmFlZjhiNmJjNDdlMTE5NTJmYzEyYmRjYjI2YTY1MTEiLCJhZCI6IjI2NjYxMDY1NTg5MDA3NTI4NzgiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjYzNzU3ODA3NDA0NDIyMTM1IiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSByZWFkeSwgKiJ9&etc=0.9185533614139894
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:9e00:16:b51d:cf40:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

etag
"28d6814f309ea289f847c69cf91194c6"
age
30587
via
1.1 c2fff340a6d5f4b9c17041a88b37f0f4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
35
x-amz-cf-id
t8OgEtncwRd9nQWEzCUoQU0OYKsqa8h9AiFHMAjrbcCM3ibsCXVRMw==
date
Wed, 23 Oct 2024 15:41:21 GMT
content-type
image/gif
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
1px.gif
dcollector.bonzai.co/ Frame 4885 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzI5NzI4NjY3MDgyLCJmaSI6ZmFsc2UsInRrIjoiNmFlZjhiNmJjNDdlMTE5NTJmYzEyYmRjYjI2YTY1MTEiLCJhZCI6IjI2NjYxMDY1NTg5MDA3NTI4NzgiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjYzNzU3ODA3NDA0NDIyMTM1IiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSByZWFkeSwgZHRzTWFpbiJ9&etc=0.7465155636458731
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:9e00:16:b51d:cf40:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

etag
"28d6814f309ea289f847c69cf91194c6"
age
30587
via
1.1 c2fff340a6d5f4b9c17041a88b37f0f4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
35
x-amz-cf-id
6XpCevKavEjV9kMuWGfrKf9iSMKzpe4gYZXeI5nRssbWZiCv4PDApw==
date
Wed, 23 Oct 2024 15:41:21 GMT
content-type
image/gif
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
1px.gif
dcollector.bonzai.co/ Frame 4885 		35 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzI5NzI4NjY3MTY4LCJmaSI6ZmFsc2UsInRrIjoiNmFlZjhiNmJjNDdlMTE5NTJmYzEyYmRjYjI2YTY1MTEiLCJhZCI6IjI2NjYxMDY1NTg5MDA3NTI4NzgiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjYzNzU3ODA3NDA0NDIyMTM1IiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSBsb2FkLCAqIn0=&etc=0.7292537607963898
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:9e00:16:b51d:cf40:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

etag
"28d6814f309ea289f847c69cf91194c6"
age
30587
via
1.1 c2fff340a6d5f4b9c17041a88b37f0f4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
35
x-amz-cf-id
yGHQVb2vazUKRsUzBfMQBVvb3ckN7cRghWfUaSmd0jGIsEbrfNaMQg==
date
Wed, 23 Oct 2024 15:41:21 GMT
content-type
image/gif
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
1px.gif
dcollector.bonzai.co/ Frame 4885 		35 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzI5NzI4NjY3MTY4LCJmaSI6ZmFsc2UsInRrIjoiNmFlZjhiNmJjNDdlMTE5NTJmYzEyYmRjYjI2YTY1MTEiLCJhZCI6IjI2NjYxMDY1NTg5MDA3NTI4NzgiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjYzNzU3ODA3NDA0NDIyMTM1IiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSBsb2FkLCBkdHNNYWluIn0=&etc=0.14489354227458562
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:9e00:16:b51d:cf40:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

etag
"28d6814f309ea289f847c69cf91194c6"
age
30587
via
1.1 c2fff340a6d5f4b9c17041a88b37f0f4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
35
x-amz-cf-id
3v8tu-rIyPZuXQTokNIUfNcJsfrL_OgV2fcPP3LuXv2D0K3oHrWXuw==
date
Wed, 23 Oct 2024 15:41:21 GMT
content-type
image/gif
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
rec
collector.bonzai.co/ Frame 4885 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzI5NzI4NjY3MjE1LCJtb2RlIjoibGl2ZSIsInRrIjoiNmFlZjhiNmJjNDdlMTE5NTJmYzEyYmRjYjI2YTY1MTEiLCJhZCI6IjI2NjYxMDY1NTg5MDA3NTI4NzgifQ==&etc=0.8128022326643591
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:1000:a:709a:e000:93a1 , United States, ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
expries
-1
pragma
no-cache
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
5buMvXL2lkIPqspNVhggt-3KoC1YelSuM2eMc7jyIMKWb-b6S3LArQ==
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
vary
Accept-Encoding
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
rec
collector.bonzai.co/ Frame 4885 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzI5NzI4NjY3MzIyLCJtb2RlIjoibGl2ZSIsInRrIjoiNmFlZjhiNmJjNDdlMTE5NTJmYzEyYmRjYjI2YTY1MTEiLCJhZCI6IjI2NjYxMDY1NTg5MDA3NTI4NzgifQ==&etc=0.5955514225388803
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:1000:a:709a:e000:93a1 , United States, ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
expries
-1
pragma
no-cache
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
-JPaEvPy8hucdoDqZiZQjDGyI13biHeBM2SANuhzmam8UFLId1h2kw==
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
vary
Accept-Encoding
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cdd1ba3-f425-afb6-7f64-946745d9735b&tv=%7Bc:s2BK7f,pingTime:-10,time:1922,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTQ4MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTMwLjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1729728667376%7C%7C9fe1b694040f087ee722fefe58a09d25%7C%7Ce70c069864ec1ceef7523c2cc9b41fcd%7C%7C46547b4faed7e9da1fed13793b72e7b6%7C%7Cce26677761fdf3fd0198ad68b58c3652%7C%7C2da7d908b66840fe6e973ca1532c39db%7C%7C21811bab2131d3e21d9a2498ec054313%7C%7C52b4d9be766f3dee4901f7f044383d63%7C%7C1715618633,env:%7Bar:self.0%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt16.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=29b937a5-3e6d-1cc1-6fc7-7605d2e02781&tv=%7Bc:s2BK8X,pingTime:1,time:2034,type:p,env:%7Bar:self.0%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:776%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2034,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:775,wc:180.180.1600.1200,ac:180.180.970.250,am:i,cc:180.180.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1292~100%5D,as:%5B1292~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:731,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f*.10507%7C1f1%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:778,sis:1080%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt62.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=29b937a5-3e6d-1cc1-6fc7-7605d2e02781&tv=%7Bc:s2BK8X,pingTime:1,time:2034,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:776%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2034,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:775,wc:180.180.1600.1200,ac:180.180.970.250,am:i,cc:180.180.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1292~100%5D,as:%5B1292~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:731,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f*.10507%7C1f1%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:778,sis:1080%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt67.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=29b937a5-3e6d-1cc1-6fc7-7605d2e02781&tv=%7Bc:s2BK8Y,pingTime:1,time:2035,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:776%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2035,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:775,wc:180.180.1600.1200,ac:180.180.970.250,am:i,cc:180.180.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1293~100%5D,as:%5B1293~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:731,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f*.10507%7C1f1%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:778,sis:1080,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt61.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=29b937a5-3e6d-1cc1-6fc7-7605d2e02781&tv=%7Bc:s2BK92,pingTime:1,time:2039,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:776%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2039,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:775,wc:180.180.1600.1200,ac:180.180.970.250,am:i,cc:180.180.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1297~100%5D,as:%5B1297~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:731,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f*.10507%7C1f1%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:778,sis:1080,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt21.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=70969dc1-d50c-64ec-f6bd-3334191dafa2&tv=%7Bc:s2BK9f,time:1978,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1978,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:796,wc:180.180.1600.1200,ac:1298.13828.300.250,am:i,cc:1298.13828.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1193~0%5D,as:%5B1193~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:450,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i*.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1i*,rmeas:1,rend:1,renddet:IMG.qs,siq:797,sis:1023%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt23.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ec10f065-7462-e9ea-ed20-9781b44dd93f&tv=%7Bc:s2BK9g,time:1102,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1102,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:196,wc:180.180.1600.1200,ac:1298.740.300.250,am:i,cc:1298.740.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B916~100%5D,as:%5B916~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:280,fm:us4JcS4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1n%7C1o,idMap:1g*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:197,sis:497%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt24.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=6b6bafa8-b599-c6d2-4c6b-8806c64c2736&tv=%7Bc:s2BK9l,time:933,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:933,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:270,wc:180.180.1600.1200,ac:616.7663.728.90,am:i,cc:616.7663.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B679~0%5D,as:%5B679~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:301,fm:us4JcUS+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f1%7C1f2%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1n%7C1o,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:271,sis:398%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt28.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cdd1ba3-f425-afb6-7f64-946745d9735b&tv=%7Bc:s2BK9Q,pingTime:1,time:2083,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2083,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:1298.624.300.90,am:i,cc:1298.624.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1260~100%5D,as:%5B1260~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:452,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs,siq:836,sis:1089%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt09.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cdd1ba3-f425-afb6-7f64-946745d9735b&tv=%7Bc:s2BK9R,pingTime:1,time:2084,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2084,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:1298.624.300.90,am:i,cc:1298.624.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1261~100%5D,as:%5B1261~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:452,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs,siq:836,sis:1089%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt10.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cdd1ba3-f425-afb6-7f64-946745d9735b&tv=%7Bc:s2BK9S,pingTime:1,time:2085,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2085,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:1298.624.300.90,am:i,cc:1298.624.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1262~100%5D,as:%5B1262~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:452,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs,siq:836,sis:1089,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt11.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cdd1ba3-f425-afb6-7f64-946745d9735b&tv=%7Bc:s2BK9S,pingTime:1,time:2085,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2085,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:1298.624.300.90,am:i,cc:1298.624.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1262~100%5D,as:%5B1262~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:452,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs,siq:836,sis:1089,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt13.va.303net.net
rec
collector.bonzai.co/ Frame 4885 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzI5NzI4NjY3NjM4LCJtb2RlIjoibGl2ZSIsInRrIjoiNmFlZjhiNmJjNDdlMTE5NTJmYzEyYmRjYjI2YTY1MTEiLCJhZCI6IjI2NjYxMDY1NTg5MDA3NTI4NzgifQ==&etc=0.5805715158452494
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:1000:a:709a:e000:93a1 , United States, ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
expries
-1
pragma
no-cache
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
ZztYxPcyzh2rJTK6eAm61nXuGk_ydIf0Co4sIpMEaemqtTlXGskm4w==
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
vary
Accept-Encoding
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=29b937a5-3e6d-1cc1-6fc7-7605d2e02781&tv=%7Bc:s2BKbH,pingTime:-10,time:2204,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTQ4MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTMwLjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1729728667376%7C%7C9fe1b694040f087ee722fefe58a09d25%7C%7Ce70c069864ec1ceef7523c2cc9b41fcd%7C%7C46547b4faed7e9da1fed13793b72e7b6%7C%7Cce26677761fdf3fd0198ad68b58c3652%7C%7C2da7d908b66840fe6e973ca1532c39db%7C%7C21811bab2131d3e21d9a2498ec054313%7C%7C52b4d9be766f3dee4901f7f044383d63%7C%7C1715618633,sca:%7Bspg:7cdd1ba3-f425-afb6-7f64-946745d9735b%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt21.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ec10f065-7462-e9ea-ed20-9781b44dd93f&tv=%7Bc:s2BKcr,pingTime:-10,time:1299,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTQ4MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTMwLjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1729728667376%7C%7C9fe1b694040f087ee722fefe58a09d25%7C%7Ce70c069864ec1ceef7523c2cc9b41fcd%7C%7C46547b4faed7e9da1fed13793b72e7b6%7C%7Cce26677761fdf3fd0198ad68b58c3652%7C%7C2da7d908b66840fe6e973ca1532c39db%7C%7C21811bab2131d3e21d9a2498ec054313%7C%7C52b4d9be766f3dee4901f7f044383d63%7C%7C1715618633,sca:%7Bspg:7cdd1ba3-f425-afb6-7f64-946745d9735b%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt11.va.303net.net
activeview
pagead2.googlesyndication.com/pcs/ Frame E01F 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssB-NQbgPmvsc1nq3m-H3QX1Vucn-FVxZ2s7LqwsVkrQaJs3cIA5flQ2hSkN3EtAtaQYYJ512IgMexUTP_UxDG0eh29N4i_oodzRoDGKsYvyaP5EprXDadMoLXgXsnC1YxalApaXqxMXxL6Qe2lKC3o9Q&sig=Cg0ArKJSzFA72fyV6JbMEAE&id=lidar2&mcvt=1008&p=0,0,254,300&tm=1895.5&tu=887.8999998569489&mtos=0,1008,1008,1008,1008&tos=0,1008,0,0,0&v=20241023&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=32&adk=3381720797&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2566146500&rst=1729728664745&rpt=1973&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 00:11:07 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame E01F 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvC9_w7knHrhAx_ZR2zX57iZrBb-4rVKgAZJH7t_-1rWsfAPbeiNChBRgG1D7YKqY-dzhhdpPlG5VJ9ySO-A1la6eR9OgVvVdKIPUTROqRMMXSdMO9cXQmLsWNd7BrLmKGuRUxHvtnpOAWx1crVNNJn4NJs-F490BFq0W6JFV4Hf5xHVpcMSttG11iWmdsLcZWYFQ&sig=Cg0ArKJSzJJMTyNoMKPGEAE&id=lidar2&mcvt=1011&p=560,1118,810,1418&tm=1900.6000001430511&tu=889.7999999523163&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20241023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1263259910&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2566146500&rst=1729728664745&rpt=1963&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 00:11:07 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ec10f065-7462-e9ea-ed20-9781b44dd93f&tv=%7Bc:s2BKek,pingTime:1,time:1416,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:196%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1416,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:196,wc:180.180.1600.1200,ac:1298.740.300.250,am:i,cc:1298.740.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1230~100%5D,as:%5B1230~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:224,fm:us4JcS4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1n%7C1o,idMap:1g*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:197,sis:497%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt54.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ec10f065-7462-e9ea-ed20-9781b44dd93f&tv=%7Bc:s2BKel,pingTime:1,time:1418,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:196%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1418,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:196,wc:180.180.1600.1200,ac:1298.740.300.250,am:i,cc:1298.740.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1232~100%5D,as:%5B1232~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:224,fm:us4JcS4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1n%7C1o,idMap:1g*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:197,sis:497%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt22.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ec10f065-7462-e9ea-ed20-9781b44dd93f&tv=%7Bc:s2BKem,pingTime:1,time:1418,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:196%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1418,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:196,wc:180.180.1600.1200,ac:1298.740.300.250,am:i,cc:1298.740.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1232~100%5D,as:%5B1232~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:224,fm:us4JcS4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1n%7C1o,idMap:1g*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:197,sis:497,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt23.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ec10f065-7462-e9ea-ed20-9781b44dd93f&tv=%7Bc:s2BKem,pingTime:1,time:1418,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:196%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1418,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:196,wc:180.180.1600.1200,ac:1298.740.300.250,am:i,cc:1298.740.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1233~100%5D,as:%5B1233~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:224,fm:us4JcS4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1n%7C1o,idMap:1g*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:197,sis:497,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:07 GMT
content-type
image/gif
server
nginx
x-server-name
dt24.va.303net.net
generic1728974119905.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		486 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1728974119905.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
098b6603a9b8d276718ee07bcdb4a898f4507b138131081e8c788049a2ebf984
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
"61750331d7a163cb5008773268d623d5"
x-amz-version-id
qcBuf3vdcjKDgzLxAjtJr6n.WzROEGit
x-cache
HIT
date
Thu, 24 Oct 2024 00:11:08 GMT
last-modified
Tue, 15 Oct 2024 06:35:21 GMT
x-served-by
cache-syd10121-SYD
x-cache-hits
12214
content-type
application/javascript
x-amz-id-2
cs9tbAxV6xk/B+hdC2aM814r0lc2or95ZduIsx6y8YA7PyAnLXLuDZ4EUCkmDEzwOBlQ5sIHFeF1WnhZczzH+ZpPGTdSTlrFlY/YUx8eT+M=
strict-transport-security
max-age=31557600
vary
Accept-Encoding
cache-control
max-age=2592000
x-timer
S1729728668.072684,VS0,VE0
via
1.1 varnish
x-amz-request-id
5G4MSERBJW7B1Q80
accept-ranges
bytes
access-control-allow-origin
*
content-length
92917
server
AmazonS3
x-amz-server-side-encryption
AES256
up
insight.adsrvr.org/track/ Frame 0366 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0&paapi=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 24 Oct 2024 00:11:08 GMT
server
Kestrel
vary
Accept-Encoding
up
insight.adsrvr.org/track/ Frame 0987 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0&paapi=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 24 Oct 2024 00:11:08 GMT
server
Kestrel
vary
Accept-Encoding
token_create.js
ct.pinterest.com/static/ct/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
max-age=7200
timing-allow-origin
https://ct.pinterest.com
etag
"16d5d552603d86726ae439fc61299d42"
age
2167
x-cdn
fastly
alt-svc
h3=":443";ma=600
content-length
4103
date
Thu, 24 Oct 2024 00:11:08 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
ct.html
ct.pinterest.com/ Frame F564 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Thu, 24 Oct 2024 00:11:08 GMT
pinterest-version
4c367255c34ed9223ef8c37450ea65abc9db1e3c
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
1
x-pinterest-rid
1684983905820383
x-pinterest-rid-128bit
f2d620bdb641b868e9d6a75962bdee41
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=967E8D208BBB4A6BADEBEFE729EFFA36&RedC=c.clarity.ms&MXFR=09070CA5F1416177208A1987F5416FBD
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=967E8D208BBB4A6BADEBEFE729EFFA36&MUID=3220B060381E6BD03D9AA542392C6AF7
42 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=967E8D208BBB4A6BADEBEFE729EFFA36&MUID=3220B060381E6BD03D9AA542392C6AF7
Protocol
H2
Server
52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"58964c231919db1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Thu, 24 Oct 2024 00:11:08 GMT
content-type
image/gif
last-modified
Tue, 08 Oct 2024 00:29:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=967E8D208BBB4A6BADEBEFE729EFFA36&MUID=3220B060381E6BD03D9AA542392C6AF7
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DC50CBF517154F958E57DF6344B41B79 Ref B: SYD03EDGE1009 Ref C: 2024-10-24T00:11:09Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Thu, 24 Oct 2024 00:11:08 GMT
x-powered-by
ASP.NET
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202410210101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
a84f088ec44c4d44b8741b4e9b5e444c1f598b5a9d5a3a292eaab28051438c11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12776
date
Thu, 24 Oct 2024 00:11:08 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
syncframe
gum.criteo.com/ Frame E6EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 00:11:07 GMT
server
Kestrel
server-processing-duration-in-ticks
818558
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
data.000000AE77F104.js
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/9521384/11223296/ Frame E01F 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/9521384/11223296/data.000000AE77F104.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66c838879059f612fc3010f0?did=5ced17d285b1c200019c3fe1&deeplink=on&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsso0cKcOvs9a7HHXcjBnmx3_Q2McR-pnyyMVVaW17U5Jkx6p-DXCC_RPj2-EZm5NNTvrfsusomJMr1sVZPRlJw0AORV44d5QqCBFeG7uuC1aUc8_xyIrWUgYGWoXnKw54K9WNhAzPP2hpFK8nFWiq9zdL4cd2XeCFnRyHZ97W2jTEXJ3b8Fl6zgb705yMktgBtAwXlM3peygM8Z9AMrMwKfOhTHewrhn_gEIfX3FDOtH5ooEyeWYJVSEV0V6U4%26sai%3DAMfl-YTLbdBXU4pT7MqNM7JPBlymXLtBtXpcXuoEgWu0LrAWYYHxfGtpxzCx8lLnkK2aMeGBFxlon5sf_Akw3ZVRnnuJg7Rag5kYwXA%26sig%3DCg0ArKJSzC8d7bNlHiSdEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsv3QYV6rAFBG2HUlW4F6GZBQqM4m65HjynCy5d_Ae7KnEuwCn1DMSzY4Z4VEEaPFS74E6ymsmQQfkj4m2LWpW4nRnIy0JnyHGqna39tKP0TF_1TAQkYdEwSp6ppEiDN219WLGh7KEwIqBbgz1RfCDZqmjnnJ26VaLCPVXaKfNNfeFBDX5gFm3Tx6MfcUEiBM632obapKOc0YnstWKDGbeQGKVdG5u300fzsa0k-h3wLiAo1vezQqOOvG2bP6Di-vQORHHr47KqltOTh8mGSXg7gqvGGQ1RicNP2wal4qyfBweYcsUfbZsWnXjWX59MHju150UiEEUysQJBhxAGi8_pcdJTWBAUifCHQ4zlEa9y1hd72TS4%2526sai%253DAMfl-YSE1W8SGsOt4bKFwn5feZe5C_eTbz7lXx4a3hFQ0fh-ZqjEgNpA99hQivlC9X4Qr3tWkkQ_GR9RgkfQ_r-I2W6ge-_tqLBehmLZViCOmfCvAX1aoMybPZYuZnXi%2526sig%253DCg0ArKJSzP1PwAV28WUeEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&cb=1817257075&domain=N2182548.2810019NEWSCORPAUSTRALI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f8f05cb702fddf5599e01c8f5a16e47cc59c8b77a6f7e39afdfdc0e3abc82d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-md5
J/xQpwe7uZxnEl3TefCPEQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
etag
W/"0x8DCEF386E49DE23"
x-ms-version
2011-08-18
cf-cache-status
HIT
age
385864
content-encoding
br
cf-polished
origSize=21729
date
Thu, 24 Oct 2024 00:11:08 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 05:48:02 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
c6e3292f-301e-001b-1d26-22ebd0000000
cf-ray
8d75bf701fcaa81f-SYD
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
animated-creative.7f649ce56c880e3d07c5.js
c.bannerflow.net/scripts/ Frame E01F 		162 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.7f649ce56c880e3d07c5.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66c838879059f612fc3010f0?did=5ced17d285b1c200019c3fe1&deeplink=on&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsso0cKcOvs9a7HHXcjBnmx3_Q2McR-pnyyMVVaW17U5Jkx6p-DXCC_RPj2-EZm5NNTvrfsusomJMr1sVZPRlJw0AORV44d5QqCBFeG7uuC1aUc8_xyIrWUgYGWoXnKw54K9WNhAzPP2hpFK8nFWiq9zdL4cd2XeCFnRyHZ97W2jTEXJ3b8Fl6zgb705yMktgBtAwXlM3peygM8Z9AMrMwKfOhTHewrhn_gEIfX3FDOtH5ooEyeWYJVSEV0V6U4%26sai%3DAMfl-YTLbdBXU4pT7MqNM7JPBlymXLtBtXpcXuoEgWu0LrAWYYHxfGtpxzCx8lLnkK2aMeGBFxlon5sf_Akw3ZVRnnuJg7Rag5kYwXA%26sig%3DCg0ArKJSzC8d7bNlHiSdEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsv3QYV6rAFBG2HUlW4F6GZBQqM4m65HjynCy5d_Ae7KnEuwCn1DMSzY4Z4VEEaPFS74E6ymsmQQfkj4m2LWpW4nRnIy0JnyHGqna39tKP0TF_1TAQkYdEwSp6ppEiDN219WLGh7KEwIqBbgz1RfCDZqmjnnJ26VaLCPVXaKfNNfeFBDX5gFm3Tx6MfcUEiBM632obapKOc0YnstWKDGbeQGKVdG5u300fzsa0k-h3wLiAo1vezQqOOvG2bP6Di-vQORHHr47KqltOTh8mGSXg7gqvGGQ1RicNP2wal4qyfBweYcsUfbZsWnXjWX59MHju150UiEEUysQJBhxAGi8_pcdJTWBAUifCHQ4zlEa9y1hd72TS4%2526sai%253DAMfl-YSE1W8SGsOt4bKFwn5feZe5C_eTbz7lXx4a3hFQ0fh-ZqjEgNpA99hQivlC9X4Qr3tWkkQ_GR9RgkfQ_r-I2W6ge-_tqLBehmLZViCOmfCvAX1aoMybPZYuZnXi%2526sig%253DCg0ArKJSzP1PwAV28WUeEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&cb=1817257075&domain=N2182548.2810019NEWSCORPAUSTRALI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee86d9e977a1a015c82f82072cf101f840cb9a2faea377db968d617db79b8e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-md5
D/Nlhwd7HkFIY0LhaHSNVw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
etag
W/"0x8DCEEB9BA50738D"
x-ms-version
2011-08-18
cf-cache-status
HIT
age
94134
content-encoding
br
cf-polished
origSize=165939
date
Thu, 24 Oct 2024 00:11:08 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 14:41:04 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
eb3159c2-501e-0040-2b02-24d2eb000000
cf-ray
8d75bf701fcda81f-SYD
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
data.0000008D7B91E3.js
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/9521386/11223296/ Frame A707 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/9521386/11223296/data.0000008D7B91E3.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66c838879059f612fc3010f3?did=5ced17d285b1c200019c3fe1&deeplink=on&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuMF_ppYH_sQYxkn4RwJfZkrtJYPtLeJ1-noGWpiRkVvXgQGYOwH_kdWV8FEDW7d1fdep3foF86msdkxbXQNoeDT3JdqSBrGIG3xsUkjgNvqt4VMvu81XLE4k89y3coM47fpzRYfF0qBL1uazEP8KGKxCx6ke-9sldBQ1914pDo6c4469Lugkf1Zp1n2vOE-aCnplrp0mSGkrb64dKOo0ik0S-GHU7ch79daTD1PgyUjuCu5wJK1o127ofsHxg%26sai%3DAMfl-YR4aPNjC2Di7l60UxwWz0Oi6CLWAs9_RqmeUxaIxXRqoCvs8LB1FrbYkL2SIPExClXlWfGh0nr2V75j2mNZwGqfj63McWtgLC4%26sig%3DCg0ArKJSzFowJMvr0nnWEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsv3ZxqyjbmDqcSK_EG4txABIMqHoRNChLQg1Ul39WL7NFPKkVYD39kLCuViHCa3tXC7OkWylXkMkuwjeyxgGFZPERoXVQmz03_XxQoFkg4vrxvpiegO3zrJkBBefmB8xujXH79PCtnh1zYcz8jpB5ReRmP_x67bCk6KQnjGChoPDlN4j7gs8BZJKZmaUPQpoCi2DmURFjDssz9ryNTiL6WGCLTmKBpN-plqC7RahsWtPQlQEuq9ADA4ZdR6_SWe8_9XGpyK9LiszfaH-5B78MIpSgrXOK6zi59aKLqyTcsPYePLJnVLFs8PDYFZym_vkM87nbvd3tyqK_afAkd3pICglIsFKDgv7twY7zm2ggtbZEPgQKI%2526sai%253DAMfl-YTyL6w0Xhu3izJPJYJNwauHfX2q-yfMHep141ydwDNMkmrs4BtjM9jBXlvcN8KLeTQGJI641f469YZAmTsf-nzQ2f3PUVyGI-eWNifahOuuMXHuU2-B54tiQznh%2526sig%253DCg0ArKJSzHuSSnmg46imEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&cb=917676590&domain=N2182548.2810019NEWSCORPAUSTRALI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9550e9a27d8b3e72027ffc85107f30c96ac0e601a894caee99f71adb87d21936

