urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
173.222.192.149  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.hastingsleader.com.au//
Effective URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Submission: On July 11 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 96 IPs in 8 countries across 61 domains to perform 240 HTTP transactions. The main IP is 173.222.192.149, located in Sydney, Australia and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 800778.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 6th 2023. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 165.69.249.4 16509 (AMAZON-02)
4 47 173.222.192.149 16625 (AKAMAI-AS)
1 151.101.2.217 54113 (FASTLY)
3 104.18.24.111 13335 (CLOUDFLAR...)
8 13.35.147.40 16509 (AMAZON-02)
3 23.46.33.181 16625 (AKAMAI-AS)
2 142.250.67.6 15169 (GOOGLE)
1 4 204.79.197.237 8068 (MICROSOFT...)
2 157.240.8.23 32934 (FACEBOOK)
2 18.65.244.42 16509 (AMAZON-02)
2 44.208.169.25 14618 (AMAZON-AES)
2 151.101.1.175 54113 (FASTLY)
1 172.67.38.106 13335 (CLOUDFLAR...)
1 23.198.63.128 16625 (AKAMAI-AS)
8 142.250.71.66 15169 (GOOGLE)
3 108.158.30.125 16509 (AMAZON-02)
1 108.158.20.32 16509 (AMAZON-02)
2 172.67.69.191 13335 (CLOUDFLAR...)
1 151.101.28.157 54113 (FASTLY)
1 104.99.59.32 20940 (AKAMAI-ASN1)
1 18.65.248.189 16509 (AMAZON-02)
5 18.239.199.5 16509 (AMAZON-02)
2 108.158.32.127 16509 (AMAZON-02)
1 18.65.244.111 16509 (AMAZON-02)
2 151.101.1.140 54113 (FASTLY)
2 104.19.147.8 13335 (CLOUDFLAR...)
1 108.158.14.99 16509 (AMAZON-02)
2 173.222.192.243 16625 (AKAMAI-AS)
1 142.250.204.8 15169 (GOOGLE)
1 13.35.147.31 16509 (AMAZON-02)
2 18.155.192.129 16509 (AMAZON-02)
4 13.35.147.41 16509 (AMAZON-02)
1 117.18.232.195 15133 (EDGECAST)
1 104.244.42.67 13414 (TWITTER)
7 142.250.76.98 15169 (GOOGLE)
1 142.250.204.2 15169 (GOOGLE)
1 151.101.129.229 54113 (FASTLY)
5 162.19.138.120 16276 (OVH)
1 34.149.26.226 396982 (GOOGLE-CL...)
4 157.240.8.35 32934 (FACEBOOK)
5 3.104.129.195 16509 (AMAZON-02)
1 18.67.113.58 16509 (AMAZON-02)
3 54.253.138.55 16509 (AMAZON-02)
2 18.67.175.105 16509 (AMAZON-02)
1 143.244.62.6 60068 (CDN77 _)
2 23.198.59.89 16625 (AKAMAI-AS)
1 172.64.151.101 13335 (CLOUDFLAR...)
1 182.161.73.145 55569 (CRITEO-AS...)
2 69.173.158.65 26667 (RUBICONPR...)
1 207.65.33.78 62713 (AS-PUBMATIC)
1 173.222.193.119 16625 (AKAMAI-AS)
1 103.43.90.53 29990 (ASN-APPNEX)
1 52.76.223.94 16509 (AMAZON-02)
3 13.107.42.14 8068 (MICROSOFT...)
2 13.107.246.31 8075 (MICROSOFT...)
1 54.166.90.195 14618 (AMAZON-AES)
1 18.65.244.119 16509 (AMAZON-02)
2 151.101.193.140 54113 (FASTLY)
1 108.158.32.100 16509 (AMAZON-02)
5 151.101.64.84 54113 (FASTLY)
1 2 209.54.182.161 16509 (AMAZON-02)
1 2 142.250.76.102 15169 (GOOGLE)
1 63.140.39.130 14618 (AMAZON-AES)
2 141.95.33.120 16276 (OVH)
2 20.114.189.70 8075 (MICROSOFT...)
2 51.75.89.127 16276 (OVH)
2 51.75.92.187 16276 (OVH)
2 51.75.93.98 16276 (OVH)
1 51.75.88.178 16276 (OVH)
3 51.75.89.23 16276 (OVH)
1 51.75.92.37 16276 (OVH)
1 57.129.23.120 16276 (OVH)
1 57.129.22.38 16276 (OVH)
1 51.75.93.54 16276 (OVH)
1 51.75.88.190 16276 (OVH)
1 51.75.95.135 16276 (OVH)
2 182.161.73.129 55569 (CRITEO-AS...)
1 142.250.67.1 15169 (GOOGLE)
1 52.63.244.82 16509 (AMAZON-02)
1 63.140.39.117 14618 (AMAZON-AES)
3 3.219.105.60 14618 (AMAZON-AES)
1 3 35.71.131.137 16509 (AMAZON-02)
1 151.101.0.84 54113 (FASTLY)
1 2 52.231.230.148 8075 (MICROSOFT...)
1 182.161.73.136 55569 (CRITEO-AS...)
8 172.217.167.65 15169 (GOOGLE)
1 35.241.45.82 15169 (GOOGLE)
1 63.140.38.189 14618 (AMAZON-AES)
1 18.232.189.0 14618 (AMAZON-AES)
1 1 52.220.36.221 16509 (AMAZON-02)
1 13.35.147.54 16509 (AMAZON-02)
13 3.221.206.111 14618 (AMAZON-AES)
1 172.217.167.100 15169 (GOOGLE)
1 54.151.251.104 16509 (AMAZON-02)
1 173.222.193.77 16625 (AKAMAI-AS)
1 23.198.57.183 16625 (AKAMAI-AS)
1 172.64.149.180 13335 (CLOUDFLAR...)
240 96
2    165.69.249.4 (Australia)

ASN16509 (AMAZON-02, US)
PTR: ip-165.69.249.4.news.com.au
www.hastingsleader.com.au
frankston-leader.whereilive.com.au
47    173.222.192.149 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a173-222-192-149.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
tags.news.com.au
resourcesssl.newscdn.com.au
client.api.news
1    151.101.2.217 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
3    104.18.24.111 (None, )

ASN13335 (CLOUDFLARENET, US)
bedsberry.com
8    13.35.147.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-40.syd1.r.cloudfront.net
tags.tiqcdn.com
3    23.46.33.181 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-33-181.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
2    142.250.67.6 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f6.1e100.net
ad.doubleclick.net
4    204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net
2    18.65.244.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-42.syd3.r.cloudfront.net
au.tags.newscgp.com
ncg.tags.news.com.au
2    44.208.169.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-169-25.compute-1.amazonaws.com
pixel.zprk.io
2    151.101.1.175 (San Francisco, United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.198.63.128 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-63-128.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
8    142.250.71.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f2.1e100.net
securepubads.g.doubleclick.net
3    108.158.30.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-30-125.syd3.r.cloudfront.net
c.amazon-adsystem.com
1    108.158.20.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-32.syd62.r.cloudfront.net
ats-wrapper.privacymanager.io
2    172.67.69.191 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
1    151.101.28.157 (San Francisco, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    104.99.59.32 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-99-59-32.deploy.static.akamaitechnologies.com
snap.licdn.com
1    18.65.248.189 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-248-189.syd3.r.cloudfront.net
static.chartbeat.com
5    18.239.199.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-199-5.sfo53.r.cloudfront.net
static.adsafeprotected.com
2    108.158.32.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-127.syd3.r.cloudfront.net
cdn-gl.imrworldwide.com
1    18.65.244.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-111.syd3.r.cloudfront.net
cdn.adsafeprotected.com
2    151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    104.19.147.8 (None, )

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    108.158.14.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-14-99.syd62.r.cloudfront.net
js.adsrvr.org
2    173.222.192.243 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a173-222-192-243.deploy.static.akamaitechnologies.com
s.pinimg.com
1    142.250.204.8 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f8.1e100.net
www.googletagmanager.com
1    13.35.147.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-31.syd1.r.cloudfront.net
config.aps.amazon-adsystem.com
2    18.155.192.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-192-129.sfo53.r.cloudfront.net
geo.privacymanager.io
4    13.35.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-41.syd1.r.cloudfront.net
au-script.dotmetrics.net
1    117.18.232.195 (Australia)

ASN15133 (EDGECAST, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
7    142.250.76.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
googleads4.g.doubleclick.net
1    151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
1    34.149.26.226 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.26.149.34.bc.googleusercontent.com
api.rlcdn.com
4    157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
www.facebook.com
5    3.104.129.195 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-104-129-195.ap-southeast-2.compute.amazonaws.com
pixel.adsafeprotected.com
1    18.67.113.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-113-58.syd62.r.cloudfront.net
aax.amazon-adsystem.com
3    54.253.138.55 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-253-138-55.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
2    18.67.175.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-175-105.cgk51.r.cloudfront.net
au.audience.newscgp.com
1    143.244.62.6 (Sydney, Australia)

ASN60068 (CDN77 _, GB)
PTR: 109632633.syd.cdn77.com
topics.authorizedvault.com
2    23.198.59.89 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-59-89.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
2    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    207.65.33.78 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    173.222.193.119 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a173-222-193-119.deploy.static.akamaitechnologies.com
a.teads.tv
1    103.43.90.53 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
1    52.76.223.94 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-223-94.ap-southeast-1.compute.amazonaws.com
g2.gumgum.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    13.107.246.31 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    54.166.90.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-90-195.compute-1.amazonaws.com
ping.chartbeat.net
1    18.65.244.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-119.syd3.r.cloudfront.net
rm-script.dotmetrics.net
2    151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
alb.reddit.com
1    108.158.32.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-100.syd3.r.cloudfront.net
cdn-gl.imrworldwide.com
5    151.101.64.84 (San Francisco, United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
2    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    142.250.76.102 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f6.1e100.net
14643376.fls.doubleclick.net
1    63.140.39.130 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-130.data.adobedc.net
edge.adobedc.net
2    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
lb.eu-1-id5-sync.com
2    20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
t.clarity.ms
2    51.75.89.127 (Germany)

ASN16276 (OVH, FR)
c0.eu-3-id5-sync.com
c5.eu-4-id5-sync.com
2    51.75.92.187 (Germany)

ASN16276 (OVH, FR)
c1.eu-3-id5-sync.com
c1.eu-4-id5-sync.com
2    51.75.93.98 (Germany)

ASN16276 (OVH, FR)
c2.eu-3-id5-sync.com
c6.eu-4-id5-sync.com
1    51.75.88.178 (Germany)

ASN16276 (OVH, FR)
c3.eu-3-id5-sync.com
3    51.75.89.23 (Germany)

ASN16276 (OVH, FR)
c4.eu-3-id5-sync.com
c2.eu-4-id5-sync.com
c7.eu-4-id5-sync.com
1    51.75.92.37 (Germany)

ASN16276 (OVH, FR)
c5.eu-3-id5-sync.com
1    57.129.23.120 (France)

ASN16276 (OVH, FR)
c6.eu-3-id5-sync.com
1    57.129.22.38 (France)

ASN16276 (OVH, FR)
c7.eu-3-id5-sync.com
1    51.75.93.54 (Germany)

ASN16276 (OVH, FR)
c0.eu-4-id5-sync.com
1    51.75.88.190 (Germany)

ASN16276 (OVH, FR)
c3.eu-4-id5-sync.com
1    51.75.95.135 (Germany)

ASN16276 (OVH, FR)
c4.eu-4-id5-sync.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    142.250.67.1 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f1.1e100.net
a1f9057a7056edf4b53110c249ae7986.safeframe.googlesyndication.com
1    52.63.244.82 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-63-244-82.ap-southeast-2.compute.amazonaws.com
secure-sdk.imrworldwide.com
1    63.140.39.117 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-117.data.adobedc.net
newscorpau.sc.omtrdc.net
3    3.219.105.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-105-60.compute-1.amazonaws.com
dpm.demdex.net
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
1    151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
2    52.231.230.148 (Busan, Korea, Republic Of)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
8    172.217.167.65 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f1.1e100.net
tpc.googlesyndication.com
1    35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
1    63.140.38.189 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-189.data.adobedc.net
metrics.heraldsun.com.au
1    18.232.189.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-189-0.compute-1.amazonaws.com
newscorpau.demdex.net
1    52.220.36.221 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-36-221.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
1    13.35.147.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-54.syd1.r.cloudfront.net
check.analytics.rlcdn.com
13    3.221.206.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-206-111.compute-1.amazonaws.com
dt.adsafeprotected.com
1    172.217.167.100 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f4.1e100.net
www.google.com
1    54.151.251.104 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-251-104.ap-southeast-1.compute.amazonaws.com
usersync.gumgum.com
1    173.222.193.77 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a173-222-193-77.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    23.198.57.183 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-57-183.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    172.64.149.180 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
Apex Domain
Subdomains		 Transfer
24 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 1088
cdn.adsafeprotected.com — Cisco Umbrella Rank: 6504
pixel.adsafeprotected.com — Cisco Umbrella Rank: 1138
dt.adsafeprotected.com — Cisco Umbrella Rank: 990
132 KB
20 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 800778
metrics.heraldsun.com.au
203 KB
16 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
a1f9057a7056edf4b53110c249ae7986.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 211
163 KB
15 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 126738
88 KB
13 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 215
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 279
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 1009
14643376.fls.doubleclick.net — Cisco Umbrella Rank: 164435
221 KB
13 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 114707
ncg.tags.news.com.au — Cisco Umbrella Rank: 233833
254 KB
8 eu-4-id5-sync.com
c0.eu-4-id5-sync.com — Cisco Umbrella Rank: 375515
c1.eu-4-id5-sync.com — Cisco Umbrella Rank: 379447
c2.eu-4-id5-sync.com — Cisco Umbrella Rank: 375516
c3.eu-4-id5-sync.com — Cisco Umbrella Rank: 364388
c4.eu-4-id5-sync.com — Cisco Umbrella Rank: 379452
c5.eu-4-id5-sync.com — Cisco Umbrella Rank: 375518
c6.eu-4-id5-sync.com — Cisco Umbrella Rank: 391897
c7.eu-4-id5-sync.com — Cisco Umbrella Rank: 387596
2 KB
8 eu-3-id5-sync.com
c0.eu-3-id5-sync.com — Cisco Umbrella Rank: 391894
c1.eu-3-id5-sync.com — Cisco Umbrella Rank: 387591
c2.eu-3-id5-sync.com — Cisco Umbrella Rank: 407571
c3.eu-3-id5-sync.com — Cisco Umbrella Rank: 394107
c4.eu-3-id5-sync.com — Cisco Umbrella Rank: 389686
c5.eu-3-id5-sync.com — Cisco Umbrella Rank: 383490
c6.eu-3-id5-sync.com — Cisco Umbrella Rank: 394108
c7.eu-3-id5-sync.com — Cisco Umbrella Rank: 396230
2 KB
8 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1712
52 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 391
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 993
aax.amazon-adsystem.com — Cisco Umbrella Rank: 497
s.amazon-adsystem.com — Cisco Umbrella Rank: 404
83 KB
6 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 1203
6 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1094
t.clarity.ms — Cisco Umbrella Rank: 9056
c.clarity.ms — Cisco Umbrella Rank: 1823
28 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1209
id5-sync.com — Cisco Umbrella Rank: 654
32 KB
6 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 181516
au.pixel.newscgp.com — Cisco Umbrella Rank: 180843
au.audience.newscgp.com — Cisco Umbrella Rank: 152822
50 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 68754
rm-script.dotmetrics.net — Cisco Umbrella Rank: 7315
35 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 324
newscorpau.demdex.net — Cisco Umbrella Rank: 177145
5 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
5 KB
4 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 2564
insight.adsrvr.org — Cisco Umbrella Rank: 1492
match.adsrvr.org — Cisco Umbrella Rank: 493
6 KB
4 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 4906
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 10691
63 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 530
c.bing.com — Cisco Umbrella Rank: 379
16 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 671
1 KB
3 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 773
eus.rubiconproject.com — Cisco Umbrella Rank: 953
2 KB
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 853
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 743
224 B
3 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3231
geo.privacymanager.io — Cisco Umbrella Rank: 2830
61 KB
3 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 7014
udc-neb.kampyle.com — Cisco Umbrella Rank: 3888
87 KB
3 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2646
widget-pixels.outbrain.com — Cisco Umbrella Rank: 5932
90 KB
3 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 314953
25 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 959
31 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1168
581 B
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 3224
alb.reddit.com — Cisco Umbrella Rank: 1955
761 B
2 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2298
usersync.gumgum.com — Cisco Umbrella Rank: 2705
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 380
acdn.adnxs.com — Cisco Umbrella Rank: 951
1 KB
2 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 938
gum.criteo.com — Cisco Umbrella Rank: 528
227 B
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1382
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4862
666 B
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1375
25 KB
2 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 4474
4 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1497
13 KB
2 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 4001
23 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 20297
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 232
74 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1124
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 2184
503 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10 Failed
1 omtrdc.net
newscorpau.sc.omtrdc.net — Cisco Umbrella Rank: 189292
271 B
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 4636
819 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1950
201 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 2090
639 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 800
689 B
1 authorizedvault.com
topics.authorizedvault.com — Cisco Umbrella Rank: 8004
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 423
1 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1362
721 B
1 t.co
t.co — Cisco Umbrella Rank: 983
376 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 110
77 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 2542
24 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1900
14 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1254
15 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 17434
20 KB
1 api.news
client.api.news — Cisco Umbrella Rank: 400739
631 B
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 9836
10 KB
1 whereilive.com.au
frankston-leader.whereilive.com.au
270 B
1 hastingsleader.com.au
www.hastingsleader.com.au
270 B
240 61
Domain Requested by
19 www.heraldsun.com.au 3 redirects www.heraldsun.com.au
15 resourcesssl.newscdn.com.au www.heraldsun.com.au
resourcesssl.newscdn.com.au
13 dt.adsafeprotected.com
12 tags.news.com.au 1 redirects www.heraldsun.com.au
tags.tiqcdn.com
au.tags.newscgp.com
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
pagead2.googlesyndication.com
8 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
7 pagead2.googlesyndication.com ad.doubleclick.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6 ct.pinterest.com s.pinimg.com
5 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
5 id5-sync.com tags.news.com.au
cdn.id5-sync.com
5 static.adsafeprotected.com www.heraldsun.com.au
pixel.adsafeprotected.com
4 www.facebook.com www.heraldsun.com.au
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
3 dpm.demdex.net tags.news.com.au
3 px.ads.linkedin.com snap.licdn.com
www.heraldsun.com.au
3 au.pixel.newscgp.com au.tags.newscgp.com
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 c.amazon-adsystem.com tags.tiqcdn.com
c.amazon-adsystem.com
3 bat.bing.com tags.tiqcdn.com
bat.bing.com
www.heraldsun.com.au
3 bedsberry.com www.heraldsun.com.au
bedsberry.com
2 c.clarity.ms 1 redirects
2 insight.adsrvr.org js.adsrvr.org
2 static.criteo.net tags.news.com.au
static.criteo.net
2 t.clarity.ms www.clarity.ms
2 lb.eu-1-id5-sync.com tags.news.com.au
cdn.id5-sync.com
2 14643376.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 fastlane.rubiconproject.com tags.news.com.au
2 ads.pubmatic.com tags.news.com.au
2 au.audience.newscgp.com au.tags.newscgp.com
tags.tiqcdn.com
2 geo.privacymanager.io ats-wrapper.privacymanager.io
2 s.pinimg.com tags.tiqcdn.com
s.pinimg.com
2 script.crazyegg.com tags.tiqcdn.com
script.crazyegg.com
2 www.redditstatic.com tags.tiqcdn.com
www.redditstatic.com
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 nebula-cdn.kampyle.com tags.tiqcdn.com
nebula-cdn.kampyle.com
2 pixel.zprk.io tags.tiqcdn.com
www.heraldsun.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 ad.doubleclick.net tags.tiqcdn.com
www.heraldsun.com.au
2 widgets.outbrain.com www.heraldsun.com.au
widgets.outbrain.com
1 js-sec.indexww.com tags.news.com.au
1 acdn.adnxs.com tags.news.com.au
1 eus.rubiconproject.com tags.news.com.au
1 usersync.gumgum.com tags.news.com.au
1 match.adsrvr.org 1 redirects
1 check.analytics.rlcdn.com tags.news.com.au
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 metrics.heraldsun.com.au tags.news.com.au
1 udc-neb.kampyle.com
1 www.google.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
1 gum.criteo.com static.criteo.net
1 c.bing.com 1 redirects
1 newscorpau.sc.omtrdc.net tags.news.com.au
1 secure-sdk.imrworldwide.com www.heraldsun.com.au
1 a1f9057a7056edf4b53110c249ae7986.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c7.eu-4-id5-sync.com cdn.id5-sync.com
1 c6.eu-4-id5-sync.com cdn.id5-sync.com
1 c5.eu-4-id5-sync.com cdn.id5-sync.com
1 c4.eu-4-id5-sync.com cdn.id5-sync.com
1 c3.eu-4-id5-sync.com cdn.id5-sync.com
1 c2.eu-4-id5-sync.com cdn.id5-sync.com
1 c1.eu-4-id5-sync.com cdn.id5-sync.com
1 c0.eu-4-id5-sync.com cdn.id5-sync.com
1 c7.eu-3-id5-sync.com cdn.id5-sync.com
1 c6.eu-3-id5-sync.com cdn.id5-sync.com
1 c5.eu-3-id5-sync.com cdn.id5-sync.com
1 c4.eu-3-id5-sync.com cdn.id5-sync.com
1 c3.eu-3-id5-sync.com cdn.id5-sync.com
1 c2.eu-3-id5-sync.com cdn.id5-sync.com
1 c1.eu-3-id5-sync.com cdn.id5-sync.com
1 c0.eu-3-id5-sync.com cdn.id5-sync.com
1 edge.adobedc.net cdn1.adoberesources.net
1 alb.reddit.com www.heraldsun.com.au
1 pixel-config.reddit.com www.redditstatic.com
1 rm-script.dotmetrics.net www.heraldsun.com.au
1 ping.chartbeat.net www.heraldsun.com.au
1 g2.gumgum.com tags.news.com.au
1 ib.adnxs.com tags.news.com.au
1 a.teads.tv tags.news.com.au
1 hbopenbid.pubmatic.com tags.news.com.au
1 bidder.criteo.com tags.news.com.au
1 htlb.casalemedia.com tags.news.com.au
1 topics.authorizedvault.com tags.news.com.au
1 ncg.tags.news.com.au au.tags.newscgp.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 api.rlcdn.com tags.news.com.au
1 cdn.jsdelivr.net tags.news.com.au
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 analytics.twitter.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 www.googletagmanager.com tags.tiqcdn.com
1 js.adsrvr.org tags.tiqcdn.com
1 cdn.adsafeprotected.com tags.news.com.au
1 static.chartbeat.com tags.tiqcdn.com
1 snap.licdn.com tags.tiqcdn.com
1 static.ads-twitter.com tags.tiqcdn.com
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 cdn1.adoberesources.net tags.tiqcdn.com
1 cdn.id5-sync.com tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 client.api.news resourcesssl.newscdn.com.au
1 widget-pixels.outbrain.com www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
1 frankston-leader.whereilive.com.au 1 redirects
1 www.hastingsleader.com.au 1 redirects
240 109
Subject Issuer Validity Valid
news.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-06 -
2024-12-05		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-21 -
2025-02-21		 a year crt.sh
bedsberry.com
E5		 2024-07-07 -
2024-10-05		 3 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02		 2024-03-19 -
2025-04-17		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-19 -
2024-07-18		 3 months crt.sh
au.tags.newscgp.com
Amazon RSA 2048 M02		 2024-01-23 -
2025-02-19		 a year crt.sh
*.zprk.io
Amazon RSA 2048 M03		 2023-09-19 -
2024-10-17		 a year crt.sh
*.kampyle.com
SSL.com RSA SSL subCA		 2023-11-07 -
2024-12-07		 a year crt.sh
id5-sync.com
E1		 2024-06-04 -
2024-09-02		 3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-09 -
2025-08-09		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M03		 2024-06-26 -
2025-07-24		 a year crt.sh
brandmetrics.com
WE1		 2024-06-27 -
2024-09-25		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2024-05-15 -
2025-06-06		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
*.imrworldwide.com
GlobalSign RSA OV SSL CA 2018		 2024-05-16 -
2025-02-02		 9 months crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M03		 2024-04-21 -
2025-05-19		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
script.crazyegg.com
E1		 2024-06-03 -
2024-09-01		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
*.dotmetrics.net
Amazon RSA 2048 M02		 2023-08-23 -
2024-09-20		 a year crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-08 -
2025-05-07		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-08 -
2024-10-08		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.id5-sync.com
E6		 2024-07-01 -
2024-09-29		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M03		 2024-02-28 -
2025-03-29		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
www.newsconnect.com.au
Amazon RSA 2048 M02		 2024-02-08 -
2025-03-08		 a year crt.sh
au.audience.newscgp.com
Amazon RSA 2048 M02		 2024-02-27 -
2025-03-26		 a year crt.sh
1657490710.rsc.cdn77.org
E5		 2024-06-11 -
2024-09-09		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
casalemedia.com
E5		 2024-06-17 -
2024-09-15		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-18 -
2024-09-17		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-04 -
2025-04-03		 a year crt.sh
teads.tv
R10		 2024-06-11 -
2024-09-09		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
sp-ad-exch-prd-two-eks.prd.eks.sp.adexchange.gumgum.com
Amazon RSA 2048 M02		 2024-04-05 -
2025-05-04		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-07-01 -
2025-01-01		 6 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-04-24 -
2025-04-17		 a year crt.sh
edge.adobedc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-21 -
2024-11-20		 a year crt.sh
*.eu-1-id5-sync.com
R10		 2024-07-01 -
2024-09-29		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.eu-3-id5-sync.com
E5		 2024-07-01 -
2024-09-29		 3 months crt.sh
*.eu-4-id5-sync.com
E6		 2024-07-01 -
2024-09-29		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-27 -
2024-09-24		 3 months crt.sh
*.sc.omtrdc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-07 -
2025-03-09		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
metrics.heraldsun.com.au
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-20 -
2025-07-21		 a year crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2024-05-26 -
2025-06-24		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M03		 2024-04-25 -
2025-05-23		 a year crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.ad-server.k8s.sp.ggops.com
Amazon RSA 2048 M02		 2024-05-07 -
2025-06-05		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh