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-md5
aNx4Pn2PedvLcaW7ehpB5Q==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
etag
W/"0x8DCEF386E0AAB1C"
x-ms-version
2011-08-18
cf-cache-status
HIT
age
249468
content-encoding
br
cf-polished
origSize=19247
date
Thu, 24 Oct 2024 00:11:08 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 05:48:02 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
ac451c3e-601e-0029-4b2e-22eba7000000
cf-ray
8d75bf701fd0a81f-SYD
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
animated-creative.7f649ce56c880e3d07c5.js
c.bannerflow.net/scripts/ Frame A707 		162 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.7f649ce56c880e3d07c5.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/66c838879059f612fc3010f3?did=5ced17d285b1c200019c3fe1&deeplink=on&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuMF_ppYH_sQYxkn4RwJfZkrtJYPtLeJ1-noGWpiRkVvXgQGYOwH_kdWV8FEDW7d1fdep3foF86msdkxbXQNoeDT3JdqSBrGIG3xsUkjgNvqt4VMvu81XLE4k89y3coM47fpzRYfF0qBL1uazEP8KGKxCx6ke-9sldBQ1914pDo6c4469Lugkf1Zp1n2vOE-aCnplrp0mSGkrb64dKOo0ik0S-GHU7ch79daTD1PgyUjuCu5wJK1o127ofsHxg%26sai%3DAMfl-YR4aPNjC2Di7l60UxwWz0Oi6CLWAs9_RqmeUxaIxXRqoCvs8LB1FrbYkL2SIPExClXlWfGh0nr2V75j2mNZwGqfj63McWtgLC4%26sig%3DCg0ArKJSzFowJMvr0nnWEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsv3ZxqyjbmDqcSK_EG4txABIMqHoRNChLQg1Ul39WL7NFPKkVYD39kLCuViHCa3tXC7OkWylXkMkuwjeyxgGFZPERoXVQmz03_XxQoFkg4vrxvpiegO3zrJkBBefmB8xujXH79PCtnh1zYcz8jpB5ReRmP_x67bCk6KQnjGChoPDlN4j7gs8BZJKZmaUPQpoCi2DmURFjDssz9ryNTiL6WGCLTmKBpN-plqC7RahsWtPQlQEuq9ADA4ZdR6_SWe8_9XGpyK9LiszfaH-5B78MIpSgrXOK6zi59aKLqyTcsPYePLJnVLFs8PDYFZym_vkM87nbvd3tyqK_afAkd3pICglIsFKDgv7twY7zm2ggtbZEPgQKI%2526sai%253DAMfl-YTyL6w0Xhu3izJPJYJNwauHfX2q-yfMHep141ydwDNMkmrs4BtjM9jBXlvcN8KLeTQGJI641f469YZAmTsf-nzQ2f3PUVyGI-eWNifahOuuMXHuU2-B54tiQznh%2526sig%253DCg0ArKJSzHuSSnmg46imEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&cb=917676590&domain=N2182548.2810019NEWSCORPAUSTRALI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee86d9e977a1a015c82f82072cf101f840cb9a2faea377db968d617db79b8e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-md5
D/Nlhwd7HkFIY0LhaHSNVw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
etag
W/"0x8DCEEB9BA50738D"
x-ms-version
2011-08-18
cf-cache-status
HIT
age
94134
content-encoding
br
cf-polished
origSize=165939
date
Thu, 24 Oct 2024 00:11:08 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 14:41:04 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
eb3159c2-501e-0040-2b02-24d2eb000000
cf-ray
8d75bf701fcda81f-SYD
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
rec
collector.bonzai.co/ Frame 4885 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzI5NzI4NjY4MjQxLCJtb2RlIjoibGl2ZSIsInRrIjoiNmFlZjhiNmJjNDdlMTE5NTJmYzEyYmRjYjI2YTY1MTEiLCJhZCI6IjI2NjYxMDY1NTg5MDA3NTI4NzgifQ==&etc=0.8172573467569582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:1000:a:709a:e000:93a1 , United States, ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
expries
-1
pragma
no-cache
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
G9iCW1A1x5U81pOWuH1L6p4YwZslhhlB6bG5xvujcH7HFTFGpZ7Dng==
date
Thu, 24 Oct 2024 00:11:08 GMT
content-type
image/gif
vary
Accept-Encoding
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=6b6bafa8-b599-c6d2-4c6b-8806c64c2736&tv=%7Bc:s2BKoP,pingTime:-10,time:1893,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTQ4MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTMwLjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1729728667376%7C%7C9fe1b694040f087ee722fefe58a09d25%7C%7Ce70c069864ec1ceef7523c2cc9b41fcd%7C%7C46547b4faed7e9da1fed13793b72e7b6%7C%7Cce26677761fdf3fd0198ad68b58c3652%7C%7C2da7d908b66840fe6e973ca1532c39db%7C%7C21811bab2131d3e21d9a2498ec054313%7C%7C52b4d9be766f3dee4901f7f044383d63%7C%7C1715618633,sca:%7Bspg:7cdd1ba3-f425-afb6-7f64-946745d9735b%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:08 GMT
content-type
image/gif
server
nginx
x-server-name
dt15.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=70969dc1-d50c-64ec-f6bd-3334191dafa2&tv=%7Bc:s2BKoS,pingTime:-10,time:2947,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTQ4MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTMwLjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1729728667376%7C%7C9fe1b694040f087ee722fefe58a09d25%7C%7Ce70c069864ec1ceef7523c2cc9b41fcd%7C%7C46547b4faed7e9da1fed13793b72e7b6%7C%7Cce26677761fdf3fd0198ad68b58c3652%7C%7C2da7d908b66840fe6e973ca1532c39db%7C%7C21811bab2131d3e21d9a2498ec054313%7C%7C52b4d9be766f3dee4901f7f044383d63%7C%7C1715618633,sca:%7Bspg:7cdd1ba3-f425-afb6-7f64-946745d9735b%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:08 GMT
content-type
image/gif
server
nginx
x-server-name
dt26.va.303net.net
sodar2.js
tpc.googlesyndication.com/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:11:09 GMT
alt-svc
h3=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
collect
o.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/