This page contains 28 frames:

Primary Page: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Frame ID: 3E1E0DE3572747221AC09972DBDC3699
Requests: 196 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2Fwww.heraldsun.com.au
Frame ID: 78EBAC88A330C07F031ED13F374AC481
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: CE255942CA5C76959D507A8EF602210C
Requests: 1 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: 2038B0A7A72C9952E3906F0DECC9B9B5
Requests: 1 HTTP requests in this frame

Frame: https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Frame ID: 84B0D0D2A36DF6149B3AC6BA771EF496
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: ABA91193261059364E6AA8E53E55BE9F
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: C26EEEA949C6CBF27CA1D8A6F70FA6B3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg_3lift&dcc=t
Frame ID: A3DE54626DBA80384A0A305705F6642B
Requests: 1 HTTP requests in this frame

Frame: https://14643376.fls.doubleclick.net/activityi;dc_pre=CJShk9XqnocDFT2G6QUdjAkO4w;src=14643376;type=hs;cat=hs_02;ord=9791598902853;npa=0;auiddc=800551474.1720695610;gdid=dYmQxMT;ps=1;pcor=205329341;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9185837162za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside
Frame ID: 4A4ACAFC4E9E5F0460807536C29A2F90
Requests: 1 HTTP requests in this frame

Frame: https://a1f9057a7056edf4b53110c249ae7986.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 29B981C566631EFCC21C13045824AB67
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&upid=ekg5qxt&upv=1.1.0
Frame ID: 730932BEB8C180713878C4F641094FB2
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&upid=trk7f24&upv=1.1.0
Frame ID: F58D1096866A51A2909968CEB4E90FB0
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: B0B332FAF8230E75969DD2176FBE26EA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Frame ID: E581E82DD88EC58314F79DB08015B3ED
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuaHj0SSGEcNgMzKHsnyxng3I8IXAh6iumb5nlBRurrTtF8f-7jzleLT2uWKQRagEEuu_sWmBRBrg4vFhVpDZK8Wn3pZycakVoeg1Wh687HmjpF0wcWi2eSqaREcv4quFlLsXRTZpeeRl0gP098XF8tg5b-uCEnaMU4aU84_hTvN6j3MVYCRl11EpTw_agi8CX9UJju6yY2oOzpLu25Gb_UykOE0kFFbZoBuAXWZWenxk0ZfvWQqUVz_d9Dp-aP1Rw5zgIwVPk8E7braC2MpHzgH3pWLYTwo-elx4ddizwA6il4reogM30tox6QvtzWwpc-mrfvz92BHKspmKFvXZwcH_qDHKxuawlbK0Ra6f3ZbjdqpEClJ_xo0U_wUgq0ZTmKWi8&sai=AMfl-YRE3FalU4vBPaT4oWDgezmrhQyABgjBs8hIt2-635Yq5xEs0SS7Txhj0a46DuvAh5eh9hGItmHbW4yd2nEZpnnQgUDYMxJ4HHK3jwpdajLgsxR8l9DSz31MAJ6CQO8&sig=Cg0ArKJSzPm6XqOWnchPEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 912FE7E3B7A179681FEE4FD95020D497
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLWOTyGp5JOsE2NZuQmVPiM99ayutRPrUYX6UbDgoTvmEcH5nKGj_1pJY-g6NE-Yg75hairM9IfvC13F4Mf8M9yJNkvvPb7VsIkPHwe3nHk7Tlqv2GSpu680_tcNLUzNDj5oO1R-Mz_56FZdklIvr_1mb-4g25SY_QivmWLkvQLbparaV-QxmZAPVE67jcRvNCM7YOWzAHIfYQLHA1B_VxuCcZirrg21CmQ6TJhYdNUTBEQD15Yqm70JvlB7mS76CCNE0yIEcIxjwsUFdtO9BO_I5VT22rKGsWm_oIGtzUNCbDrWCpJbZZ7co9PmhjBMmxmNdDQ9-JC6uF4vfbUovErTVmy-watPCl7LaYAkdXwXJRK7WYQaN_EkNvwZUgR3jQGfY&sai=AMfl-YS-U0wMQlet8gIs-rZ0hCqAbQjYntyZvZCCjrcdQNRLgP1IFBGHTPx4CjnKBIkeM3b-kJQfEoQ5qvZLn75-t_yuX3VP0LG0O7cdfH5DyoWa9jyn3TckOYTUkNALi_8&sig=Cg0ArKJSzMJ4S5H8PtEjEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 7276590CBAF3A3292E9FEE7BF0C10A56
Requests: 9 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|1&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138445902045&pubOrder=2553375348&cb=1487764302&custom=page-not-found&custom3=168403511&adsafe_par&impId=bd564b79-3f74-11ef-95ec-06f47aa1faf5
Frame ID: F2593C9021689CFBC3B586AEFEAAC5A4
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138472356620&pubOrder=2553375348&cb=1492456871&custom=page-not-found&custom3=168403511&adsafe_par&impId=bd564b7a-3f74-11ef-95ec-06f47aa1faf5
Frame ID: 3493FFD9E0F712054C880E5AF88CFEB5
Requests: 2 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 7E988AF604B9B3CF9ED3F6BA8410C4EF
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: A990216D57B0969C7EDF07E529D8A9A5
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 9746110BDEA25DD6596B1298227ACE64
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 347D5FAC193FA1C21DE0EF6B952069F4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E380FE239CD7C2E93D56CF65139B2E92
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=f5c7b812-0e74-4a61-be3a-7de6a1d85dd8
Frame ID: 9E441691DB93D7CD9DB9548A89F5551A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2931952D639B8CAE62625040004B444C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 31826B691DBE5101DF25B32A63D545C8
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 357E58487A22EBA55BEBA7F32E82B762
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: ACD4D7310881CE8FE51EC8A43F20395D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bayside | Herald Sun