Response headers

Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Thu, 24 Oct 2024 00:11:08 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
truncated
/ Frame A707 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Content-Type
image/webp
8a2fc7f1-c021-49a3-9462-b95da41e270e
https://www.heraldsun.com.au/ Frame 121B 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://www.heraldsun.com.au/8a2fc7f1-c021-49a3-9462-b95da41e270e
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.7f649ce56c880e3d07c5.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
Content-Length
668
truncated
/ Frame E01F 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Content-Type
image/webp
863e09a4-2b48-4cfa-975c-05c40ec6c986
https://www.heraldsun.com.au/ Frame 7F49 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://www.heraldsun.com.au/863e09a4-2b48-4cfa-975c-05c40ec6c986
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.7f649ce56c880e3d07c5.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
Content-Length
668
rec
collector.bonzai.co/ Frame 4885 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzI5NzI4NjY4ODMzLCJtb2RlIjoibGl2ZSIsInRrIjoiNmFlZjhiNmJjNDdlMTE5NTJmYzEyYmRjYjI2YTY1MTEiLCJhZCI6IjI2NjYxMDY1NTg5MDA3NTI4NzgifQ==&etc=0.7314766253042218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:1000:a:709a:e000:93a1 , United States, ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
expries
-1
pragma
no-cache
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
PcinP5Yb1Qr6s4zdnhUeZ9sWv8zTeJZgYXUg0T9TtPWB2XIi6NTdcQ==
date
Thu, 24 Oct 2024 00:11:08 GMT
content-type
image/gif
vary
Accept-Encoding
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
font
c.bannerflow.net/fs/api/v2/ Frame A707 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F56b98d041daefa24141e6f8b%2F737a9e90-16b8-42af-8eba-dc58492ce506.woff&t=%20ABCEFGHIMNOPRST
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c446d5e057c9fa174b62b807a795fdd67c8fd117520bed37e43d6651a911da6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/

Response headers

server
cloudflare
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
HIT
age
604631
cf-ray
8d75bf75cc55aaf6-SYD
expires
Sun, 28 Sep 2025 14:16:42 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
3940
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
font/woff
content-disposition
attachment; filename=737a9e90-16b8-42af-8eba-dc58492ce506-subset.woff
vary
Accept-Encoding
last-modified
Sat, 28 Sep 2024 14:16:42 GMT
font
c.bannerflow.net/fs/api/v2/ Frame E01F 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F56b98d041daefa24141e6f8b%2Febb25d64-f52a-4aa7-b369-68a9d05cedc0.woff&t=%0A%20ACEFGHILMNOPRTX
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79f951e8d5d7f236582e9c3fc4d7ecb28362c173ef5989c915b36f1d044e5c6a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/

Response headers

server
cloudflare
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
HIT
age
104297
cf-ray
8d75bf772e09aaf6-SYD
expires
Sun, 19 Oct 2025 13:00:02 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2712
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
font/woff
content-disposition
attachment; filename=ebb25d64-f52a-4aa7-b369-68a9d05cedc0-subset.woff
vary
Accept-Encoding
last-modified
Sat, 19 Oct 2024 13:00:02 GMT
font
c.bannerflow.net/fs/api/v2/ Frame A707 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F56b98d041daefa24141e6f8b%2Febb25d64-f52a-4aa7-b369-68a9d05cedc0.woff&t=%20ACEHLOPTX
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15d5b33bf043de02dc9ac4a0ea9e0a3a8163f6ff3ed238dbc828c0a5139d1d7c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/

Response headers

server
cloudflare
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
HIT
age
20229
cf-ray
8d75bf779e98aaf6-SYD
expires
Sun, 19 Oct 2025 13:57:54 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2400
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
font/woff
content-disposition
attachment; filename=ebb25d64-f52a-4aa7-b369-68a9d05cedc0-subset.woff
vary
Accept-Encoding
last-modified
Sat, 19 Oct 2024 13:57:54 GMT
font
c.bannerflow.net/fs/api/v2/ Frame E01F 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F56b98d041daefa24141e6f8b%2F72efcd33-9b4e-4f24-8625-f9bd3ca00643.woff&t=%20CEHILMNOSTUVWX
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed7f50665d95f6619c50a33e4d18834e6288066f031a1a70104adb2ca883c625

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/

Response headers

server
cloudflare
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
HIT
age
20803
cf-ray
8d75bf780f31aaf6-SYD
expires
Sun, 19 Oct 2025 13:00:03 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2928
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
font/woff
content-disposition
attachment; filename=72efcd33-9b4e-4f24-8625-f9bd3ca00643-subset.woff
vary
Accept-Encoding
last-modified
Sat, 19 Oct 2024 13:00:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 67CA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
207
alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 00:07:42 GMT
expires
Thu, 24 Oct 2024 00:57:42 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 65B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OawCPLGpITkVr6MlSMGp2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-OawCPLGpITkVr6MlSMGp2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 00:11:09 GMT
expires
Thu, 24 Oct 2024 00:11:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
font
c.bannerflow.net/fs/api/v2/ Frame A707 		3 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F56b98d041daefa24141e6f8b%2F72efcd33-9b4e-4f24-8625-f9bd3ca00643.woff&t=%20CEHILMNOSTUVWX
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed7f50665d95f6619c50a33e4d18834e6288066f031a1a70104adb2ca883c625

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/

Response headers

server
cloudflare
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
HIT
age
20803
cf-ray
8d75bf780f31aaf6-SYD
expires
Sun, 19 Oct 2025 13:00:03 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2928
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
font/woff
content-disposition
attachment; filename=72efcd33-9b4e-4f24-8625-f9bd3ca00643-subset.woff
vary
Accept-Encoding
last-modified
Sat, 19 Oct 2024 13:00:03 GMT
event.png
tpsc-ae1.doubleverify.com/ Frame 4885 		0
301 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=0c896a13eb054ad9907a94c5ea1a140f&flavor=1&gdpr=&gdpr_consent=&ee_dp_omvk=doubleverify.com-omid&ee_dp_isom=1&ee_dp_cadl=2&ee_dp_btreg=HOTSPOT_V2&ee_dp_jltm=1&iskpm=1&ismmm=1&isocm=1&ee_dp_alm=auto&dvp_atali=1&ee_dp_jlta=1&ee_dp_jltd=114&ee_dp_csc=1&ee_dp_cspf=1&ee_dp_asmm=1&vdur=580&eoid=24&te_strt=1&te_init=7&te_sup=0&te_exec=0&msrjs=6844&sdf=67108868&vit=2&ee_dp_mrci=1&rmi=16&tltms=66&tetms=47&msltms=0&vltms=580&sei=146&vetms=443&tuviims=106&tuviems=1129&engms=1&engisel=1&dvp_dtcov=4&sim=1&msrcanlm=296&msrcannum=3&ee_dp_tmads=3246&ee_dp_msrcanlt=2%3A3%3A(0%3B0%3B0)%2C8%3A1%3A(0)%2C32%3A3%3A(0%3B0%3B0)%2C128%3A3%3A(0%3B0%3B0)%2C256%3A1%3A(0)%2C65536%3A3%3A(0%3B0%3B0)%2C262144%3A3%3A(0%3B0%3B0)&ee_dp_btros=32%3A3%3A(0%3B0%3B0)%2C262144%3A3%3A(0%3B0%3B0)&ee_dp_btsc=32%3A3%3A(a-647-0%2Fimg-121-0%2Fspan-157-0%2Fiframe-19-0%2Fdiv-916-0%2Fsvg-71-0%3Ba-647-0%2Fimg-121-0%2Fspan-157-0%2Fiframe-24-0%2Fdiv-919-0%2Fsvg-71-0%3Bobject-6-0%2Fa-647-0%2Fimg-122-0%2Fspan-157-0%2Fiframe-24-0%2Fdiv-931-1%2Fsvg-71-0)&ismms=2335&isumms=2334&nvr=6&isgmmims=2335&isgmv4mims=2335&elmtp=3&isbxdms=3234&b7=1015&adhgt=1097&adwdth=2420&vsos=91&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1.0&lftb=1015&sftb=1015&msrdp=-1&naral=32&vct=1&vphgt=1200&vpwdth=1600&chgt=1200&cwdth=1600&scrhgt=1200&scrwdth=1600&strp=66&advisonl=true&isiabvms=3234&isuiabvms=3234&isgmpims=2334&isgmv4dpims=3234&ispmxpms=3234&ishvm=1&istchm=1&isascm=1&isaclkm=1&engalms=2328&engscrlms=2334&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&dvp_anatd=2341&vstsz=706&ee_dp_cvcmeeid=1&metp=1&meeid=1&ee_dp_saw=2420&ee_dp_sah=1097&ttfurm=4131
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Expires
2024-10-23T00:11:09
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
max-age=0
Date
Thu, 24 Oct 2024 00:11:09 GMT
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true, true
font
c.bannerflow.net/fs/api/v2/ Frame E01F 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffonts.bannerflow.net%2Ffontmanagerfonts%2F56b98d041daefa24141e6f8b%2F5d096e1f-0056-4a38-8248-5034d1607cfa.woff&t=%20ABEHPST
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c20da9181ec516eadd06d677897e0df697aeef1e9d7073c8ed83113af741f519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/

Response headers

server
cloudflare
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status
HIT
age
18249
cf-ray
8d75bf78a894aaf6-SYD
expires
Sat, 18 Oct 2025 13:00:11 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
3252
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
font/woff
content-disposition
attachment; filename=5d096e1f-0056-4a38-8248-5034d1607cfa-subset.woff
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 13:00:11 GMT
optimize
c.bannerflow.net/io/api/image/ Frame 33DB 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Ftabcorp%2F57693bd09db2141338c63aba%2Fpublished%2F9521386%2F11223296%2F632b48cf-c381-4a04-a51e-d48568168512.png&w=151&h=216&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6d3022dc9da3f2df2569ca9ffb2a55f86a7f93d424ce5e19664467becbb2cba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
166685
api-supported-versions
2.0
cf-ray
8d75bf787bdfa81f-SYD
accept-ranges
bytes
access-control-allow-origin
*
content-length
16092
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
image/webp
last-modified
Sat, 19 Oct 2024 13:57:57 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 33DB 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Ftabcorp%2F57693bd09db2141338c63aba%2Fpublished%2F9521386%2F11223296%2Fd0ce2604-7537-4a4b-ba31-30db09e87745.png&w=156&h=33&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74f0635d38834e540c1435b177fb8b4289d5d465a6688c09734f139f3a9ddb56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
166685
api-supported-versions
2.0
cf-ray
8d75bf787be4a81f-SYD
accept-ranges
bytes
access-control-allow-origin
*
content-length
3742
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
image/webp
last-modified
Sat, 19 Oct 2024 13:57:56 GMT
vary
Accept-Encoding
server
cloudflare
3d177108-ccdb-431e-8e25-5b40f05c803f.svg
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/9521386/11223296/ Frame 33DB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/9521386/11223296/3d177108-ccdb-431e-8e25-5b40f05c803f.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
690d728c649b8a849100690b368118ae3d890075d1e56beec18e77d1d85f3d2f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
RYqj53nLjgHqLzgWQ+P6gg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
x-ms-lease-status
unlocked
etag
W/"0x8DCEF386DDB6BC1"
age
23706
cf-cache-status
HIT
content-encoding
br
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
image/svg+xml
last-modified
Fri, 18 Oct 2024 05:48:02 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
5f0777b7-101e-001c-5f67-2587b3000000
cf-ray
8d75bf787be5a81f-SYD
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
f7ca9d0c-d094-430b-9780-403e52125e7d.svg
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/9521386/11223296/ Frame 33DB 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/9521386/11223296/f7ca9d0c-d094-430b-9780-403e52125e7d.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca4e4224aaa0e3b5a4cbeda8613aaf7d55729816466bc084433d72675853cb4c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
+xVuX4Fl5gTMhlXm9D2rxw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
x-ms-lease-status
unlocked
etag
W/"0x8DCEF386DDE27D4"
age
14612
cf-cache-status
HIT
content-encoding
br
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
image/svg+xml
last-modified
Fri, 18 Oct 2024 05:48:02 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
6823268c-e01e-0045-242e-220030000000
cf-ray
8d75bf787be8a81f-SYD
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 33DB 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Ftabcorp%2F57693bd09db2141338c63aba%2Fpublished%2F9521386%2F11223296%2Ffaafe774-3544-41b1-b970-1cee3f0ea797.png&w=728&h=90&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4361a8e30d80c52fb0677215894b18280e7d9c8f94e89626479258820969ced0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
24389
api-supported-versions
2.0
cf-ray
8d75bf78ac19a81f-SYD
accept-ranges
bytes
access-control-allow-origin
*
content-length
8332
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
image/webp
last-modified
Mon, 21 Oct 2024 05:54:28 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 3947 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Ftabcorp%2F57693bd09db2141338c63aba%2Fpublished%2F9521384%2F11223296%2F632b48cf-c381-4a04-a51e-d48568168512.png&w=332&h=450&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3cf90d60d7d1b6d19b0dfd9544558a75547dd42929fe99ee42f4d444b575430