Page URL History Show full URLs

  1. http://www.hastingsleader.com.au// HTTP 307
    https://www.hastingsleader.com.au// HTTP 301
    http://frankston-leader.whereilive.com.au/ HTTP 307
    https://frankston-leader.whereilive.com.au/ HTTP 301
    http://www.heraldsun.com.au/leader/bayside HTTP 307
    https://www.heraldsun.com.au/leader/bayside HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fb... HTTP 302
    https://www.heraldsun.com.au/leader/bayside HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2flead... HTTP 302
    https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

240
Requests

98 %
HTTPS

0 %
IPv6

61
Domains

109
Subdomains

96
IPs

8
Countries

2053 kB
Transfer

7086 kB
Size

195
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.hastingsleader.com.au// HTTP 307
    https://www.hastingsleader.com.au// HTTP 301
    http://frankston-leader.whereilive.com.au/ HTTP 307
    https://frankston-leader.whereilive.com.au/ HTTP 301
    http://www.heraldsun.com.au/leader/bayside HTTP 307
    https://www.heraldsun.com.au/leader/bayside HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fbayside HTTP 302
    https://www.heraldsun.com.au/leader/bayside HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fbayside&17206956061572871413 HTTP 302
    https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 138
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg_3lift&dcc=t
Request Chain 141
  • https://14643376.fls.doubleclick.net/activityi;src=14643376;type=hs;cat=hs_02;ord=9791598902853;npa=0;auiddc=800551474.1720695610;gdid=dYmQxMT;ps=1;pcor=205329341;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9185837162za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside HTTP 302
  • https://14643376.fls.doubleclick.net/activityi;dc_pre=CJShk9XqnocDFT2G6QUdjAkO4w;src=14643376;type=hs;cat=hs_02;ord=9791598902853;npa=0;auiddc=800551474.1720695610;gdid=dYmQxMT;ps=1;pcor=205329341;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9185837162za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside
Request Chain 181
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=26884371252B4F629AFE478ED519A545&RedC=c.clarity.ms&MXFR=130DE90052816C9F2DD6FDB956816240 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=26884371252B4F629AFE478ED519A545&MUID=108B7647EA3B661A133862FEEB0967AE
Request Chain 209
  • https://cm.everesttech.net/cm/dd?d_uuid=03098996872470271634505174873755656088 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zo_7PgAAAJXXAQM8
Request Chain 229
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=f5c7b812-0e74-4a61-be3a-7de6a1d85dd8

240 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bayside
www.heraldsun.com.au/leader/
Redirect Chain
  • http://www.hastingsleader.com.au//
  • https://www.hastingsleader.com.au//
  • http://frankston-leader.whereilive.com.au/
  • https://frankston-leader.whereilive.com.au/
  • http://www.heraldsun.com.au/leader/bayside
  • https://www.heraldsun.com.au/leader/bayside
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fbayside
  • https://www.heraldsun.com.au/leader/bayside
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fbayside&17206956061572871413
  • https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
166 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
40237646f768b1cf55cb822cec09bfe23ca18749381a48c54284a54514569226
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache
content-encoding
gzip
content-length
38300
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Thu, 11 Jul 2024 11:00:08 GMT
expires
Thu, 11 Jul 2024 11:00:08 GMT
host-header
a9130478a60e5f9135f765b23f26593b
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 169224 0 pmb=mTOE,2
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fbayside%3fnk%3d15de4855b47787d2f2ee5284a4c4245f-1720695607&blaizehost=v4-news-au-heraldsun.cdn.zephr.com&content_id=&session=15de4855b47787d2f2ee5284a4c4245f
x-content-type-options
nosniff
x-pathqs
TRUE
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
syd3 123 243 443
x-xss-protection
1

Redirect headers

cache-control
max-age=0, no-cache
content-length
154
content-type
text/html
date
Thu, 11 Jul 2024 11:00:07 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1692680720.184261"
expires
Thu, 11 Jul 2024 11:00:07 GMT
location
https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
pragma
no-cache
server
AkamaiGHost
vary
Accept-Encoding
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Thu, 09 Mar 2023 05:34:59 GMT
server
AmazonS3
x-amz-request-id
JFKE5X4SAC8WZHTG
etag
"c4ced7adf03d84494a6c1da275896d38"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=71648
accept-ranges
bytes
content-length
11472
x-amz-id-2
+2/DNuqzh/GyfLab+CUJkKIfwG+XnVO0Z94IEBkoOOPkvpyaYAXg9/0cqh42uaeu1iMV0Ke1RKI=
expires
Fri, 12 Jul 2024 06:54:16 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Thu, 09 Mar 2023 05:35:46 GMT
server
AmazonS3
x-amz-request-id
1Q5F0NCFGRNN1BTF
etag
"ad24be3fafec705de20c00e56afe05ae"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=213875
accept-ranges
bytes
content-length
12052
x-amz-id-2
SDXHYbYN+u6ZH+AlsWcwU4O5dD4wD/aXkAVnJrVgnSyXTd4JQWGAbvUhccov1qyNu4GImKo+LG4=
expires
Sat, 13 Jul 2024 22:24:43 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
4HAF0J0DEAVCY47Z
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=513574
accept-ranges
bytes
content-length
12440
x-amz-id-2
kS1AWSAmFSmwgsSdEB8+tt7vHh2OSX917KQ7LQ/S1lxj3YP6BfBsfHD5uqx+5a/yeXIqFnwhAcE=
expires
Wed, 17 Jul 2024 09:39:42 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
3N0KTJ62A6XZ2JQK
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=196620
accept-ranges
bytes
content-length
11372
x-amz-id-2
wu42W4EeW4EB3u705rTDHcB6OOMd3Py7+V3mYu1gp7UJNyDNid3FtRmHzuSEXCqAUeKvMb+Fkpw59NN/ohCijg==
expires
Sat, 13 Jul 2024 17:37:08 GMT
lux.js
cdn.speedcurve.com/js/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
6b0dcf3e206e015bc03358da6a4f6f96db00371fb21a976e292f40503d373fc8

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits
506
date
Thu, 11 Jul 2024 11:00:08 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
2027
x-cache
HIT
content-length
10098
x-served-by
cache-syd10182-SYD
last-modified
Thu, 11 Jul 2024 10:26:21 GMT
server
Apache
x-timer
S1720695608.414222,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jul 2024 10:26:21 GMT
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js?ck=4dfeXDbBXtusmGu4NwRyk2GDOwI=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ccec862c86db29c4f32f3a9355031ee05e156ab3c968721cbed91f7f630a531d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Mon, 08 Jul 2024 03:19:24 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"668b5abc-120d"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2305912
accept-ranges
bytes
content-length
1704
expires
Wed, 07 Aug 2024 03:32:00 GMT
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=4dfeXDbBXtusmGu4NwRyk2GDOwI=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ee5be89227a695f2d10c1d11c6b6265db0de645aecd562fc5f68aa32cddaec8a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Mon, 08 Jul 2024 03:28:31 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"668b5cdf-50b8"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2307531
accept-ranges
bytes
content-length
6101
expires
Wed, 07 Aug 2024 03:58:59 GMT
css-metro-desktop-critical-index.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		222 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=gwUEXZTWpaD0Hxv5vKPmpXnKX8Y=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2d844b74da43882bdd0577cdf52c526c20536a3739c651bfef1e5b0f4830bdbb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Tue, 09 Jul 2024 05:20:08 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"668cc888-3778f"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2464232
accept-ranges
bytes
content-length
32090
expires
Thu, 08 Aug 2024 23:30:40 GMT
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/indies-breaking-news/assets/ 		2 KB
925 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/indies-breaking-news/assets/style.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2e5ae2206d0d20bab9706afc6abf0e2e8b85b5a2661d6c58bca7756accc3bd5a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
0.Zcfl.qr.9kItxJq8eQ91ZmqfR8yo7a
content-encoding
gzip
date
Thu, 11 Jul 2024 11:00:08 GMT
x-amz-request-id
RXK1EGWFW00ZW18Q
x-amz-server-side-encryption
AES256
content-length
548
x-amz-id-2
2FkOhiKJYOpVNvJegGtYQfQ+h9/ArOsDC0TZvsCWb95zBSAHOX75sIvE7SOvnDG2wkLRsruWMkPO06cvBiVKLA==
last-modified
Thu, 11 Jul 2024 01:19:28 GMT
server
AmazonS3
etag
"4aa1e1ee66ef2540c815dc70a3efaaff"
x-i
true
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1080
accept-ranges
bytes
expires
Thu, 11 Jul 2024 11:18:08 GMT
93e62e
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/93e62e
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef508b8dbcc345d6ab59f8fc536dfa1a08c2c8e34194d5c19ca2f8ba619d5ca9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-pathqs
TRUE
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
x-arrrg4
https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
content-length
8770
pragma
no-cache
last-modified
Thu, 22 Feb 2024 19:44:40 GMT
blaizehappened
true
etag
"9de0884e0c5c83be600573650db9601ae4fb2e2beef739690bf6b99aa8e98458"
stored-attribute-sha-checksum
ef508b8dbcc345d6ab59f8fc536dfa1a08c2c8e34194d5c19ca2f8ba619d5ca9
vary
User-Agent
content-type
application/javascript
cache-control
max-age=21600
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f93e62e&blaizehost=v4-news-au-heraldsun.cdn.zephr.com&content_id=&session=15de4855b47787d2f2ee5284a4c4245f
expires
Thu, 11 Jul 2024 11:00:08 GMT
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		83 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
aeefdb59a530585244dd2afbbaec040f62d5e5de3789294c478c2d6e9bb647ea
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Mon, 06 May 2024 07:32:24 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"66388788-14d87"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2369353
accept-ranges
bytes
content-length
33871
expires
Wed, 07 Aug 2024 21:09:21 GMT
adblock.js
tags.news.com.au/prod/adblock/ 		421 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6dd5ee1ae7c825ba0ff5114a0f367b495687816146b8b135d06b139533adee63

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
application/x-javascript
date
Thu, 11 Jul 2024 11:00:08 GMT
cache-control
max-age=64872
server
AkamaiNetStorage
etag
"490afb6ed4e1e52d406d5482d8a3afbe:1719190413.313749"
content-length
421
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css?ck=gwUEXZTWpaD0Hxv5vKPmpXnKX8Y=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Origin
https://www.heraldsun.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Tue, 09 Jul 2024 05:20:08 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"668cc888-2b16"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2464164
accept-ranges
bytes
content-length
1483
expires
Thu, 08 Aug 2024 23:29:32 GMT
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css?ck=gwUEXZTWpaD0Hxv5vKPmpXnKX8Y=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Origin
https://www.heraldsun.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Tue, 09 Jul 2024 05:20:06 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"668cc886-84b3"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2464174
accept-ranges
bytes
content-length
6839
expires
Thu, 08 Aug 2024 23:29:42 GMT
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css?ck=gwUEXZTWpaD0Hxv5vKPmpXnKX8Y=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Origin
https://www.heraldsun.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Tue, 09 Jul 2024 05:20:06 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"668cc886-c14"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2464113
accept-ranges
bytes
content-length
956
expires
Thu, 08 Aug 2024 23:28:41 GMT
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538deef70d942ac5fc21454137fdfe920737e17bf387ff19c10b3cf581cef73
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
br
via
1.1 google
strict-transport-security
max-age=15724800; preload
cf-cache-status
MISS
x-buildnumber
1353145067
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-asia-east1
etag
W/"24c3ef7b6612a7a8d84efffbafe09cf945d02e39c8b096724e4dc10339b5a30e"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-dcpg
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
cf-ray
8a1849c39a68a823-SYD
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=gwUEXZTWpaD0Hxv5vKPmpXnKX8Y=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
50078RQPCJZZ2GVF
etag
"4d7595f832e4962b83a9428c3723233b"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=194415
accept-ranges
bytes
content-length
347
x-amz-id-2
RDaO900aVpjnU7FpXaDgNILNVmDiE3OYb6x4h+YTEdgaWbArtbi2ZRUD0lquh9WOyUbSGP7NZgw=
expires
Sat, 13 Jul 2024 17:00:23 GMT
ktv-icon.jpg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ktv-icon.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=gwUEXZTWpaD0Hxv5vKPmpXnKX8Y=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fdba8926b943ef611fc6efc98f34bf6b946006bca29a6ca711c03f94e9b770ba

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Thu, 09 Nov 2023 00:18:01 GMT
server
AmazonS3
x-amz-request-id
HK5XT3KEEF4VSH37
etag
"481ac438f263d8b4ef0b66cb4ae1364c"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=110546
accept-ranges
bytes
content-length
1051
x-amz-id-2
BjDPrezyJzpNh9xLkhqLcqRn6QJq3ThXFGZ8drgwWQdHEq2MF5zI47BEWDtdiTKeF9ZNJqNxGro=
expires
Fri, 12 Jul 2024 17:42:34 GMT
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
672 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=gwUEXZTWpaD0Hxv5vKPmpXnKX8Y=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:08 GMT
content-encoding
gzip
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
E9CDDF2B5A502543
etag
"b0f5ec7455ded53e84de4fee006a5110"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=577600
accept-ranges
bytes
content-length
342
x-amz-id-2
4vhJZpXR184FTPaMCnGWCqzRecyPnGMiYI8QC41Od5onjzbbWXQqy1ic0p3X71pzoEgU2oCcjE8=
expires
Thu, 18 Jul 2024 03:26:48 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=gwUEXZTWpaD0Hxv5vKPmpXnKX8Y=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:08 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
GYK4RND10PJ15EKJ
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=84903
accept-ranges
bytes
content-length
284
x-amz-id-2
mJYT9HtMl1jNV0SyX07+ufJZB2GX6CyoULs6Q6F2dem4V+EdVKpAgR3vf6nT2iUSYuk7CHsw0pQ=
expires
Fri, 12 Jul 2024 10:35:11 GMT
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=gwUEXZTWpaD0Hxv5vKPmpXnKX8Y=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
F5BEA6B61E0080FB
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=578843
accept-ranges
bytes
content-length
16112
x-amz-id-2
XSzOWki59WzVq9WjYTh0wYct8vx6ZMGU+2dlGz4mFcCzrG616FshF/qMUy1ATUnp5n4952JjBwA=
expires
Thu, 18 Jul 2024 03:47:31 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=gwUEXZTWpaD0Hxv5vKPmpXnKX8Y=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

unused62
8096267
date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
26D81E180649EDA0
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=558046
accept-ranges
bytes
content-length
15948
x-amz-id-2
M2jUpS/AGfEBmTbGt/LFWzcUzhc/pcInY7IeLixbMpXj46fs/Ac6WDCZUtTxRoItdyGk+D8pU5c=
expires
Wed, 17 Jul 2024 22:00:54 GMT
heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/leader/bayside
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Tue, 27 Feb 2024 22:18:10 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"65de5fa2-1e5e"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
must-revalidate, max-age=300
accept-ranges
bytes
content-length
2728
expires
Thu, 11 Jul 2024 11:05:08 GMT
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
426 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?ck=gwUEXZTWpaD0Hxv5vKPmpXnKX8Y=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=4dfeXDbBXtusmGu4NwRyk2GDOwI=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/leader/bayside
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rq
syd3 123 242 443
date
Thu, 11 Jul 2024 11:00:08 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
last-modified
Tue, 09 Jul 2024 05:20:08 GMT
server
nginx
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag
"668cc888-0"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2464186
accept-ranges
bytes
content-length
0
expires
Thu, 08 Aug 2024 23:29:54 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		146 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=4dfeXDbBXtusmGu4NwRyk2GDOwI=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a7ba462b4c7c3b7263c07b042e640d49fcc49e8c5242d356c9cd5a3f679486b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
HEltkx3AvwPCHs7Ng3_9k5VnIOEhIhXi
content-encoding
br
via
1.1 ff9e105aa8810f98f1f8f9ec61929886.cloudfront.net (CloudFront)
date
Thu, 11 Jul 2024 10:57:55 GMT
last-modified
Tue, 09 Jul 2024 02:53:18 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
134
x-amz-server-side-encryption
AES256
etag
W/"37c897dabd187acdde58bb1ffebd7249"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
A1avd7Xttq3jOznzhzx6VV8yNH3NSGhKcCF-QGz8UJ4ZtLbPKTtRGA==
indies-loader.js
resourcesssl.newscdn.com.au/indies/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=4dfeXDbBXtusmGu4NwRyk2GDOwI=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e8578396b1b92c9c86641ef39b7ee6f7c675d2f6fd2127cb3a1d7b518aa7eb6d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
._fGRqsQ9Nwtgi3Df5uJJy6E0ZEsHpC0
content-encoding
gzip
date
Thu, 11 Jul 2024 11:00:08 GMT
x-amz-request-id
Q34Q1DZJRNDTAAZ8
x-amz-server-side-encryption
AES256
content-length
2004
x-amz-id-2
xWsX3Pe/prG9LJ/hksqXdItyDtsvVU/vLlg1ot3i2x6UG5svQz1zAzyhB0N2OdAK4A7PxFZ/oGM=
last-modified
Wed, 24 Jan 2024 22:43:43 GMT
server
AmazonS3
etag
"2ce26f6c687180e8945961717dc388af"
x-i
true
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1544
accept-ranges
bytes
x-p
/indies/indies-loader.js
expires
Thu, 11 Jul 2024 11:25:52 GMT
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		232 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=4dfeXDbBXtusmGu4NwRyk2GDOwI=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=4dfeXDbBXtusmGu4NwRyk2GDOwI=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ed869b2f776f2497f9c60d79d25725b6bcb0118d63a4ef70375e193fba5e197b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/leader/bayside
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Mon, 08 Jul 2024 03:28:31 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"668b5cdf-39fa3"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2307126
accept-ranges
bytes
content-length
50750
expires
Wed, 07 Aug 2024 03:52:14 GMT
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?ck=4dfeXDbBXtusmGu4NwRyk2GDOwI=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=4dfeXDbBXtusmGu4NwRyk2GDOwI=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2d34732a85cdb27e5211bc6cb51e6555fe67fb4a471c39e010dd4a5a8b5206dc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/leader/bayside
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Mon, 08 Jul 2024 02:12:12 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"668b4afc-2217"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2306052
accept-ranges
bytes
content-length
2475
expires
Wed, 07 Aug 2024 03:34:20 GMT
outbrain.js
widgets.outbrain.com/ 		246 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=4dfeXDbBXtusmGu4NwRyk2GDOwI=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.33.181 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-33-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f9e85cb0bf5742e7750767f08323e61923bdb07db8d787824f8e5f99c9917fef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 11 Jul 2024 11:00:08 GMT
edge-cache-tag
widget-cheetah
x-traceid
6166500db4083e369f1ecd9c5050b07d
content-length
91328
last-modified
Mon, 08 Jul 2024 09:17:25 GMT
etag
"4e-ye0ZXUTBPrhGfRl4a0KQ4b4N69Q"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14500
access-control-allow-credentials
false
timing-allow-origin
*, *
access-control-request-headers
X-OB-STG,X-OB-PRD
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
topics.html
widgets.outbrain.com/nanoWidget/externals/topics/ Frame 78EB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.33.181 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-33-181.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=14400
content-encoding
gzip
content-length
364
content-type
text/html
date
Thu, 11 Jul 2024 11:00:08 GMT
etag
"a52151dbf5b2ca563e40ccca1ab8228c:1720430242.247502"
expires
Thu, 11 Jul 2024 15:00:08 GMT
last-modified
Mon, 08 Jul 2024 08:30:03 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.33.181 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-33-181.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Sat, 10 Aug 2024 11:00:08 GMT
date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=4dfeXDbBXtusmGu4NwRyk2GDOwI=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1b1c0ae5e517882fdba0061e8e5d58ba76ecb132fd003d628ebe29234fb68f48
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/leader/bayside
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-length
748
x-rq
syd3 123 243 443
server
nginx
allow
GET
vary
User-Agent
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
expires
Thu, 11 Jul 2024 11:01:08 GMT
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=17206956089120.38944325610815445
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:08 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
833
expires
Thu, 11 Jul 2024 11:00:08 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
application/x-javascript
date
Thu, 11 Jul 2024 11:00:08 GMT
cache-control
max-age=42272
server
AkamaiNetStorage
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/indies-breaking-news/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/indies-breaking-news/assets/main.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
94ccf9b12044666534ed3c190b46629b5b21e03d948f9663e9d7fe7b0b92f6ec