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
33087
api-supported-versions
2.0
cf-ray
8d75bf792cdca81f-SYD
accept-ranges
bytes
access-control-allow-origin
*
content-length
49272
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
image/webp
last-modified
Sat, 19 Oct 2024 13:05:08 GMT
vary
Accept-Encoding
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 3947 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Ftabcorp%2F57693bd09db2141338c63aba%2Fpublished%2F9521384%2F11223296%2Fd0ce2604-7537-4a4b-ba31-30db09e87745.png&w=278&h=60&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec507769a372c86f89578a3e9982d6443c5c1afa97e5e8c4ae102e7595dc0dec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
385021
api-supported-versions
2.0
cf-ray
8d75bf792ce1a81f-SYD
accept-ranges
bytes
access-control-allow-origin
*
content-length
4848
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
image/webp
last-modified
Sat, 19 Oct 2024 13:05:08 GMT
vary
Accept-Encoding
server
cloudflare
f7ca9d0c-d094-430b-9780-403e52125e7d.svg
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/9521384/11223296/ Frame 3947 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/9521384/11223296/f7ca9d0c-d094-430b-9780-403e52125e7d.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca4e4224aaa0e3b5a4cbeda8613aaf7d55729816466bc084433d72675853cb4c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
+xVuX4Fl5gTMhlXm9D2rxw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
x-ms-lease-status
unlocked
etag
W/"0x8DCEF386DFDC156"
age
385865
cf-cache-status
HIT
content-encoding
br
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
image/svg+xml
last-modified
Fri, 18 Oct 2024 05:48:02 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
cd0c9271-301e-0046-1926-22e154000000
cf-ray
8d75bf792ce2a81f-SYD
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
3d177108-ccdb-431e-8e25-5b40f05c803f.svg
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/9521384/11223296/ Frame 3947 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/9521384/11223296/3d177108-ccdb-431e-8e25-5b40f05c803f.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
690d728c649b8a849100690b368118ae3d890075d1e56beec18e77d1d85f3d2f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
RYqj53nLjgHqLzgWQ+P6gg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
x-ms-lease-status
unlocked
etag
W/"0x8DCEF386DFD9A6D"
age
385864
cf-cache-status
HIT
content-encoding
br
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
image/svg+xml
last-modified
Fri, 18 Oct 2024 05:48:02 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-request-id
5126982a-c01e-0042-6f26-226c53000000
cf-ray
8d75bf792ce3a81f-SYD
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
optimize
c.bannerflow.net/io/api/image/ Frame 3947 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Ftabcorp%2F57693bd09db2141338c63aba%2Fpublished%2F9521384%2F11223296%2Faf845bfb-d4d8-4835-b9a6-0458836d5146.png&w=300&h=250&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b0099f464d24892418ae25aac8f791ee7504e1786989d5d9e619ae260e65e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000,stale-if-error=86400,stale-while-revalidate=86400
cf-cache-status
HIT
age
385021
api-supported-versions
2.0
cf-ray
8d75bf794cf5a81f-SYD
accept-ranges
bytes
access-control-allow-origin
*
content-length
6332
date
Thu, 24 Oct 2024 00:11:09 GMT
content-type
image/webp
last-modified
Sat, 19 Oct 2024 13:05:08 GMT
vary
Accept-Encoding
server
cloudflare
event.png
tpsc-ae1.doubleverify.com/ Frame E01F 		0
301 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=83fffb96f2084c6eaa2a30f705334a86&flavor=1&gdpr=&gdpr_consent=&ee_dp_omvk=doubleverify.com-omid&ee_dp_isom=1&ee_dp_jltm=1&iskpm=1&ismmm=1&isocm=1&ee_dp_alm=auto&dvp_atali=0&ee_dp_csc=1&ee_dp_cspf=1&ee_dp_asmm=1&vdur=295&eoid=25&te_strt=1&te_init=7&te_sup=0&te_exec=0&msrjs=6844&sdf=67108868&vit=2&dvp_ime=0&dvp_dcime=0&dvp_dcife=0&dvp_dcde=1&dvp_dcoe=1&dvp_mpdce=script&rmi=8&tltms=0&tetms=11&msltms=0&vltms=295&sei=146&vetms=483&tuviims=22&tuviems=800&engms=1&engisel=1&dvp_dtcov=4&sim=1&ee_dp_mrci=1&prndr=0&dvp_rfrcl=4&msrcanlm=1048970&msrcannum=4&ee_dp_tmads=2962&ee_dp_msrcanlt=2%3A2%3A(1%3B1)%2C8%3A1%3A(0)%2C128%3A2%3A(0%3B0)%2C256%3A1%3A(0)%2C65536%3A3%3A(0%3B0%3B0)%2C1048576%3A2%3A(1%3B1)&ismms=1250&isumms=1249&nvr=6&isgmmims=1250&isgmv4mims=1250&elmtp=3&isbxdms=2939&b10=1922&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1.0&lftb=1922&sftb=1922&msrdp=0&naral=1048578&vct=1&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=98&advisonl=true&isiabvms=2285&isuiabvms=2285&isgmpims=1249&isgmv4dpims=2285&ispmxpms=2285&ishvm=1&istchm=1&isascm=1&isaclkm=1&engalms=1247&dvp_hdnAd=0&dvp_dpr=1&vstsz=706&ee_dp_cvcmeeid=1&metp=1&meeid=1&ee_dp_saw=300&ee_dp_sah=250&ttfurm=3796
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Expires
2024-10-23T00:11:09
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
max-age=0
Date
Thu, 24 Oct 2024 00:11:09 GMT
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true, true
event.png
tpsc-ae1.doubleverify.com/ Frame A707 		0
301 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=2ccbd11a076b4cda8e420aabbbc130e8&flavor=1&gdpr=&gdpr_consent=&ee_dp_omvk=doubleverify.com-omid&ee_dp_isom=1&ee_dp_cadl=2&ee_dp_jltm=1&iskpm=1&ismmm=1&isocm=1&ee_dp_alm=auto&dvp_atali=0&ee_dp_csc=1&ee_dp_cspf=1&ee_dp_asmm=1&vdur=304&eoid=25&te_strt=1&te_init=7&te_sup=0&te_exec=0&msrjs=6844&sdf=67108868&vit=2&dvp_ime=0&dvp_dcime=0&dvp_dcife=0&dvp_dcde=1&dvp_dcoe=1&dvp_mpdce=script&rmi=8&tltms=0&tetms=13&msltms=0&vltms=304&sei=146&vetms=447&tuviims=32&tuviems=783&engms=1&engisel=1&dvp_dtcov=4&sim=1&ee_dp_mrci=1&prndr=0&dvp_rfrcl=4&msrcanlm=1048970&msrcannum=4&ee_dp_tmads=3241&ee_dp_msrcanlt=2%3A2%3A(1%3B1)%2C8%3A1%3A(0)%2C128%3A2%3A(0%3B0)%2C256%3A1%3A(0)%2C65536%3A3%3A(0%3B0%3B0)%2C1048576%3A2%3A(1%3B1)&ismms=1307&isumms=1307&nvr=2&isgmmims=1307&isgmv4mims=1307&elmtp=3&isbxdms=3238&b0=2082&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1.0&lftb=2082&sftb=2082&msrdp=0&naral=1048578&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&ishvm=1&istchm=1&isascm=1&isaclkm=1&engalms=1307&dvp_hdnAd=0&dvp_dpr=1&vstsz=704&ee_dp_cvcmeeid=1&metp=1&meeid=1&ee_dp_saw=728&ee_dp_sah=90&ttfurm=3772
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Expires
2024-10-23T00:11:09
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
max-age=0
Date
Thu, 24 Oct 2024 00:11:09 GMT
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true, true
heraldsun-32x32.png
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/favicons/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/favicons/heraldsun-32x32.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1415:9c00:28b::ebe , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b17a7e54402f7e995957367dbcab5a87af22d98ee99f38ced0922f7a8888ef8e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cache-control
max-age=1969708
x-rq
syd3 123 242 443
etag
"65dfceb7-4a8"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
expires
Fri, 15 Nov 2024 19:19:37 GMT
accept-ranges
bytes
content-length
1192
date
Thu, 24 Oct 2024 00:11:09 GMT
akamai-grn
0.c9b42e17.1729728669.9208934d
content-type
image/png
last-modified
Thu, 29 Feb 2024 00:24:23 GMT
server
nginx
vary
User-Agent
validate
assets.vidora.com/v1/ 		0
300 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:6800:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
via
1.1 eb3589b1230a45883fc0813bdb92ed5e.cloudfront.net (CloudFront)
expires
Thu, 24 Oct 2024 00:11:09 GMT
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
i0gnStwMOFTNLS8lfb40gFfDolrJsYiR3vl0bbM8ynkmQxQMZdrzIg==
date
Thu, 24 Oct 2024 00:11:10 GMT
content-type
application/octet-stream
x-amz-cf-pop
SYD62-P1
server
nginx
rec
collector.bonzai.co/ Frame 4885 		43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzI5NzI4NjcwNTgxLCJtb2RlIjoibGl2ZSIsInRrIjoiNmFlZjhiNmJjNDdlMTE5NTJmYzEyYmRjYjI2YTY1MTEiLCJhZCI6IjI2NjYxMDY1NTg5MDA3NTI4NzgifQ==&etc=0.4649595159324451
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:1000:a:709a:e000:93a1 , United States, ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
expries
-1
pragma
no-cache
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
4w4U3xiCf0UCKhdZ33S3c1BJfZsVS1kwSNIUdTYuLf3WCSXSuaKx_w==
date
Thu, 24 Oct 2024 00:11:10 GMT
content-type
image/gif
vary
Accept-Encoding
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cdd1ba3-f425-afb6-7f64-946745d9735b&tv=%7Bc:s2BLcL,pingTime:5,time:6108,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6108,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:1298.624.300.90,am:i,cc:1298.624.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5285~100%5D,as:%5B5285~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:288,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs,siq:836,sis:1089%7D&br=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:11 GMT
content-type
image/gif
server
nginx
x-server-name
dt35.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cdd1ba3-f425-afb6-7f64-946745d9735b&tv=%7Bc:s2BLcM,pingTime:5,time:6109,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6109,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:1298.624.300.90,am:i,cc:1298.624.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5286~100%5D,as:%5B5286~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:288,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs,siq:836,sis:1089%7D&br=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:11 GMT
content-type
image/gif
server
nginx
x-server-name
dt34.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7cdd1ba3-f425-afb6-7f64-946745d9735b&tv=%7Bc:s2BLcN,pingTime:5,time:6110,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6110,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:1298.624.300.90,am:i,cc:1298.624.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5287~100%5D,as:%5B5287~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:288,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs,siq:836,sis:1089,metricId:IASCertification1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:11 GMT
content-type
image/gif
server
nginx
x-server-name
dt38.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=29b937a5-3e6d-1cc1-6fc7-7605d2e02781&tv=%7Bc:s2BLcP,pingTime:5,time:6118,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:776%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6118,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:775,wc:180.180.1600.1200,ac:180.180.970.250,am:i,cc:180.180.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5376~100%5D,as:%5B5376~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:232,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f*.10507%7C1f1%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:778,sis:1080%7D&br=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:11 GMT
content-type
image/gif
server
nginx
x-server-name
dt39.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=29b937a5-3e6d-1cc1-6fc7-7605d2e02781&tv=%7Bc:s2BLcQ,pingTime:5,time:6119,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:776%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6119,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:775,wc:180.180.1600.1200,ac:180.180.970.250,am:i,cc:180.180.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5377~100%5D,as:%5B5377~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:232,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f*.10507%7C1f1%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:778,sis:1080%7D&br=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:11 GMT
content-type
image/gif
server
nginx
x-server-name
dt37.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=29b937a5-3e6d-1cc1-6fc7-7605d2e02781&tv=%7Bc:s2BLcR,pingTime:5,time:6120,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:776%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6120,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:775,wc:180.180.1600.1200,ac:180.180.970.250,am:i,cc:180.180.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5378~100%5D,as:%5B5378~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:232,fm:us4JcCJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f*.10507%7C1f1%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:778,sis:1080,metricId:IASCertification1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:11 GMT
content-type
image/gif
server
nginx
x-server-name
dt18.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ec10f065-7462-e9ea-ed20-9781b44dd93f&tv=%7Bc:s2BLhj,pingTime:5,time:5445,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:196%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5446,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:196,wc:180.180.1600.1200,ac:1298.740.300.250,am:i,cc:1298.740.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5260~100%5D,as:%5B5260~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:229,fm:us4JcS4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1n%7C1o,idMap:1g*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:197,sis:497%7D&br=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:11 GMT
content-type
image/gif
server
nginx
x-server-name
dt24.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ec10f065-7462-e9ea-ed20-9781b44dd93f&tv=%7Bc:s2BLhk,pingTime:5,time:5446,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:196%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5446,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:196,wc:180.180.1600.1200,ac:1298.740.300.250,am:i,cc:1298.740.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5264~100%5D,as:%5B5264~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:229,fm:us4JcS4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1n%7C1o,idMap:1g*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:197,sis:497%7D&br=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:11 GMT
content-type
image/gif
server
nginx
x-server-name
dt25.va.303net.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ec10f065-7462-e9ea-ed20-9781b44dd93f&tv=%7Bc:s2BLhu,pingTime:5,time:5456,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:196%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5456,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:196,wc:180.180.1600.1200,ac:1298.740.300.250,am:i,cc:1298.740.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5270~100%5D,as:%5B5270~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:229,fm:us4JcS4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1e%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m1%7C1n%7C1o,idMap:1g*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:197,sis:497,metricId:IASCertification1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:1aca:4281:c296:c1dc:696c:1893 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 24 Oct 2024 00:11:11 GMT
content-type
image/gif
server
nginx
x-server-name
dt28.va.303net.net
event.png
tpsc-ae1.doubleverify.com/ Frame E01F 		0
301 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=83fffb96f2084c6eaa2a30f705334a86&flavor=1&gdpr=&gdpr_consent=&isbxdms=5856&b10=5047&iabv5=5856&lftb=5047&sftb=5047&eoid=26
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Expires
2024-10-23T00:11:11
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
max-age=0
Date
Thu, 24 Oct 2024 00:11:11 GMT
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true, true
rec
collector.bonzai.co/ Frame 4885 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzI5NzI4NjcyMjAyLCJtb2RlIjoibGl2ZSIsInRrIjoiNmFlZjhiNmJjNDdlMTE5NTJmYzEyYmRjYjI2YTY1MTEiLCJhZCI6IjI2NjYxMDY1NTg5MDA3NTI4NzgifQ==&etc=0.17612229349405029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:1000:a:709a:e000:93a1 , United States, ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
expries
-1
pragma
no-cache
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
wLbIwC7UJHodS2bd8fLv7u40cvg_OKzCNxhaKL-zP2zNUgeVPpQF5Q==
date
Thu, 24 Oct 2024 00:11:12 GMT
content-type
image/gif
vary
Accept-Encoding
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
rec
collector.bonzai.co/ Frame 4885 		43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzI5NzI4NjczOTI1LCJtb2RlIjoibGl2ZSIsInRrIjoiNmFlZjhiNmJjNDdlMTE5NTJmYzEyYmRjYjI2YTY1MTEiLCJhZCI6IjI2NjYxMDY1NTg5MDA3NTI4NzgifQ==&etc=0.20965354876938225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:1000:a:709a:e000:93a1 , United States, ASN (),
Reverse DNS
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
expries
-1
pragma
no-cache
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
ck6eCLvhCDPvncNLP3uhPPm-WrMe3VIZqat3uPTVj-Vld-VL2jGYRQ==
date
Thu, 24 Oct 2024 00:11:13 GMT
content-type
image/gif
vary
Accept-Encoding
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
event.png
tpsc-ae1.doubleverify.com/ Frame 4885 		0
301 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=0c896a13eb054ad9907a94c5ea1a140f&flavor=1&gdpr=&gdpr_consent=&isbxdms=6941&b7=5069&iabv5=6941&lftb=5069&sftb=5069&eoid=25
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Expires
2024-10-23T00:11:15
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
max-age=0
Date
Thu, 24 Oct 2024 00:11:15 GMT
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true, true
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=C0VMylweycY1dqrp&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=hwt&n=1&f=00001&c=0.25&x=0&m=0&y=14855&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2F&b=3094&t=Bx9WiyBPnym0BeYva0BqLwXvh66dy&V=147&tz=-480&_acct=anon&sn=2&sv=DgTfdeDSEgWOB8bnueEy7RqB-1CbP&sr=external&sd=1&im=067b2ffa&_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.224.56.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-56-38.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

expires
0
cache-control
no-cache, no-store, must-revalidate
content-length
43
date
Thu, 24 Oct 2024 00:11:16 GMT
pragma
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
rec
collector.bonzai.co/ Frame 4885 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/csp-reports
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQI1p3-eTuGD_Q9wZLCZ-731JxU4bed4qewLErnpZmRrkBNJdBWeL04FRKszsbl1WobzmLF2FOl-x3asph_nM6mM27o7A
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202410210101&jk=4358164203298233&bg=!gYKlgs3NAAbl67hexes7ADQBe5WfOJXa0nH62CfcmrjMQytYoyXicduYQr3XGEmA8P0EmtyEGfIgvvbYZm0epi1sCYuzAgAAAPBSAAAAAmgBB34ANrEbTlAySqyl4nRQgbgfdi7j8D1FzMvsKQ2MsNeNIk6ZbHecHUAKIZLJYXlWF1lGT0ZuuY3OQgoAGvpLb6pdDQwCmY_p3Iaz_jUgtX_uoplbacIEmQKeV0YtqeqE7AVlwsnLZrL9BWf54ySWjV_pzf-CxPb-RBMNy9F3fd4x3_c-Kw89ZZHYBPTcAOeJmC0hGdhmrw5zUjzeIlrssk-SZusa8-VAaie4UmcFsHrInzpZI4Pj6_nFDr-sRtgFK3N2_qya2as-qgOlYN-uT1LKfN_BDAUpYwdGnwzSOuDryrljFzdtRY8lEJg_GaiFqMZ4uy1ix-D6XbZyJdLcdhCHXmONygRGOwwAUEnOMGfItuBelD2NAdcBTntynmjxy4vY3SwIANpe9A753c98cd7V3rN_9m54FIAoo9TA0zqbs5QVrZ5SIWv_QeTQRCdJUUDrK2y_-_mTpxsBs6zcIGIJOgifOJQp7eICY6CJKNx9GBxYvE--YFL2ZKTAnOCad1UVZWv10MlIhy9va0epR4mugEMlZ1Wp0Iwy-BTaUqe29WH6ZC7vV_WOd6ZWN2vPxuR8hB0TNHU6G4etqCHHYE_KppD1vj4H5keIi86XdZpZMzbq3OIca6kq4lH3r_ZhcjKmldrAtENTpPjmsOyor5tZbNfiWJmSui995aCfijN512ZsoDoXVcq8sh18hptvjDYrdmtV9aYUi2hud7yoAxCIabfOWYEebvslleg2lOOTlBcQDUqxvUEMsdzUhsfKbUHPx8T7Fb8icpfuErI97baP-y1tEOkrw--CgE-6NXjChc9WP8-NN388tFti27VA2OVgRp318mpllDbXZk8ENL9U4KYfijS01hqQPTVsSCILoGYgsi1S14Bh6S13dsql9wu0awYyXG_PhoH-siCi6r-ljieQEjEji0hhL-YV3W0_UKcCZ9JMM1iz8tw6rpSgJxkWwa7XjmjNwflNLKkY8dYT83moS2Dteht6ZZUbdTqRtiYyMnttZA
Domain
collector.bonzai.co
URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzI5NzI4Njc2OTE4LCJtb2RlIjoibGl2ZSIsInRrIjoiNmFlZjhiNmJjNDdlMTE5NTJmYzEyYmRjYjI2YTY1MTEiLCJhZCI6IjI2NjYxMDY1NTg5MDA3NTI4NzgifQ==&etc=0.5311772372928405

Verdicts & Comments Add Verdict or Comment

292 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr function| admiral object| googletag function| _typeof object| fakeAd number| x_width function| loadjs boolean| isLoadedIndiesJs string| urhehlevkedkilrobacf object| ads_api function| algoliasearch function| 4dm1r11545242527 function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise object| OBR string| OB_releaseVer object| OBREvents function| OBR$ function| __outbrain object| OB_PROXY object| outbrain object| outbrain_rater object| indieApps object| jpf object| player object| _vms object| auth object| optimizely object| utag_err object| domains object| parts string| p object| wut object| abtest number| num string| val number| itr number| maxval object| ud string| domainPattern object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| getQueryParam function| containsDomain function| _tealium_old_error object| utag_cfg_ovrd object| app object| __svelte object| nb object| utag_cfg object| uetq object| vidora_ns object| vidora function| setImmediate function| clearImmediate function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker function| twq boolean| cb_ad_run number| _sf_endpt object| ADB function| GeaLoader boolean| VIDEOJS_NO_DYNAMIC_STYLE object| vttjs function| WebVTT function| videojs function| videojsPerSourceBehaviors function| videojsErrors function| bc object| googleImaVansAdapter object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent object| nca_ipsos object| dm object| ipsos_ready function| rdt string| gtagRename object| dataLayer function| gtag function| n function| pintrk object| webpackChunk object| KAMPYLE_EMBED boolean| isAlloyConfigured function| rcdp number| interval object| ads_core object| ads_extra object| apsPlayerSize string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig object| adUnits object| pbjs object| __iasPET object| apstagShared object| kw_ignore object| mready object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow object| brandmetrics function| __assign object| __id5_finalization_registry object| ID5 object| twttr function| lintrk boolean| _already_called_lintrk string| _linkedin_partner_id object| _linkedin_data_partner_ids object| atsdetectionmodule object| atsenvelopemodule object| ats object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| _aps boolean| apstagLOADED object| apscustom object| pbjsChunk object| _pbjsGlobals object| apsUnits function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc function| UET function| UET_init function| UET_push object| ueto_8955a9926f function| DIL object| adobe function| Visitor object| mconfig function| __spreadArray object| _brandmetrics boolean| DotMetricsInitScript boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| ttd_dom_ready function| TTDUniversalPixelApi function| _TTDUniversalPixelApi object| ttdPixel object| _uid2SdkListenerLock function| setupUid2Sdk function| redditNormalizeEmail string| redditId object| ggeac object| diagPixSentCodes object| __iasAdRefreshConfig string| CE_USER_COMMON_SCRIPT_URL object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| SUBSCRIPTIONS object| SWG object| npt object| DotMetricsSettings object| ORIBILI object| DotmetricsJSON object| DotMetricsObj boolean| envelopeModuleReady object| google_tag_manager function| omrhp object| tagConfig boolean| hasApsUnits object| ads_ready object| google_reactive_ads_global_state object| google_tag_topics_state object| Criteo function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| AppMeasurement_Module_ActivityMap object| s_c_il number| s_c_in object| s object| visitor boolean| explicitPageView object| nr object| metrics function| clarity object| clarityuetq function| cookieWrite function| cookieRead function| formatTime string| pageName function| p_fo string| ppvID object| __fo object| s_i_newscorpau-hsweb_newscorpau-global number| google_unique_id object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| googDdmPs object| __IntegralASExec function| vidoraTrackExtraElements object| vidoraHelper object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata object| kampyle object| GoogleGcLKhOms object| google_image_requests