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Ec_Snp_vp08XCSXeJgxIv91PpnX8uycK
content-encoding
gzip
date
Thu, 11 Jul 2024 11:00:08 GMT
x-amz-request-id
SS4CQZJD32690PSZ
x-amz-server-side-encryption
AES256
content-length
1701
x-amz-id-2
ve16s99Lv2rVpRNOr3TZdukCHe8lQc3ajxF0IztiixowkvpvHjkO58AzyGhlSNKlUSg/IRcE6s5YlGwMHe29Fg==
last-modified
Thu, 11 Jul 2024 01:19:27 GMT
server
AmazonS3
etag
"f8def2b04bbe0d713f7068ceddf09df0"
x-i
true
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=982
accept-ranges
bytes
expires
Thu, 11 Jul 2024 11:16:30 GMT
campaigns
resourcesssl.newscdn.com.au/indiestudio/api/public/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indiestudio/api/public/campaigns?userType=anonymous&pageType=page-not-found&site=heraldsun.com.au&section=/page-not-found&device=desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,x-amz-date,x-amz-security-token,x-amz-user-agent,x-amzn-trace-id,x-api-key
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
apigw-requestid
avow8gwTSwMEJfg=
cache-control
max-age=1761
date
Thu, 11 Jul 2024 11:00:08 GMT
expires
Thu, 11 Jul 2024 11:29:29 GMT
campaigns
resourcesssl.newscdn.com.au/indiestudio/api/public/ 		55 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indiestudio/api/public/campaigns?userType=anonymous&pageType=page-not-found&site=heraldsun.com.au&section=/page-not-found&device=desktop
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a467f7c2b83a2dba2544ba15b6016687cd2e36189492d868994f995787d12caa

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
content-length
74
apigw-requestid
avow8jUmSwMEJ0Q=
expires
Thu, 11 Jul 2024 11:00:09 GMT
e9b6c63a76a83fa09a2f488f1f9218b4
client.api.news/collections/ 		337 B
631 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://client.api.news/collections/e9b6c63a76a83fa09a2f488f1f9218b4
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/indies-breaking-news/assets/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
757d80dfe05f2cff4c205281c6eee742f3d76dcab699e94a4aab27e5b4422ca1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
gzip
x-origin
CAPI
x-amz-cf-pop
MEL52-P1
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
content-length
252
last-modified
Tue, 09 Jul 2024 16:05:11 GMT
server
AmazonS3
etag
"8a915e638e7d034d60e00261d3d1e1d8"
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=94
accept-ranges
bytes
x-amz-cf-id
-Zeh0K3GHl5fGbsQWMZ0EDddemxEnkAL8r19Az5iK2GQe0rNOuXezg==
expires
Thu, 11 Jul 2024 11:01:43 GMT
pixel_93e62e
www.heraldsun.com.au/akam/13/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_93e62e
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/93e62e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/leader/bayside
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Thu, 11 Jul 2024 11:00:09 GMT
blaizehappened
true
x-pathqs
TRUE
vary
User-Agent
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_93e62e&blaizehost=v4-news-au-heraldsun.cdn.zephr.com&content_id=&session=15de4855b47787d2f2ee5284a4c4245f
x-arrrg4
https://www.heraldsun.com.au/leader/bayside
content-length
0
B7670439;dcadv=4149947;sz=1x2;ord=360826024142.5847
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=360826024142.5847?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f6.1e100.net
Software
cafe /
Resource Hash
e9ce9cba628d445d18281ec7b7b4919349ba588aa407bfff7e4d43f657920c16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14930
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a97bc8ec679a82ec782bd76c7302c0ca394c1ad672450f86f87bee5e0ec06b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 11 Jul 2024 11:00:08 GMT
last-modified
Mon, 08 Jul 2024 16:08:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0C42532B1325422EAF51E510D59B43BE Ref B: SYD03EDGE1410 Ref C: 2024-07-11T11:00:09Z
etag
"804a6d1951d1da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13828
metrics.vendors.bundle.js
tags.news.com.au/prod/metrics/ 		155 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f4cd2b3a7ecd9e189a4335aca67202ddd4803525c0d56d51ea80f3f247e946fe

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"7998b9ac20c7937bf25e2ea217c3c839:1719187365.552355"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=63022
content-length
51570
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
875e2dbb46ed3ac5de6ffb948be3670674574c75bf0c963ad68edb8832f06d44

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"fb68340e5f23d55e9dd6f9e882195c13:1695883768.293004"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=41895
content-length
9944
fbevents.js
connect.facebook.net/en_US/ 		223 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 11 Jul 2024 11:00:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58653
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=15, mss=1317, tbw=2808, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
KsOaMAPGIS7YH2VDRlpy30SmTTLkp03jm70o+j/bnbC5AbcD2yf28xPJtjAPdJKoYiGwnh0toqw7dliml8lTdA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-42.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 11 Jul 2024 10:05:03 GMT
Content-Encoding
gzip
Via
1.1 fd8b250e4ee7cd8e5de453d78708baee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SYD3-P1
Age
3307
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 May 2023 02:16:02 GMT
Server
AmazonS3
ETag
W/"d9de38d1900dec018a46f90cc70a48b7"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
X-Amz-Cf-Id
WfkCmCCJ7bo8HcqCDcrRCILew8717pQn5x9l_pI8o_9cvWmPXck4RA==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2024-07-11T11%3A00%3A09.054Z&country=au&newsconnectId=&fpid=15de4855b47787d2f2ee5284a4c4245f
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.169.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-169-25.compute-1.amazonaws.com
Software
/
Resource Hash
0477716b7261e6e9d2d2f708abe9c9c27358eea96d4c556b2d9fec8cafea7d8a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2862
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.175 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6497ac106b48f0299b44b59d3a2cd295e23124a32e64fd1e0c2df38565af5f03
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
wZCyMi2QtZOM7SfqoeL4XEwLYwVKsRIU
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 Jul 2024 11:00:09 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
NH13RJ1VPFJRRT1F
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
519
x-amz-id-2
vDDKljM9tALVxpS2FbJ0dA+THOVQTJsLQ5P02Drjzh0uX57IbL18ETRVRF5lah4jfDAkyDXqB0k=
x-served-by
cache-syd10145-SYD
last-modified
Mon, 01 Jul 2024 11:17:17 GMT
server
AmazonS3
x-timer
S1720695609.319052,VS0,VE0
etag
"a8cd24aa6fa4186b029e078db090c65a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
751792
id5-api.js
cdn.id5-sync.com/api/1.0/ 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jun 2024 08:15:00 GMT
server
cloudflare
x-amz-request-id
YTFE7QADBGRME76T
age
2777
etag
W/"7549ecdacdd2ca9502744f648799d58a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8a1849c6aa4fa814-SYD
x-amz-id-2
uiQ70yoVzh0lGYvnfeixmXHlCiwxP0GgDVLY/2efRZri2oXYJwgw1ON984CR3Zli7DR9D21fDaQ=
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Mon, 17 Apr 2023 14:27:15 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
20617
expires
Thu, 11 Jul 2024 12:00:09 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b152261e1c57453fc67ef715778608859c6c09a2a50affc25d99e0bb0742380

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"f16222a57827e8a1a574ceb84af25834:1710904545.308704"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=34483
content-length
2291
tad.js
tags.news.com.au/prod/tad/ 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cc146b35a2a63691ad385731452cb964042715f491f35b0a4db2d604df00e606

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"f873bd694ade74de09f3543c3aa0ef73:1720663132.688697"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=60164
content-length
37646
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
c38179509be58e14e671994e13332739a5340b522decb59218221c0ecaebe0d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31550
x-xss-protection
0
server
cafe
etag
394 / 19915 / 31085170 / config-hash: 9377620043413370851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 11 Jul 2024 11:00:09 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		310 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.30.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-30-125.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e03f31f070cdf96deb44c8a8760578f65f041cdfc2f69a1b449da43ee298c326