208 Cookies

Domain/Path Name / Value
widgets.outbrain.com/nanoWidget/externals/cookie Name: thirdparty
Value: yes
.smartadserver.com/api Name: pid
Value: 856522994659412799
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.heraldsun.com.au/ Name: bm_mi
Value: 9A8E34600836944DFBA81BDF0373A01B~YAAQybQuF6MB4rGSAQAAaLzcuxnRYqZtD78GfdW0fQwjfDYQfSwumDHgZw8uK3ZcTrBvCQ+1IZ7Kr3VxrTue3I54NfMiflUnIlqXxN9IwJF9ENqqiGkILohGRBUmpoMpKoDwcLbkmqDZ7NbKYFppNXPc3Qo7CqPneiZ1DEnM429XPNblPc1aKAudtNySkfysZ/CgA4GEl/fJeGhwj6Yil3to3yOwoD7Hn8iFtbdIWPwlMz6cj+4WWxsswfy7SJ1/y2vRrJzLjekvAZLlKovXdys3Sdkn43napwdmWjUMsa5dP0nq4IP2vfT21D49S2Z9gu3StQ==~1
.news.com.au/ Name: nk
Value: 8d7ab3017569bbb26e044e3b23694b8d
.heraldsun.com.au/ Name: nk
Value: 8d7ab3017569bbb26e044e3b23694b8d
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1729728658
www.heraldsun.com.au/ Name: cbd
Value: 000001
www.heraldsun.com.au/ Name: lux_uid
Value: 172972865988562911
.heraldsun.com.au/ Name: bm_sv
Value: CE18C5548655B768C3106C2EB0BA1AB3~YAAQybQuF/0E4rGSAQAA18LcuxlZBf86oLdhymxQcIPyl/IYZU5sS/c8+b1ySPgs2l3ZIal45FP8oKdDsCuCZWfB/BU+cXeQsyTk646XKMkljY6dPkFSEvoib2OdpGuW4XlSW0QdetmVPqWA7/63t4NaBQ1rxI3hoFXNFdNPnzPcw4QA8zy/ifA3dOWNqbD+kP4oavNpKv6ZOpS3SBf4S7YxKXoMapi08qQ8RgLURQGBvjOUyjja39vyIcCzSH1AsIPcl0aI~1
.heraldsun.com.au/ Name: session_token
Value: 1729728660197
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3A5b9da7ea-8fa4-4b4f-a1fc-07cbece4fbe1.%2FVorDUbj2i0ybTXq3yZ63okPSsfLkwslQZdwCk%2BGPzY
.heraldsun.com.au/ Name: utag_main
Value: v_id:0192bbdcc37a008fefda9ffdf39005065001d05d00b08$_sn:1$_se:1$_ss:1$_st:1729730460347$ses_id:1729728660347%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/ Name: optimizelyEndUserId
Value: oeu1729728660602r0.5611436343231375
.outbrain.com/ Name: obuid
Value: 9bc7e295-b330-491c-bb0d-1d5365c16871
.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.1197904777727068
www.heraldsun.com.au/ Name: AWSALB
Value: 1jSUduwMzXjZ2WolAk2BsUjMJAEkm4/6oxkQGn0Lqic2VM13WFdyJiDadboCe2pimK6YtRad7cxWS1d8pgWvgCkHPRlq7/1DTjM39OhEGcuP5w8rdYeYb+dt5z+8
www.heraldsun.com.au/ Name: AWSALBCORS
Value: 1jSUduwMzXjZ2WolAk2BsUjMJAEkm4/6oxkQGn0Lqic2VM13WFdyJiDadboCe2pimK6YtRad7cxWS1d8pgWvgCkHPRlq7/1DTjM39OhEGcuP5w8rdYeYb+dt5z+8
.heraldsun.com.au/ Name: ak_bmsc
Value: 2318452759DBEC1ECA823AFAA8AF56D0~000000000000000000000000000000~YAAQybQuF8QG4rGSAQAA3sXcuxmb9BtztBRJFDyo2s7lcz6cRFliLFpyn524wq4DGQuYZr6ZYZk/9UaENO1QOd5136eddKzzgrxsz+IXk4dYSNfzAEnZ50/91UcO7h4x2kZSdjj5bStrSOegQu3Z2zcKVm9Uaaq0LIGEaj5Dm5MB06UpwPcz6OCF3lILA8jWXB1ESmnqMoExPmD8n25p6f+64CmzRYgXQjGdNBL7R3/bFNcBP0dXmJoa0fkQkCm/QizxeZepPbNQVWv0s4E+37LnPsYfP7D8jsXjmOarY9vZKhl43+rcnKsfYuBGI5SMCECitwCXjrSWNhcKMPSb10z1UnKU8TZA/OZUQQ/HTrmF/s6II3YeowdUt6hOG/HUx86A0z94UDIwKb2fTra180/Vr/aQ91pV5vOzSXSXGE/2XCzNq7S8tDxMqrb/necWxpql9Q5p31PgeoozC18Dh2EPrRyw59Xa+rqH8bBQ8geebCoCW8I5l6Y=
.doubleclick.net/ Name: APC
Value: AfxxVi7jskAyqQ9k-etHUaSXbIZjVLGZKtFBmkGZ1j0bJ4gb6yHK-Q
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: 58083898-e895-4a85-b4b9-12a33aae28f0.1729728661.1.1729728661.1729728661.74ee7621-ba0c-4174-9af0-da19a8e83036
.demdex.net/ Name: demdex
Value: 20480451223360826752510154147301968325
.adsrvr.org/ Name: TDID
Value: eb8eedb0-9fe7-476d-8911-dda61f29ed7f
.heraldsun.com.au/ Name: _cb
Value: C0VMylweycY1dqrp
.dpm.demdex.net/ Name: dpm
Value: 20480451223360826752510154147301968325
.heraldsun.com.au/ Name: _chartbeat2
Value: .1729728661196.1729728661196.1.DgTfdeDSEgWOB8bnueEy7RqB-1CbP.1
.heraldsun.com.au/ Name: _cb_svref
Value: external
.im-apps.net/ Name: imid_secure
Value: RAjohDYpRU643xTpRiUGeQ
.im-apps.net/ Name: imid_created_secure
Value: 1729728661
www.heraldsun.com.au/ Name: _lr_retry_request
Value: true
www.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
.agkn.com/ Name: ab
Value: 0001%3Ans1NeeUn2BEw%2Bq%2BFZY60wadIifeZy%2BKy
.eyeota.net/ Name: mako_uid
Value: 192bbdcc765-76670000010d4fce
.eyeota.net/ Name: SERVERID
Value: 20430~DM
.newscgp.com/ Name: sp
Value: 6438f41b-af23-4dce-a6a6-249536fc4191
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1729728661392.198225713304784187
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=a45e28b7-5b94-4bb8-aa73-203ccc04d7d9&Created=10/24/2024 00:11:01&UserMode=0&guid=08cd92e9-2c46-4c0c-b345-9a27a0989bc2&ver=1
.heraldsun.com.au/ Name: _rdt_uuid
Value: 1729728661435.d6ed6a42-571d-4b6f-baf7-4ae83c3aa9e3
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.bidswitch.net/ Name: tuuid
Value: ae0918b0-2d58-44d0-8385-78a323b55e76
.bidswitch.net/ Name: c
Value: 1729728661
.bidswitch.net/ Name: tuuid_lu
Value: 1729728661
.t.co/ Name: muc_ads
Value: c25f880f-0144-4c66-886e-bb6935e78f4e
.t.co/ Name: __cf_bm
Value: P2SqodFGGShsnirc9fVjvKJ23U.qiu4JORlF7d5WmdY-1729728661-1.0.1.1-yGnrYrsCVkHjjiwOYloU0jgSIxzAH2OGBDoFIqmRtoel7U9IqM27RvhbB4p1TH.MHo6mVlvK7Khjfo_xPDmhlQ
.heraldsun.com.au/ Name: nol_fpid
Value: n0unhafncbucvnogt9r4ewtcc8he91729728661|1729728661532|1729728661532|1729728661532
.heraldsun.com.au/ Name: _ncid
Value: 7e722840117048d05a069f399fbd80cc
.linkedin.com/ Name: bcookie
Value: "v=2&fdde4426-a205-4858-846e-6f4fb50ee17b"
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=3329:u=1:x=1:i=1729728661:t=1729815061:v=2:sig=AQGjLntoFHZCWE4pAhjFaSa_n4_w4Zm4"
.heraldsun.com.au/ Name: _uetsid
Value: 73e765f0919c11efa91a23d1c1353179
.heraldsun.com.au/ Name: _uetvid
Value: 73e78570919c11efba63af3f27eadf95
.imrworldwide.com/ Name: IMRID
Value: 73e8b150-919c-11ef-bd69-b7631998623d
www.heraldsun.com.au/ Name: _lr_geo_location_state
Value: NSW
www.heraldsun.com.au/ Name: _lr_geo_location
Value: AU
.heraldsun.com.au/ Name: _pin_unauth
Value: dWlkPU5UYzJNVGxqWVdFdE0yTXpPUzAwTmpsa0xUZ3hPVFV0TXpFek16RmpZMlU1WVRBMg
.twitter.com/ Name: guest_id_marketing
Value: v1%3A172972866162801622
.twitter.com/ Name: guest_id_ads
Value: v1%3A172972866162801622
.twitter.com/ Name: personalization_id
Value: "v1_bmDaOMUhhtoSxcQdzhcUew=="
.twitter.com/ Name: guest_id
Value: v1%3A172972866162801622
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.2113534853.1729728662
.pinterest.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkcqAef9gVLnSahyptdHp6kILCtkzQa8qRl9NtuYDxmNRoVG2cabHpBifOmIjI
.rubiconproject.com/ Name: khaos
Value: M2MJS9BS-8-9844
.rubiconproject.com/ Name: khaos_p
Value: M2MJS9BS-8-9844
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.zemanta.com/ Name: zuid
Value: qVsyIurdFQeWcPght3js
.zemanta.com/ Name: obuid
Value: e1qTKFfGQFRqv3YTSTdwr1kcXBW3wlBYkKP9ow9NJ4OFZePIS2PUncp-IhcHIPWd
.bing.com/ Name: MUID
Value: 3220B060381E6BD03D9AA542392C6AF7
.bat.bing.com/ Name: MR
Value: 0
.casalemedia.com/ Name: CMID
Value: ZxmQlYsFVoEAAC8dAKCLiAAA
.casalemedia.com/ Name: CMPS
Value: 5319
.casalemedia.com/ Name: CMPRO
Value: 5319
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13062
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZnMkpMbUp3NWxUeStSQ2RpaXUzMG9BMXFnYmswbHFzd2RuS3pTQUlONmZ3emNGSFlQOStVYjVUZ3lENGFOalJpczlYc0MzSFJESm1Ua211MXpIdEJVT25qR3M5T214MWVNRkRET1lkMllycz0mb3dSeEV5Q1l0NW9uTm5yeCt5MVN0Z25aaTJjPQ=="
.adform.net/ Name: C
Value: 1
.adfarm1.adition.com/ Name: UserID1
Value: 7429128029981505899
www.heraldsun.com.au/ Name: metrics_pcsid
Value: not set
.heraldsun.com.au/ Name: _awl
Value: 3.1729728661.5-0961caa3b9bcea9fe99406542a3f1a21-6763652d617369612d6561737431-0
.adform.net/ Name: uid
Value: 6896029921463295989
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.creativecdn.com/ Name: g
Value: CPZi7JbN3j2hAm2IwIGg_1729728662120
.creativecdn.com/ Name: ts
Value: 1729728662
.smaato.net/ Name: SCM
Value: 20e79a4338
.smaato.net/ Name: SCMo
Value: 20e79a4338
.criteo.com/ Name: cto_bundle
Value: B_IgYF9WMmpRVU5jdlNQOGolMkZZZEQyT3E0b0pBNmgwYmhpWUNXNFZrck9TdTNRWTkwcyUyQlBvTVhoaXF6MVZDRFAwR0JWUHRWUjBOWUU0JTJCd213TTFQUGRGTEl2dE5uMDR0N3E0NTNFVyUyQk5FVEFNWGNnaUI0c3JFTWlOMyUyRkxiRU9TZDBsR3A
www.clarity.ms/ Name: CLID
Value: e1abdf51e860421aa081cec051e27d01.20241024.20251024
.yahoo.com/ Name: A3
Value: d=AQABBJaQGWcCEInrmDv5qQAEPE0LDKXn82MFEgEBAQHiGmcjZw38xiMA_eMAAA&S=AQAAAodaBckRMnSp0zP7yHk3_BM
.pippio.com/ Name: did
Value: l75-6c02bulgpQ82
.pippio.com/ Name: didts
Value: 1729728662
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: 195n~2lfc
.adnxs.com/ Name: XANDR_PANID
Value: X_Jesgx9BGEhAzeHAE5lJ5Q-lK_IwSaAmfxdW5X__J4Oi4TUOUpm-XINc6-trTna1-FYhU0JGbX_r_3u61z2ayiAhnbYtdlHi0CNVsA0NHc.
.adnxs.com/ Name: icu
Value: ChgIzrIrEAoYASABKAEwlqHmuAY4AUABSAEQlqHmuAYYAA..
.adnxs.com/ Name: uuid2
Value: 7171260968332764503
.pubmatic.com/ Name: receive-cookie-deprecation
Value: 1
ads.playground.xyz/ Name: connect.sid
Value: s%3ASOygR5OpqMo-Ny0rlG0Lh4SxcW6kMl0H.KabhK7E65Ww353YNDASOf%2FJqwtxLqc%2F%2FeLpMe3TOM2c
.heraldsun.com.au/ Name: _clck
Value: wccc92%7C2%7Cfqa%7C0%7C1758
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: vst
Value: a_df606922-a37e-4838-b1ca-fdbb96c462c2
.rlcdn.com/ Name: rlas3
Value: fNa2mKKYpBj+A4EwAZgJj7VV6yi9VyvQtiGds6Dp6FY=
.rlcdn.com/ Name: pxrc
Value: CJWh5rgGEgUI6AcQABIFCOhHEAASBgiKuisQAQ==
.360yield.com/ Name: tuuid
Value: b17d9b15-0784-4d47-ada8-f18e23b107cf
.360yield.com/ Name: tuuid_lu
Value: 1729728662
.teads.tv/ Name: tt_viewer
Value: ddfa17c1-abc8-4b01-944d-e1167a84da25
.c.bing.com/ Name: MR
Value: 0
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C20021%7CMCMID%7C20459222592212899612512259419371935967%7CMCAAMLH-1730333463%7C8%7CMCAAMB-1730333463%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C1200584442%7CMCOPTOUT-1729735863s%7CNONE%7CMCSYNCSOP%7C411-20028%7CMCAID%7CNONE%7CvVersion%7C5.1.1
.heraldsun.com.au/ Name: s_nr30
Value: 1729728663069-New
.sitescout.com/ Name: ssi
Value: 1a73a515-57d0-4b2d-a7a1-4a7181af70ca#1729728662904
.heraldsun.com.au/ Name: s_tslv
Value: 1729728663075
.heraldsun.com.au/ Name: s_inv
Value: 0
.quantserve.com/ Name: mc
Value: 67199097-0af19-dd03e-3a63e
.quantserve.com/ Name: sp
Value: CgkIvOwGEgMQ3Q0=
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Chome%257Chomepage%257Chomepage%2C8%2C8%2C1200%2C1%2C12
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Chome%7Chomepage%7Chomepage
.heraldsun.com.au/ Name: s_cc
Value: true
.turn.com/ Name: uid
Value: 2608632191228808780
.exelator.com/ Name: EE
Value: "7d49dc6a8b2188a9305dd34fd7a18321"
.contextweb.com/ Name: ccpa
Value: 1---
.contextweb.com/ Name: V
Value: MDwgNUWkUKRU
.contextweb.com/ Name: VP
Value: part_MDwgNUWkUKRU
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ud7|8jE.0.1
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1ud7|8jE.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 26973c34add04279
.rtbsystem.com/ Name: ut-112-0
Value: 126DF2F4156A5DA51807C642228608B315657A6621937286131B098C4EB8116F5D2619FFF07EB30B2B5844DFBC31EA3BBEB4543EDFA550C3C9DB226EADF8E134662C89004F3CB66AACC115D59E2736D989352680C845AEA00BD635192ED8E4EB
.rtbsystem.com/ Name: ut-0-112
Value: B13D5799A50686DA0BDB02B115AD8459CB8CB294D6A40B5F2044206EB3E9F2438C0143698DC9CDED0B806A52A9D14FB3B476EE30DBB1870BA2244132CF1FE4B3
.sitescout.com/ Name: _ssuma
Value: eyI4MSI6MTcyOTcyODY2MzE1Mn0
.amazon-adsystem.com/ Name: ad-id
Value: A1-w_vByo0EwtumDiRJBpA0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.heraldsun.com.au/ Name: _clsk
Value: 1tzehnz%7C1729728663362%7C1%7C0%7Co.clarity.ms%2Fcollect
.mediago.io/ Name: __mguid_
Value: 9e90f00b17358a8b240njs00m2mjsah1
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcE8xcQyJdks0SLJyNDCItHS2MA0JcXYJC3FPNHQwtjIcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYYEl%252BUWb6IsfQxUUpaQyLSopPBZ%252BMfQcAl%252B0qhw%253D%253D"
.media.net/ Name: visitor-id
Value: 3727302631235232000V10
.sharethrough.com/ Name: stx_user_id
Value: a28e47fb-0262-4b40-ba7c-be3a16e0e6d1
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_750c22b1-919c-11ef-b683-12db0105501f
.pxl.iqm.com/ Name: outbrain
Value: MTczMDkzODI2MzcwOA==
.pxl.iqm.com/ Name: iqm.retarget.uid
Value: 6b5b21d2-1bf5-4fc2-8b2b-a5314c22ec86
.temu.com/ Name: __cf_bm
Value: 7dgvqxaziiRuSCWqyu7Eot.PPWFhcjC16ZOzRVsNf0s-1729728663-1.0.1.1-I_DmTbi.6xpxugPs5TaQMA0Ey5Cl.IRHCQce1.PdDDlBvxEEZT2i.EIxB9ukQQxLHHd6sRrsYfK65NRiz.VNyQ
.3lift.com/ Name: tluidp
Value: 3063166438561182893420
.3lift.com/ Name: tluid
Value: 3063166438561182893420
.kargo.com/ Name: ktcid
Value: c722d38f-29da-0c2c-5afe-a80adee53a55
.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898%2C17568988%2C17568985
.heraldsun.com.au/ Name: aam_uuid
Value: 20480451223360826752510154147301968325
.admanmedia.com/ Name: admtr
Value: 1da0a7df-4f82-4237-88a9-cef3c6970e09
.admanmedia.com/ Name: ac_r
Value: CS26
.csync.loopme.me/ Name: viewer_token
Value: 72830a77-9398-4d1c-b442-68a2905ad21d
.demdex.net/ Name: dextp
Value: 358-1-1729728662338|470-1-1729728662443|481-1-1729728662551|771-1-1729728662654|903-1-1729728662756|19566-1-1729728662859|23728-1-1729728662966|30432-1-1729728663068|30064-1-1729728663174|66757-1-1729728663281|134096-1-1729728663389|144230-1-1729728663491|144231-1-1729728663599|144232-1-1729728663704|144233-1-1729728663813|144234-1-1729728663932|144235-1-1729728664053|144236-1-1729728664154|144237-1-1729728664258|147592-1-1729728664360|461447-1-1729728664464
.adx.opera.com/ Name: UID
Value: OPUa036326d97f8493bbd3960b48878e442
.heraldsun.com.au/ Name: __gads
Value: ID=fff47dfb9365cca7:T=1729728664:RT=1729728664:S=ALNI_MZCTaO1n2jDbsr2QNV8ST9gWSWKDw
.heraldsun.com.au/ Name: __gpi
Value: UID=00000f51660bcfdf:T=1729728664:RT=1729728664:S=ALNI_MYB5zCaIz1D8NDhRB8q-sWGE9ws8w
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7715f215-1558-5805-7f3c-d93a5dcf8036.IiRBKFl77CdpzmhDgItGRP%2F3Ywcoo1MFmUSG9tuUAJA
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7715f215-1558-5805-7f3c-d93a5dcf8036.IiRBKFl77CdpzmhDgItGRP%2F3Ywcoo1MFmUSG9tuUAJA
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AdxXyFRVYWAV_PNk6Xc-ANpJGyGA.%2F%2FhP70e1%2B6XMW%2FuEbLEj7Qq2%2Bhq%2BBJRI6hi9syNH5UI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AdxXyFRVYWAV_PNk6Xc-ANpJGyGA.%2F%2FhP70e1%2B6XMW%2FuEbLEj7Qq2%2Bhq%2BBJRI6hi9syNH5UI
.heraldsun.com.au/ Name: __eoi
Value: ID=00983e95b35905b3:T=1729728664:RT=1729728664:S=AA-AfjbdUjfO4yru69Moghg4HPuY
.id5-sync.com/ Name: 3pi
Value:
.lijit.com/ Name: ljt_reader
Value: JjBLAQZHQ-y9SYidRCS__Ors
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGCfz6733-UFjnDd9abDjwbhs9m31DKLFX4u7Lazd87CEGcYBCCYoea4BjABOgRntaa9QgREP9Kf.eVf%2FiWO1W%2BEUT7%2FIlQgj2j9ZJfI2igkiBpAdVuaYkbs
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGCfz6733-UFjnDd9abDjwbhs9m31DKLFX4u7Lazd87CEGcYBCCYoea4BjABOgRntaa9QgREP9Kf.eVf%2FiWO1W%2BEUT7%2FIlQgj2j9ZJfI2igkiBpAdVuaYkbs
.lijit.com/ Name: _ljtrtb_80
Value: M2MJS9BS-8-9844
.insightexpressai.com/ Name: DW
Value: 00000000-0000-0037-8fea-fe1729728665
.insightexpressai.com/ Name: IXAI76586
Value: FTF
.insightexpressai.com/ Name: DW_Time
Value: 1729728665
.insightexpressai.com/ Name: TID
Value: 00000000-0000-0037-8fea-fe1729728665
.tapad.com/ Name: TapAd_TS
Value: 1729728665041
.tapad.com/ Name: TapAd_DID
Value: 963aef70-4ea9-4c98-8642-7a23ff8d548c
.id5-sync.com/ Name: id5
Value: dd9f59c3-a364-7cea-9b42-58a47da0919e#1729728662928#5
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiYyMDQ1OTIyMjU5MjIxMjg5OTYxMjUxMjI1OTQxOTM3MTkzNTk2N1IRCMKr896rMhgBKgRBVVMzMAPwAcKr896rMg==
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: aus3
.tribalfusion.com/ Name: ANON_ID
Value: aWnoeUujieTo7YxS4pFaMFiaA41U6VmS5uxMZbB3J
www.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 100
.ctnsnet.com/ Name: gid_CAESEDxHyn4WD2Ck742tkNo7e3Q
Value: 1
.fout.jp/ Name: uid
Value: 9SEDWlmEXH1DDs8cuCO5ojpDp6A
.yieldmo.com/ Name: yieldmo_id
Value: VeVZ0xxfUNxXKA3_OiQP%7C1729728000000%7C0
.ipredictive.com/ Name: cu
Value: 8366b396-8d3f-4caf-8be8-8a842ed9f6de|1729728665718
.insightexpressai.com/ Name: IXAI76817
Value: FTF
.rubiconproject.com/ Name: audit_p
Value: 1|E8eZQsPJCp5OIUq+ytClaEOEzWqaS11gvIZOcuWIoXw7TOgSXOiYi2Hr14og2m9bdHG9r9OglTdCqQ3+tQhlLHMDvubSxZCGJWkSFsieizIw5jwEueDKNLrQLKzGrY7RbEsxOZeIwtU+V3KjXAeGJazicIej1dQTmh5CbETL/1zBMsDegWVsweQzttegGEdFxcbfclI6WTBCmc8RYbSvgOXJgMYu/vVdaPPeOixKWnu59m8VDV+31rovheMeAkdRMLvaOPswof4FR70exBjAbNd1TAhklgXfusJyVRfjGn1NzmBpqKG5ew==
.rubiconproject.com/ Name: audit
Value: 1|E8eZQsPJCp5OIUq+ytClaEOEzWqaS11gvIZOcuWIoXw7TOgSXOiYi2Hr14og2m9bdHG9r9OglTdCqQ3+tQhlLHMDvubSxZCGJWkSFsieizIw5jwEueDKNLrQLKzGrY7RbEsxOZeIwtU+V3KjXAeGJazicIej1dQTmh5CbETL/1zBMsDegWVsweQzttegGEdFxcbfclI6WTBCmc8RYbSvgOXJgMYu/vVdaPPeOixKWnu59m8VDV+31rovheMeAkdRMLvaOPswof4FR70exBjAbNd1TAhklgXfusJyVRfjGn1NzmBpqKG5ew==
.yandex.ru/ Name: i
Value: B4hWHtHwiKK6CglVM9vUCbvZULkBAutBt7RD8iqDv/zbyZK4+rH0Uan0ws6tomGm7r3xo/MpdmIAQZE0k4/Rg7RTBFo=
.yandex.ru/ Name: yandexuid
Value: 4869538881729728666
.yandex.ru/ Name: yashr
Value: 5922008041729728666
.yandex.ru/ Name: bh
Value: EkEiQ2hyb21pdW0iO3Y9IjEzMCIsICJHb29nbGUgQ2hyb21lIjt2PSIxMzAiLCAiTm90P0FfQnJhbmQiO3Y9Ijk5IioCPzA6ByJMaW51eCJgmqHmuAY=
.ctnsnet.com/ Name: cid
Value: 4491a4a172b44cb8aaba04cbcdae3a0d
.ad-m.asia/ Name: uid
Value: YZA8XigDMc
.heraldsun.com.au/ Name: s_tp
Value: 14855
www.heraldsun.com.au/ Name: mdLogger
Value: false
www.heraldsun.com.au/ Name: kampyle_userid
Value: b269-3105-0b19-b8f2-1d91-c018-4868-40af
www.heraldsun.com.au/ Name: kampyleUserSession
Value: 1729728668337
www.heraldsun.com.au/ Name: kampyleUserSessionsCount
Value: 1
www.heraldsun.com.au/ Name: kampyleSessionPageCounter
Value: 1
www.heraldsun.com.au/ Name: kampyleUserPercentile
Value: 64.99605797586345
.criteo.com/ Name: uid
Value: c6c49393-4c58-4ca7-8141-ad0b10b96463
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIvJSnkMzyuT0QBRIVCgZjYXNhbGUSCwjAs6WazPK5PRAFEhYKB3J1Ymljb24SCwjiodKczPK5PRAFEhUKBmdvb2dsZRILCMSHm8nM8rk9EAUSGAoJYmlkc3dpdGNoEgsIjs20w8zyuT0QBRIXCghwdWJtYXRpYxILCO75tMPM8rk9EAUYBSACKAMyCwiW67bw4vK5PRAFQg8iDQgBEgkKBXRpZXIyEAFaBzEydWlhcHVgAQ..
.c.bing.com/ Name: SRM_B
Value: 3220B060381E6BD03D9AA542392C6AF7
.heraldsun.com.au/ Name: cto_bundle
Value: -q3-Z19yUExyZTlPZ2k4UGE4cWpsMXJ4UnFyYUxJRWclMkIwcjZqQUoxcDNkY2ZkbGhjendrUE5yYWVOMEo1TWlDN3hpWXN3Y243Wm1HQ2JaRyUyRnBXT0szMUF6c1FTZUJRaHY1S3BQbHM4RFFTWndCSXRlZ0M4QzJ2T0l0N3Vjek51bHclMkZUSFhhQkVDZ2JQbVRRVjNyVjBadXRTdFVOemdDS04lMkZYZnFMMCUyQkJzcTM4MFdBJTNE
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3220B060381E6BD03D9AA542392C6AF7
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

6 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=573509194775.0692?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=573509194775.0692?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=573509194775.0692?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://z.moatads.com/bonzai678688331786/moatad.js#moatClientLevel1=2666106558900752878&moatClientLevel2=2663757807404422135&moatClientLevel3=desktop_truskin&moatClientSlicer1=dfp_pg&moatClientSlicer2=wap
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network error URL: https://z.moatads.com/bonzai678688331786/moatad.js#moatClientLevel1=2666106558900752878&moatClientLevel2=2663757807404422135&moatClientLevel3=desktop_truskin&moatClientSlicer1=dfp_pg&moatClientSlicer2=wap
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14643376.fls.doubleclick.net
5e5a2302d9c6be5d3eab8b0e5bd66b7d.safeframe.googlesyndication.com
a.teads.tv
a20352597942.cdn.optimizely.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ads.playground.xyz
ads.pubmatic.com
alb.reddit.com
analytics.twitter.com
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
bat.bing.com
bedsberry.com
bidder.criteo.com
c.amazon-adsystem.com
c.bannerflow.net
c.bing.com
c.clarity.ms
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.brandmetrics.com
cdn.doubleverify.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.optimizely.com
cdn.speedcurve.com
cdn1.adoberesources.net
check.analytics.rlcdn.com
client.api.news
cm.everesttech.net
collector.bonzai.co
config.aps.amazon-adsystem.com
connect.facebook.net
content.api.news
ct.pinterest.com
d0.eu-3-id5-sync.com
d0.eu-4-id5-sync.com
d1.eu-3-id5-sync.com
d1.eu-4-id5-sync.com
d2.eu-3-id5-sync.com
d2.eu-4-id5-sync.com
d2n6ofw4o746cn.cloudfront.net
d3.eu-3-id5-sync.com
d3.eu-4-id5-sync.com
d4.eu-3-id5-sync.com
d4.eu-4-id5-sync.com
d5.eu-3-id5-sync.com
d5.eu-4-id5-sync.com
d6.eu-3-id5-sync.com
d6.eu-4-id5-sync.com
d7.eu-3-id5-sync.com
d7.eu-4-id5-sync.com
dcollector.bonzai.co
dpm.demdex.net
dt.adsafeprotected.com
edge.adobedc.net
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
geo.privacymanager.io
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
insight.adsrvr.org
invoke.bonzai.co
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
login.newscorpaustralia.com
logx.optimizely.com
massets.bonzai.co
mcdp-wndc1.outbrain.com
metrics.heraldsun.com.au
mhr.talk.news.com.au
mv.outbrain.com
ncg.tags.news.com.au
nebula-cdn.kampyle.com
news.google.com
newscorpau.demdex.net
newscorpau.sc.omtrdc.net
o.clarity.ms
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-config.reddit.com
pixel.adsafeprotected.com
pixel.zprk.io
players.brightcove.net
prebid-a.rubiconproject.com
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rm-script.dotmetrics.net
s.amazon-adsystem.com
s.pinimg.com
s3-ap-southeast-2.amazonaws.com
s3.ap-southeast-2.amazonaws.com
script.crazyegg.com
secure-sdk.imrworldwide.com
secure.insightexpressai.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
statsapi.foxsports.com.au
subscriptions.heraldsun.com.au
sync-tm.everesttech.net
sync.outbrain.com
t.co
tags.news.com.au
tags.tiqcdn.com
td.doubleclick.net
topics.authorizedvault.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.clarity.ms
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.redditstatic.com
z.moatads.com
collector.bonzai.co
login.newscorpaustralia.com
pagead2.googlesyndication.com
www.google.com
103.43.90.54
104.116.108.143
104.116.109.111
104.116.109.197
104.116.109.67
104.18.25.111
104.19.148.8
104.244.42.67
104.74.34.33
104.74.39.62
104.74.46.234
108.158.14.99
108.158.20.35
108.158.20.59
108.158.21.125
108.158.32.113
108.158.32.114
108.158.32.54
108.158.35.170
13.54.124.222
13.55.50.85
135.125.140.162
135.125.145.78
135.125.146.82
135.125.146.86
141.95.33.120
141.95.98.64
142.250.196.134
142.251.222.34
142.251.42.194
151.101.129.140
151.101.130.132
151.101.192.84
151.101.193.108
151.101.193.140
151.101.2.49
151.101.28.157
151.101.65.175
151.101.66.217
157.240.8.23
162.159.140.229
172.217.175.34
172.217.24.36
172.217.24.38
172.64.149.180
172.64.151.101
18.154.7.117
18.65.244.102
18.67.93.61
23.221.133.233
23.55.6.117
2404:6800:4004:811::200e
2404:6800:4006:804::2001
2404:6800:4006:804::2008
2404:6800:4006:80a::2002
2404:6800:4006:814::2002
2406:2600:7:100::1
2406:2600:7:100::2a
2406:2600:7:100::9
2600:1415:3c00:282::1ec4
2600:1415:3c00:299::1e80
2600:1415:9c00:286::ebe
2600:1415:9c00:287::1931
2600:1415:9c00:28b::ebe
2600:1415:9c00:28e::ebe
2600:1415:9c00:28f::ebe
2600:1415:9c00:7::1728:3448
2600:1415:9c00:7::1728:3458
2600:1f18:1aca:4281:c296:c1dc:696c:1893
2600:9000:2212:6800:4:77d:a0c0:93a1
2600:9000:2212:9e00:16:b51d:cf40:93a1
2600:9000:2212:e000:7:2bfb:7c00:93a1
2600:9000:25f0:e00:8:48e:53c0:93a1
2600:9000:2774:3000:1e:9240:9c0:21
2600:9000:2774:5600:18:1fcd:354:4b41
2600:9000:277a:2400:5:ff46:ad00:93a1
2600:9000:277c:1000:a:709a:e000:93a1
2600:9000:277c:2400:2:42d9:3100:93a1
2600:9000:277c:3000:2:42d9:3100:93a1
2600:9000:277c:8e00:d:5ce3:a4c0:93a1
2602:803:c006:158::65
2606:4700:10::6816:3556
2606:4700:20::681a:5a
2606:4700::6811:6147
2606:4700::6812:186f
2606:4700::6812:4139
2606:4700::6812:4239
2606:4700::6812:ba1f
2620:1ec:21::14
2620:1ec:33::10
2620:1ec:bdf::31
2620:1ec:c11::237
2a02:6ea0:db00::1
2a03:2880:f119:8083:face:b00c:0:25de
2a04:4e42:600::396
3.168.86.93
34.102.253.54
34.149.26.226
34.149.43.113
34.202.186.186
34.49.241.189
35.71.131.137
51.195.115.36
51.195.127.100
51.195.127.115
51.195.73.71
51.195.73.82
52.152.143.207
52.196.43.77
52.231.230.148
52.250.45.119
52.62.126.64
52.63.180.72
52.74.53.201
52.77.102.255
52.95.128.223
52.95.131.164
54.206.197.152
54.224.56.38
63.140.39.224
63.140.39.82
63.140.56.177
67.199.150.87
98.82.156.107
00515960b0c9ce184feeeee4577e84a230876eaeb419773dc9fb9f5f08dc41cf
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c
012966219189af8b33ed26ef1be764608c84871350582d6ad301679629a9027f
01538933a03c1f2e197385ee81199bac19bad7ca9c96462399bc1729424f132e
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
035675399800e3ae1f674fa492c731a97d18c40358fd47ccee65ffe31d5b3455
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
040828ed96eddf753ba7680e0d1046d69de4583ee364ce8075982379a2369585
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
074c8105e637af9a0b61007db8c601b0309f63b383df5ec70184dfdb83785dc6
098b6603a9b8d276718ee07bcdb4a898f4507b138131081e8c788049a2ebf984
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
0b4b958364c7c60cdfc6e33ea299781b8b764fa11ec8a4f5e8059e0c2b300149
0cb9b953f79237672294c2bb59891fa8feac894ce750f1a875f30e5b41fb1819
0cd07ada47102b3c1c867a98c631f1e933d7ec89c096cf5294bbe3d5163a6a4a
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd
0e53454a6a3599c9e3c46ed4eb2132a19bd03b72d6be5282a2d4fb093249751f
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0ec76d4b6ed8c436113f06a582c476855e784f3226de982d3df06453a35eae3e
0f073a026620057066cb4593f2416fff79782b62ad9a45fd4b1a56ad178dcdd0
10561e7f3c3150b1d00b73d5551955651f407cf6b8684f2ae100e3081ff9cfe8
10e1d59e15a77cee890fb49329f24258466921a046d32ab7cd9539af14945d9b
11364eb0ccb375ed954d862763a554376a7d9b7ee2b5a79557e86db70a362311
1205014d17b1bb03365f69446884487b28bcf1122e207e8975b92c45d5ea15ef
12c332cd386d84b39668ef11d0b08bce8d2905fc06aca2d5cd9284f773b1562c
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
1426f89c1ad2aba1cfec5da8de020d1e1fb8a7e3bc4540fafd0c4550782c59e6
15616bd182d6f017213b7a26a288b15c3248d68ce9f563e86b143e26190df42d
15d5b33bf043de02dc9ac4a0ea9e0a3a8163f6ff3ed238dbc828c0a5139d1d7c
16832f835fc97c425352dcd5fe00d30cb6ccaf0c70ab7651974e02e7ba88cbda
193c5f20f0b5ddb4299214c506e52d7b33dc94757d121ddd8103d8163cf7904f
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7
1b6a9b2842a91f58414e31a83ea6c7832694fc8ee3c7cceccded6b3a2caa1450
1b88ed36d56ba0576ae097bf8e60c156a347d0b162970b4e512ba6a5d967bac5
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1dd77277ff82fb5d8efd81c42e455b018c203052b947039fbcaf99b92a6c763e
1e7fc93c689c90fd9dd4c28b974050a523b88d9dea143c16d1fbcda36a6a8cf4
1f0e7f108bf2c55c8fcc800e98d9efee7005e91cf92d11770d55487e4ce16725
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb
1ff01e11d2270b2a1e9089262165cc3df9d3c29ce40f231ac6c7aeafe190bd61
22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8
2298e34de9a02c34d141e3b3c80b9436dec078a71bec49e2172549f46b0edcdf
23632298a968545abac13f897d144ed3e70df843d2d42a407194b21305233645
23ca406ad8056b9e5395b9bd47c5d3dbf8f17edec80d7e2a80603c9e6c68fdc7
24dccd731e4b42b3c3e43cb9ac9205879143ebb4de7658ab9222dd3b0458b086
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26a1033a756249e223ffbab2b723460bb520f651276d65e9d1b1157689ab6756
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
285eb331cbbad9e0460eaf8cca7512ebeea7d8072608870886bb0e5ff155413f
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b9fbd39a3c6db3532dc814429d0b089903ada15ad4f9709f4fd98bc2a2bbfe1
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3
2c7d94cf72290f0afe885cac865b79ed0faf8175005d60abd2c9d8471f2f8a3e
2e79e8f88809f10c0c0710e3489e1fd554d92670c8740c18349ec47b33a52b1b
2fdaa3a4b792b4ebdd91a442ae99712c1f4fda39227de9af3103dba52caa7417
30f9c7848ce25d092c8cfe3010c90dab25d77fca13bde43ec1ad5986112ab3f2
32cd61c8a4f8c882793e8aa7bfb72137ba3ad3bf2a60a02af4911db522979aad
33550cc48d1c6e7ee899fcdcd8adf7900b8bec68108dd946a92733359d3058a2
35a9c3e59969721a5bae44022ed4734f89c8e2177c4d818bc84937921f852c58
35bfa7667debe721daec994bce4582005c529d188c6a8fafe4f82282a5229c62
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a
3702b18678f08099de9b74acfcb8dfd52fa6880ed3100fe636e5ebb37512695f
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3814a38c5f6c25c1138517ba2b887536b0be9cc8333ee26cc5e769423daacbec
39de8fe1c33544f2897d96eab2295bb56635b2c8ee4a5c7099407507e8746fb1
3a99c59035afe08394af0df08cf38548bbfcfdd86680d98f632f23951c2298d3
3bf4ca5019e61a74b2a52ed0de5170967421ed774594428ad5f8a3b2bf72bced
3ccf46a9cb49a5a9c413deceeb55ed0ccc8e07fbe4176afa6e93076448c350a6
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43
421c66dcb237d7e017c2a648019f0e8902c87ffeba0564f40516ecea6b202517
42936678e6e40484727f1d9ca60ce473dbd9eb97f60035b82b9630322c72acc2
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4361a8e30d80c52fb0677215894b18280e7d9c8f94e89626479258820969ced0
43b14284e0a2538651c42951f6f6246d26f426f22f1cd116f9a03af71846f15e
44134a27080481601848e49d2d6021a1abbcc683c25f75f797be0fe32bf27bc3
44136c47f5ff1bc9889674fb5846427604f672b4a9b1e3304bbcc9ac1cfe8209
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44bd16ec29495234e087d137d3b053479988bde017d2f0e882897cbc8e1a5e2c
453ac8f426f85203c18a7613451506d2055622ef50239f472d4a92300da8939c
47b0099f464d24892418ae25aac8f791ee7504e1786989d5d9e619ae260e65e6
47da335a89c20bd0deecb63a13b4255aeeae5fd1df10388ba99f52ee2dda8a0e
48fa411d21c1cd5a01d1a73544d69a664cac0ec632d4059b894b0059ce64e772
490954563013c39f826605c7a17570e4a71301e4432a49ee4b07b00d0460c03a
495900a276e6fd4db3a909d90cbbacce932c24db77169024268d54e0ac73ee4f
4a3d37bb3060d3890a88ead4a5de72430686740a2c02518241c5392d5150facf
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a
4c114206b5af764408aa918f6e923d40846d6d21958c2ce8ab7365cedede6f44
4cdd9b6ac8a83eb3aa989f19605ba52ac3f01a0bb2a73bb1deb1dea8d1518ff5
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4deac7a30fd0f21abc67c91a422011f0a568fe338b25455d3f911ec90e3d515c
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