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 10:09:53 GMT
content-encoding
gzip
via
1.1 9d6e86f5b232838ca6f2f480892525b2.cloudfront.net (CloudFront), 1.1 9c9c7e612d1d6c87f0238098c1c16662.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jun 2024 23:08:14 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2, SYD3-P2
age
3017
x-amz-server-side-encryption
AES256
etag
W/"ba6b386e5d42265c831a1ba06f75f187"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
HRoD0dd17rwH-f_f8Igo8MPuGpOd0EwaBvMImD-lj1QmGkoPXFi2aw==
prebid.js
tags.news.com.au/prod/prebid/ 		349 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
20a7a815ac630a4b10a39504f889de0c9ea4946fc295a012c7de467922df3383

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"5ff11671520488a255ee9ade7ce4d2f6:1719188963.017063"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=61282
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		184 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-32.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5b46ddcb005bf31c490f0e276adabbe6bcaaa4c69d33bba30c5003ec7a3a6b69

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
SLcjqlLUEEPy.gi71dzeG4D6h98NRCAg
content-encoding
gzip
via
1.1 aeb2692086ca3fc7d14822f811ae17a0.cloudfront.net (CloudFront)
date
Thu, 11 Jul 2024 10:13:41 GMT
last-modified
Wed, 03 Jul 2024 15:31:14 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P3
age
2789
x-amz-server-side-encryption
AES256
etag
W/"c42f78a4bd4ffd3aeb26bba5e49de69d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
M026m1JMrWHV-7EBpChT0C7V5BvfInQBjN5mKBMFSK-zrCqz1WSYyg==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8652c0bb729ad68bedc0d5231918c34b662abb80bbbe8439d73499f4b65ce9af

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"c605066ac45e83ace171f2434522af45:1719987539.487395"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=78469
content-length
6499
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
035675399800e3ae1f674fa492c731a97d18c40358fd47ccee65ffe31d5b3455

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 11 Jul 2024 10:07:49 GMT
server
cloudflare
age
3140
cf-polished
origSize=6321
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZsrpWJtbIvV7PuHgGXof8bpeOTHwCnD7PT9picmQ7pEyHTAm7hpI6qGtp6j38G7lnOmYK%2F%2B2JLW9veCeZ51DVFaayRmnLkS18SP3ub6o8dhxYyfoc7vN3RzXxFn1UvQhj6z9Zrd"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8a1849c8abe6aadd-SYD
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.28.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
gzip
last-modified
Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000023-IAD, cache-syd10162-SYD
insight.min.js
snap.licdn.com/li.lms-analytics/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.99.59.32 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-99-59-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dbfeb010a0c8acddc38dea97e228787f16ac5e30b4af96b764fa2252fe3827e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
710
date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Jul 2024 09:18:59 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
0
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=80434
accept-ranges
bytes
content-length
14011
chartbeat_video.js
static.chartbeat.com/js/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.248.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-248-189.syd3.r.cloudfront.net
Software
nginx /
Resource Hash
88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 18:14:58 GMT
content-encoding
gzip
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jun 2024 00:07:44 GMT
server
nginx
x-amz-cf-pop
SYD3-P1
age
60311
etag
W/"665fac50-11d74"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
COsvR3bPtA-sGdq6lDxTKdSE1Fd1dNAGu9XAIcQWoSBUn-9wahhLRQ==
expires
Thu, 11 Jul 2024 18:14:58 GMT
utag.1205.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1205.js?utv=ut4.46.202309110217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
076fa5f8e52d8eeca80c0c0166ecfe87b4964a99c69656b0055d64cad6f435c4

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
L7jBmw7NLuS.17dnVgYog7oIjvyBTqmD
content-encoding
br
via
1.1 ff9e105aa8810f98f1f8f9ec61929886.cloudfront.net (CloudFront)
date
Thu, 11 Jul 2024 10:59:43 GMT
last-modified
Tue, 09 Jul 2024 02:53:13 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
27
x-amz-server-side-encryption
AES256
etag
W/"38a55d138be64fd7e58fe14e68e1070e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
fxC4ks8RZtruv9EJT80NyKQ4kMV_kwFx41f-aifMeJlL5eJWTgrfGA==
utag.1211.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		608 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1211.js?utv=ut4.46.202311301301
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4da9d1ede8aa7ce6b22a39064976f93f17aa567f01c80bce92b0a582b0345b3f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
1ftJ1w21CqqF4wr_xNNQV5UHs62P3MPe
date
Thu, 11 Jul 2024 10:57:41 GMT
via
1.1 ff9e105aa8810f98f1f8f9ec61929886.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
149
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
608
last-modified
Tue, 09 Jul 2024 02:53:17 GMT
server
AmazonS3
etag
"7a00d9ef6c4c73968ae357754872dddf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1296000
accept-ranges
bytes
x-amz-cf-id
jg-H7hsQdDIjUV8BhhEEXflAR-qeW624vyzkIh5DD9SlzxD8MOJLXA==
utag.1366.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1366.js?utv=ut4.46.202407090252
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50689f24338f43879545049ba9164d66a6f4790f6022d63f7c15baa93ae4961c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
G.EpqttUMWBhUvOvsIXeTo4.hnav8kU5
content-encoding
gzip
via
1.1 ff9e105aa8810f98f1f8f9ec61929886.cloudfront.net (CloudFront)
date
Thu, 11 Jul 2024 10:56:25 GMT
last-modified
Tue, 09 Jul 2024 02:53:13 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
225
x-amz-server-side-encryption
AES256
etag
W/"ca87c4ccffbfc2625d0e1a345ea0d413"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
IYFsG6lnROEhOTiK9Pi0NbyyTpMhcDSg112O5LOrL58bRQS4_qbxQA==
utag.1370.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1370.js?utv=ut4.46.202406240040
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d0fdd61bad967269dcbf18370d0f9400369d50c15d27958520691ef9ff84047f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
KPSktEZf_wf04FSHR_kNZPiKuTzRmpe1
content-encoding
br
via
1.1 ff9e105aa8810f98f1f8f9ec61929886.cloudfront.net (CloudFront)
date
Thu, 11 Jul 2024 10:57:59 GMT
last-modified
Tue, 09 Jul 2024 02:53:15 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
133
x-amz-server-side-encryption
AES256
etag
W/"e25ecfec1f123d9c04700ff209812f19"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
KYgfW6GyE__uB_blIYYibV4vLN7ebPFOHkkKqJAGKfZkoa2mMdkyhg==
utag.1376.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1376.js?utv=ut4.46.202406240040
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d77a4a7b3b4a26964ac54bc76c5fa5a094d2a576002a00d0cbfd087602f1098e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
C3X8o_.td.nnIAl6H8pdsPJVVCHQDruE
content-encoding
br
via
1.1 ff9e105aa8810f98f1f8f9ec61929886.cloudfront.net (CloudFront)
date
Thu, 11 Jul 2024 10:58:00 GMT
last-modified
Tue, 09 Jul 2024 02:53:14 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
130
x-amz-server-side-encryption
AES256
etag
W/"c66b8f95648c8cb0291446402acec393"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
vjVh7SqC-73lsmAex_HcOi7HvWW-2JmeQeJZc2_YWUnfLvP_C26AUQ==
utag.1387.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1387.js?utv=ut4.46.202406260136
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b6979f782d4e20493f5ec1d8b617bde510a5709715e8ebf27c03d9047cb21bd

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
pQsgvrd.Mgy_.MgX.EvlgLAPiSv8dcx6
content-encoding
br
via
1.1 ff9e105aa8810f98f1f8f9ec61929886.cloudfront.net (CloudFront)
date
Thu, 11 Jul 2024 10:56:40 GMT
last-modified
Tue, 09 Jul 2024 02:53:14 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
210
x-amz-server-side-encryption
AES256
etag
W/"289ea518d828c78db1c2b8d0e8483ace"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
9qAmLLhQaW2LVIZUheX3TOVmsvMz7hHJjXRRrNe--HyxP0HuwygWFA==
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adspot_id=ryghhm_728x90_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.199.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-199-5.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 20:54:37 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 3f8fd6340fce279c5b09dff400f7a746.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P3
age
50734
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
NQBphf8NPzCVSaxfza5jeOCCEEqIKgUDvVrnl_YGca22kTcF360Rzw==
metrics.main.bundle.js
tags.news.com.au/prod/metrics/ 		95 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.main.bundle.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d7dd87ba68fa2909a3530f39c97e7cf34f8a03020a0b904473787e5b3f3770c4

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"b90cdeea86df452e9a6dcc6db5baab10:1719903282.543346"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=60709
content-length
25194
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-127.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62b41f192cbb84402491dc04a088a8544c994984332291dd44f9cc56bd4f38a6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
vcrhgkxCP6PVybkyQ0.nsOF_0n1BWHOF
content-encoding
gzip
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
date
Thu, 11 Jul 2024 10:25:38 GMT
last-modified
Thu, 11 Jul 2024 09:19:37 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
2072
x-amz-server-side-encryption
AES256
etag
W/"75d9e629332614efa0072ff465f779b2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
Jb61BBxgwZH6QNjBNTZNJQfd-AsIaAjw7_doyDwJTy2k_vLh1FQEdQ==
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-111.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 26 Jun 2024 21:11:47 GMT
Content-Encoding
gzip
Via
1.1 f1635e40dd33e4abcdd79d3670805a7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SYD3-P1
Age
1259302
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 26 Jun 2024 21:11:12 GMT
Server
AmazonS3
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
X-Amz-Cf-Id
Cy-7jziB5AR5OcIx86KguDR8S_Io6WNMu58QPyjjWKhZPA5yaKMWDw==
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
2988.js
script.crazyegg.com/pages/scripts/0018/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0018/2988.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1211.js?utv=ut4.46.202311301301
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5131d1e3bf858be9f257dd3d5e40a722010111ee9aafcb2dfa57f61e6130ebfd