4e6fcf939ccf60a1338da1a183af754e88fa9a714da348a0d13a36af304216dd
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fb213515157554d34009a1d86a8759ee8bd532221907176e8ce89271d3d7c65
5139383f772d94c6eaced5934b56d2cec4b67cf3d43b7ffcaf1fd9018bddd506
52672673bb2e2c369b1b964258bd987b5afc981ffeba7a5c5ac21d8fb3498380
52fa58c05a84270e7a965601a98c2bc9203628db57346a38f5b98a8490408ebc
544d7a04adcbb30a6a6bb59c4e6b02d12ee4cfbe8e2da4cd392ee3536bddccba
559a24e9fb260ed82f2d91adb2fc157e21c5d8865f84e29ba545a616fa6be09f
56f1fba775d8ddaef8a95da0f7b87008c3440463b2999500397f78514e9180f6
57fb3fa12f9e3aa665f8f56db2501c3b9b6a28a668049d4a6ac05856e1fb18a9
57fb4792dcc9319cf558696d779009392b16b7525f0e2d9303ceeea26395ae07
5bf323f64158f948068d5d536a049ddd8e8cc9a7d814d683595bcf7983153f68
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fb53e0ee3d5d2c7593dc6e3a24d4a59612ce85727ab88d2a024f7e5877a2f2d
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
603fc565806e291180062d072e5a4ea084fc69a2b916975026ea7e94ebe04a3b
62cdd922047a534ff8783f5b409d1541c69e26fca059a3a0ba786638b189cee6
63c0cc5e06cb36ca4f6dc793280e81511b28378cf3f9cd29094a36647d3fb46c
646de26aca05b66f1af42326f476fa9e9fd0fe1ae0e6b84c8df43a371fff71ab
6562868efa12dedb1e9505bd9836de90538d6b1783f3bf8d6e0d013b96afd1af
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
6655ef3bf169f6c264ac3247a09836d290d04bd308c2a8119b637eabfe0a7ba9
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
67b9635b38d68a49ad3296f4157106c75441565293192bf1bd251dac723dc72f
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
690d728c649b8a849100690b368118ae3d890075d1e56beec18e77d1d85f3d2f
69457da1386fe8c2e7e7f36c826e462348d382ad28175cfed0e106243e3a9a20
6a15c66a31808c0571ca987d3e7d7043c94123567eb2d2534f9e706671b5abd7
6a66cfd3baa2ceb9836c31d0c9f3cdf55ce4392605ca499cafcfb2f8e2299f21
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6b7aa615cdaa53d884b03a52de9116e66ced911ecba1e231ef4b46255099a42d
6b8e98f56a1ae9ddeefc6fa70f1a12657c12cee8038f63b31cac4941077e9e0f
6c8978da2e78e91e5bc6c82a344c8ade4654055f523135fe4434ad503b1ed525
6e248a8753ca54a8f29001df93bb1434aedab002f64b0f49804c6a8162ba7dad
725cedf861f5608cc6a06e27059bb7647efe1d7af01a49744997a58dc2f79d1d
73c992121bc16342feab123615f72c92bf46b9f89bea6a8409cec40bc1aab5d5
74f0635d38834e540c1435b177fb8b4289d5d465a6688c09734f139f3a9ddb56
774b97b71d3de8625578dcbff0d71d28e48a0766abbea586e4651f9513558035
7861aa336f6a1dd7233f68606fb6ea40bf6f0fb7dc05d4320dcfb763cf45224d
789fdaca98f0053076aae5267d8e5af5c31dd5ae1f77bee4d51ffea8374e0e88
792e548163bda85401efb84a13a1b67f1c48befdba16c266d3771c9312f6c328
79f951e8d5d7f236582e9c3fc4d7ecb28362c173ef5989c915b36f1d044e5c6a
7b51daa2b58be074aa96fcf2bff13469142662c58b70ff6b9f18955b9448e842
7b67bae1bdc13f5b0afc829b311c3dd3b6359a72eed8445a87492c2f6ff065f6
7ccb570a5a9a9016eb61ddc894fb950da6f70c4651da617a7b4e91b5f680c363
7d2d80f36f0d24d212d7970d9189bdc36416fc6ecbbf8c96e12cf3f56bf9c9e6
7d9d21605452d04658cbf5be9a07e429fe1b6a5ea435a079b645a1b938f122c6
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
81e7130c9ca57a6d0c53cf0e349f6eae2b2cbe189b7872132c9062e132cdb672
82d21d837dcf217c3f9d0b1e9f7ee50c86cbe7f26aa6ecc5e928cc8d60d55e73
82f8f05cb702fddf5599e01c8f5a16e47cc59c8b77a6f7e39afdfdc0e3abc82d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833740144a8433071f624673879fdbe0c67004801646e63a8eaf71b3fb9985bb
8369b4de78e42f3f6eeca0e442bbf953c47124769ee63a11a1b3141d01574c3b
848dd0347c6f08c8d9dac84d7727ee5a933f28f47f4597639ce00b035740d0c3
857f2d5177e69703aadc81bc11646b4bc0bd46c46f2388f27c9cffc66ffce659
875e2dbb46ed3ac5de6ffb948be3670674574c75bf0c963ad68edb8832f06d44
87c8ddabc3b0867256ac13945528f0d652d6777428003103d891291ba7c25e8c
883188771890631548f5b55486402c92532aef177353ece05507882de4bd5e9b
88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf
88ef66930de209e8aa2068c8abc9e7a601be489672bcda0f2bb1e903fecc2fa8
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1
9464e090618d205f309d2c0b9c348a6d4ac1e1a1df5d5ac897edf1a0faddec79
9550e9a27d8b3e72027ffc85107f30c96ac0e601a894caee99f71adb87d21936
95a08a212ec52d96a615c067860844cabd42cd3c99df8b70833d02e827c953cb
9659927633b64bb3f9c5de0f3a5c1a4c4dee37c54b7bb476a455ace8654d521c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
997fd3aab65bafb174d1de27fc119e6c0f537910fc43ba067420412f1f35dda2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f17c195b57141399fe1e04d1d0b3de16d825e0d5a4c1a992f2ba4b0b63df2f
9aca17efcbc0f70d983a3bbca86f52bd054de1fab4a12b0a975cfc2d5d8b3eaf
9adf77add5f442574735f5fd2c07d13a3a44572ba1553c77e92f43e6d6c2f25a
9b94da7cd3af5edde434f7515a419b0e8351aeb8ddc7c3bb2a719d592e465caf
9b9ac1a13becbf27465f166564d0ccc0415a3ff9acfc27c535787e9cce8b8c13
9c446d5e057c9fa174b62b807a795fdd67c8fd117520bed37e43d6651a911da6
9c557e5834134ee3ef30dcad545fd252013022a5c346e4730ac2b9f7e300b520
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
9e02b4a68451198879b768f76ce6a8f1c644be757d46e8dd3734777996cc92f2
9e54e0a04fc25c69b9a29cf4a6d32d0054169abf91e713a499f6dce6908b23ba
9f51e4d77e383939686207212137a76645a965f9adae89629240c8a62530deec
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a088bc997c857c75b86c0867dd870bd8b708eebf704a892b2fa6b87b04c62cc8
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3c62af03c31f2380535ab076f01f8a7f62b3c0de24a470fb70607a12aba5445
a4916cd004bb774fa474d4bb0ad789bf42e4740b8598b9d0708c4cd20eaff81f
a84f088ec44c4d44b8741b4e9b5e444c1f598b5a9d5a3a292eaab28051438c11
a97850cbace25061a54450f46bf77ffa1a90630ffe6205d88248ed138d9e8064
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
abacf250d50fb0fcb7d95bf85146ce5ef54ac8954c2a0a0f1810339bbab63f00
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
adcb0f05bfd16a160466054ae7d7c5081b041b7b00dbc72ebf0b3f8a44cb84ed
ae023e590bdc03280634be3ff1cf14d2478200705d50179a9a2a521db69a6484
b12220610e1e665dfb86a75ff74ebddbec236bdc273121f967c55148c96987d7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17a7e54402f7e995957367dbcab5a87af22d98ee99f38ced0922f7a8888ef8e
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
b3cf90d60d7d1b6d19b0dfd9544558a75547dd42929fe99ee42f4d444b575430
b3f8887ff1740194500836b11927281f78df0c4b85d0a4d32eeba1386845c8ae
b4483fd108fc33c933efe5c6b8d99defd2737fb2fdcb8414b2ba9911f52fd5d4
b4fb02f3c4ba1472d84ff6dfd6d8abcc722e7f99c80c37819b65dd88f2de65cc
b5c572fdf7fdf76b03a5c552569a991a5ebb1aabbe840d9b1602f8e8740c32e0
b5caf87c23afe05fabd8fc2498af2c877ff7e016807967f41a9908c16f2bf5ae
b5d354f1ff2b84dc02b7f1679bab76c7f7424a3b78948785e1ef5580fd379ad9
b693ff17985bc54be8d357b5ac2ddc78e06c64df046d38aadad3d9bee7ec2439
b6d3022dc9da3f2df2569ca9ffb2a55f86a7f93d424ce5e19664467becbb2cba
b6da3243fb9049fc1978cee179333de8ffd749810f55dcaa51d7e339ba968c68
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b770bbaa551a531819d5760dee31f35917591c94a47b8d9b59965b56f13a21fb
b7f3d4a89ece6736955d1cdfc3095fc5cd7633c7de02f460d4150a79d3c3d4cb
b8464dcb7e2e01bf45bea28cd900120b54874408b41a83ccd573931cae12fac8
bb54b5d6cc7b085d3aa01f3f1f0b99a4ad0ecad835ae331f27e1dbe33296c92f
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0
bc50ac6bdc60d17d5112f4427769f1d22385fc6192b24debe955243cd0e0f93b
bfb5a860c4f1f3c0e716dbcea977b8a4cf59a64b5291995f97932950a1d688eb
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c20da9181ec516eadd06d677897e0df697aeef1e9d7073c8ed83113af741f519
c3a1f73c53fd401309ec9fa85a3ff194f4a89313d5ecd4a08f9a9c0fa3fb2714
c45058661b7496afbd49da9a59ee9979b61465258dc1ba37d548732198c275f2
c785d49174d00ee2df95d3d20de0155e95f999b16d35f8834837675afbbfc029
c8458cb3a3d3e4ee20b038f6aa252856d75cc4394639eb29a72f08345ee50bfe
c91f2474e79038b249d857d639bfabebc84250edcd47065eb19084c90ca3a91a
c98e6603fd49de651e18dc99bb708193a316e0f75f3586a5fcb34888f8368361
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca4e4224aaa0e3b5a4cbeda8613aaf7d55729816466bc084433d72675853cb4c
cb6f723a4efe0010bf2ede04ea9b353a5408550ae43b102b36ef92110e638757
cbeadeda8182f40b397de77bb9d2c050f02b49ad92805e9ebcd2302f30f1d7c8
ccea63ca0a7054548a1eca2920d803cb20259cd3cdab12903b7a436d774eefb6
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
ced3b19dbaf9805d635d9b2e6af1d83c752d8e677ef41728c3aa1e5990f6ff3f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa8a6cab6d3accfb28d9764b51075ea49d7aad9a671a30a4da3cf2f0920e280
d0f04dec43134913ad8a1da87ca1cb4eb30753050a2d0d2e5f0c0dc5ba941c30
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d16aba19f0cc9eff4df4ccfa2abd018046dd1433298d86fe34495ee91c56275b
d183d932db0437b3dd66a5475c01d1b5e2777e3a5b6da2d10bb0d489773c715c
d1f166e4555b8611bec2934bfb54bc6ea9f214415e3d0fed4f82456a7730591b
d207aa8b03fc309c866e75e437e7a928c976399c3f469eb3932897b2e3fa632b
d248502b57238172e3d927381423c17fcc3538bb0fcdcdfe22f7f8ad00ec68c6
d3d6922dcd19b6fab55b14e2d9154548cc0f8c1e9e0064e9b4cbbd8d36dd464e
d45c970754b1c9d73f6cd8b1e508b949a38c38beb0c94b9f436eab85795b9c41
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d55d30f6a858a4cf5d8d67a0462072a2def6e48b7ab0f714c7c91a41cd556386
d5f1eaba202b7ce2050eeaf685c53727f235a13b397403ea980fa7d272debda3
d6a2262db41d6daa01a55bff2ad51439054c6b051f070f0b2c3ecb7a3c482489
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510
d9f8c3a55321bbb56396e34c6b1d34a98975205c47d54453707d7abce4e92507
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
da52f4819a6e7f4829e15eb8680bea09248712abef3daf813e3ac9ae5d9c426d
dad10a832ba51b5db08691887a58b582022dd25c7849e0dd70f1ff8484d74a2c
db66bcc0be3d8c0ebef24695348e506fc4e08e1da99455465f097bd34f9a7424
dce97af42f431abedfdfb718cc3918b8d72dff4ac1275f7a582ae46c4bb0b403
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dde773cbf10e110c07d568df6d39b830fcaa31913f871f6cc96556fcad2838b7
de78015446ccecc504efeba09653cb46a22d7a7b965c112bf2e336cd7e68514d
e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4210233f04de7043313314cd03e019da34c04961fcdbd3a95d9b2ef5b92925f
e48bc797b5bc99079f4cf9b04d78f0db00f5433623a4c853daad9598f24f809f
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e6e41ceb3c0b66c9ff38173d37833e764d8e80c26db337c9d08f29247672c50f
e76eac9832bef72153fd582a66ab73c92f0041c3f374bddfe5a4a6d87371206f
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
e8c2b09805222af84f814e922b1c551a12c39bc10c5d1634513781f77829c4a1
e90ab85fe566782e65b68b5d8d2f7961931f7a1c962579aa5003552143a7589e
e9bf5d849e23b18dbf6b56d9d0755f6422a528ade11a56339a63b243b159af25
ec507769a372c86f89578a3e9982d6443c5c1afa97e5e8c4ae102e7595dc0dec
ec6a2ffde954e5ffa0d8f304991b5fef4c88b55c11ce56630fc425dfac1194b8
ed2a473cfa3c4774bf40ecd7bf40b712194e6fb12bfe8da6be047d867a7baa61
ed7f50665d95f6619c50a33e4d18834e6288066f031a1a70104adb2ca883c625
ee472dfdc2f730a1b1c87d81fd2e55936c747bc363a2ebe34154d5a40d080203
eee86d9e977a1a015c82f82072cf101f840cb9a2faea377db968d617db79b8e2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d
ef7849df10429e7efe676feafc2f2a6a676bdeaf34f4932ca0cae909be573cde
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f4cd2b3a7ecd9e189a4335aca67202ddd4803525c0d56d51ea80f3f247e946fe
f64cf6864b90f63061db2e3623aded6cf537d69a855d5c60f767ebbaf0987b3f
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9
f7396d221d4d2ac32b9336fc2c509a6c059ba98f5b4606059a0f955ec0148004
fd08970bfc4c90d6b61f3960d996e37f65ab6b2cf89c9799124d981202d1d442
fdadeba727a1fc1ca6763f597ce67219913281b9941dd02b49e235eaed22d602
fdba8926b943ef611fc6efc98f34bf6b946006bca29a6ca711c03f94e9b770ba
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99