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
gzip
cf-cache-status
HIT
age
58215
cf-polished
origSize=7384
ce-version
11.5.237
cf-bgj
minify
last-modified
Wed, 10 Jul 2024 18:49:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8a1849c988b35c07-SYD
up_loader.1.1.0.js
js.adsrvr.org/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.14.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-14-99.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Jul 2024 20:00:20 GMT
Content-Encoding
gzip
Via
1.1 0f7044eb4e8b35c09d88dd64a3263794.cloudfront.net (CloudFront)
Last-Modified
Fri, 07 Jun 2024 09:20:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD62-P3
Age
53990
x-amz-server-side-encryption
AES256
ETag
W/"a7eb6794e868fe870db350518165c868"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
zFoOkbac2dXjZvlg9DzYhQhumUZpbtYBAdd7335bzlcbv4KHnvwj3Q==
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.222.192.243 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
22a7c0f21be2b8240a32adb4e3b490724a69eee63bf02e47615f6d001c0f81f6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"ecd8d25c94266835b528fc293ee30bdf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1880
js
www.googletagmanager.com/gtag/ 		211 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-14643376
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e08f19541fd090cb2aed8d5002cc53a26c6bc6278950f364c8fd9af58633401c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77938
x-xss-protection
0
last-modified
Thu, 11 Jul 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Jul 2024 11:00:10 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202407090252&cb=1720695609387
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Thu, 11 Jul 2024 10:55:30 GMT
via
1.1 ff9e105aa8810f98f1f8f9ec61929886.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
280
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
BKBmH05AofkcAyU0Sv7ddMj-STTbcbZVVQRKyMxE3zdco2FmGmMDHg==
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:09 GMT
server
AkamaiGHost
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1712019818.804653"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=0, no-cache
content-length
65
mime-version
1.0
expires
Thu, 11 Jul 2024 11:00:09 GMT
5119
config.aps.amazon-adsystem.com/configs/ 		531 B
796 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/5119
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-31.syd1.r.cloudfront.net
Software
CloudFront /
Resource Hash
b8464dcb7e2e01bf45bea28cd900120b54874408b41a83ccd573931cae12fac8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 10:33:34 GMT
via
1.1 61e6ef7711ac4efb23fc33fec6908cca.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD1-C1
age
1595
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
531
x-amz-cf-id
_VvKO9xEnCDv88axii9K_8H4GOq-PDTW_FNXbfoU3a4IZb9ZYKidiA==
config
c.amazon-adsystem.com/cdn/prod/ 		636 B
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.30.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-30-125.syd3.r.cloudfront.net
Software
Server /
Resource Hash
0e53454a6a3599c9e3c46ed4eb2132a19bd03b72d6be5282a2d4fb093249751f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 09:15:59 GMT
via
1.1 9c9c7e612d1d6c87f0238098c1c16662.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD3-P2
age
6249
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
636
x-amz-cf-id
1OFnecbi5KXo28Fju3EqqkzDWlXcCQl15T-vVy4mgTWCPyVTrEoJlQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.30.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-30-125.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 9fe9a459a2b2b8935dc7f533182681dc.cloudfront.net (CloudFront)
date
Wed, 10 Jul 2024 22:29:55 GMT
x-amz-cf-pop
SYD3-P2
age
45015
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
alMAy5SqJBfittkgW7UQctfsEyMgJf61vhM7Dkb3WFOIcxmP-9AJxA==
/
geo.privacymanager.io/ 		31 B
627 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.192.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-192-129.sfo53.r.cloudfront.net
Software
/
Resource Hash
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 15:52:00 GMT
via
1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f21e2ffc4473de4703e807b6f2df3d0e.cloudfront.net (CloudFront)
x-amz-cf-pop
HIO50-C1, SFO53-P1
age
68889
x-amzn-requestid
cfeaa67b-d606-4a5f-b78e-ada9c2267835
x-amzn-trace-id
Root=1-668eae20-067ab31223923d4f7b02494f;Parent=6fa53bae64b8d51f;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
atAlEEaTDoEEiiQ=
content-length
31
x-amz-cf-id
HPYD7mv3RcpSU49wLgIMKpiO-9bM02Y4ZgCwhQL9YHjTMMqt4WMhoQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
door.js
au-script.dotmetrics.net/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13214
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-41.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
0193ae8b1db0660a66d394e6312e74441c454cdcc3f6570d05ddb5f3daaca681

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
br
via
1.1 3fb80f1162ff0374e396394904e92ee4.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SYD1-C1
etag
"13214...285.2024071111"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
ax0UZ2jhqcdzC_tOo7sW5UO25BBFOdAoJSaL4LD1ZhHpccZUTULVXg==
adsct
t.co/1/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1b050082-46a2-4810-87cd-8ec003fb9090&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2b2682ce-31f1-441d-a6e3-84b73618ab47&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&tw_iframe_status=0&txn_id=olqt8&type=javascript&version=2.3.30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.18.232.195 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time
146
date
Thu, 11 Jul 2024 11:00:09 GMT
strict-transport-security
max-age=0
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
e442fd95eeae681c
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
86699b5fcdf6527e3e6503b63dc1b6e46a5dd8b862a680fd06ba7c4ffd05ad4f
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1b050082-46a2-4810-87cd-8ec003fb9090&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2b2682ce-31f1-441d-a6e3-84b73618ab47&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&tw_iframe_status=0&txn_id=olqt8&type=javascript&version=2.3.30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time
145
date
Thu, 11 Jul 2024 11:00:09 GMT
strict-transport-security
max-age=631138519
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
7b736ac10edc5548
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
e4c9a00e1531660062515b9bd689b87178db723ea6011ae3364ab950725db7c8
content-length
43
384959879014125
connect.facebook.net/signals/config/ 		68 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/384959879014125?v=2.9.161&r=stable&domain=www.heraldsun.com.au&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
252cba438bfd754846a15aaa33cf5b69115112618cfbdca512f73308c51f0a7d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 11 Jul 2024 11:00:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14184
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=64, mss=1317, tbw=64189, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
qk1EcFMl47FpX0j1hN4RB0Tspzn0wuW+HZMYLTK5YCwq9eDaNd42LOIxvbokXVmlraScANhkngiciM41gwRuMA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/ 		467 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js?cb=31085170
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
b78de46be1aa7cb9f8c429bde4d202a358c1651ae0cc6217cbfd79097793d894
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 10:01:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
3520
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149163
x-xss-protection
0
server
cafe
etag
9083756951993760320
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 11 Jul 2025 10:01:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240709/r20110914/elements/html/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240709/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=360826024142.5847?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 18:13:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
60396
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4395
x-xss-protection
0
server
cafe
etag
4271344721252203484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jul 2024 18:13:33 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspf-DogPvKsAn6_vb1Uk15zB5eC5RXsUmNDSdx0f5e-EAJ0yoBf_eD36SXbUEuZRnTfzx674t3zOs9bvuoXFiW3Au9LK0tS_GZBDKPALCdrvh1_-TL0cPlXDHaCMj5wdOV5La3rSKxz65GJTMF2e_oLOVVwyyieFYXIsL6bK0aSTLnis4&sai=AMfl-YRF39D_BC63-FVCeb7xdjksYQBRaeUN8YYMaKtzf5Aj2YTGxxdir6HG8AzYSPyO1OYKz-8p_D0WmQGjBIA&sig=Cg0ArKJSzHihyWW1EJ0-EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cisv=r20240709.93887&arae=1&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=360826024142.5847?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jul 2024 11:00:09 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240711
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80a98e6e0fc8628ac7d59d0b1be825d06f4fa08a747b4aa01fb58468bfca8e10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 11 Jul 2024 11:00:09 GMT
x-content-type-options
nosniff
content-encoding
br
age
25156
x-jsd-version
1.0.2113
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
808
x-served-by
cache-fra-eddf8230103-FRA, cache-syd10159-SYD
x-jsd-version-type
version
etag
W/"62f-61X4PbcMPUkjDNuXMDmEaLi0R30"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
prebid
id5-sync.com/api/config/ 		167 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
b693ff17985bc54be8d357b5ac2ddc78e06c64df046d38aadad3d9bee7ec2439
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 11 Jul 2024 11:00:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
283 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.26.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.26.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
97081477.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/97081477.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d9f5945e80f23ab8addc1908230c8aa3ffabffd8aaa4827fa91afa5785a64169
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Thu, 11 Jul 2024 11:00:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EAFCEFBBAC8F44E68F78634A87A1AC7F Ref B: SYD03EDGE1410 Ref C: 2024-07-11T11:00:09Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97081477&Ver=2&mid=a9b1c354-3863-4d85-8dbc-61fa52a388f3&sid=bd475c403f7411ef88195737c5f6c96e&vid=bd4775303f7411efbf94e56e47e0e193&vids=1&msclkid=N&pi=918639831&lg=en-AU&sw=1600&sh=1200&sc=24&tl=Bayside%20%7C%20Herald%20Sun&p=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&r=&lt=2919&evt=pageLoad&sv=1&cdb=AQwD&rn=283980
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 11 Jul 2024 11:00:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 462292547D8548D7B651CE98D7A37BBA Ref B: SYD03EDGE1410 Ref C: 2024-07-11T11:00:09Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=ViewContent&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&rl=&if=false&ts=1720695609621&sw=1600&sh=1200&v=2.9.161&r=stable&ec=1&o=4126&fbp=fb.2.1720695609618.417697071506592945&cs_est=true&est_source=2353117768323382&ler=empty&cdl=API_unavailable&it=1720695609505&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1317, tbw=2860, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 11 Jul 2024 11:00:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=384959879014125&ev=ViewContent&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&rl=&if=false&ts=1720695609621&sw=1600&sh=1200&v=2.9.161&r=stable&ec=1&o=4126&fbp=fb.2.1720695609618.417697071506592945&cs_est=true&est_source=2353117768323382&ler=empty&cdl=API_unavailable&it=1720695609505&coo=false&es=automatic&tm=3&rqm=FGET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xb134b76a56b9d4fe","source_keys":["1","2"]},{"key_piece":"0x8c64509bbef6a95c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 11 Jul 2024 11:00:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7390331372197296058", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1317, tbw=7043, tp=-1, tpl=-1, uplat=314, ullat=0
pragma
no-cache
x-fb-debug
IGD1XU5VYNcX1TvwFh+q3qHRlq21KHBHkgp7YUG7wzXtZKr2HY+nVuWpuheM7VTJCbfyFhO/DSNuE0eeWsAnUw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7390331372197296058"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&rl=&if=false&ts=1720695609622&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.2.1720695609618.417697071506592945&cs_est=true&ler=empty&cdl=API_unavailable&it=1720695609505&coo=false&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1317, tbw=3146, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 11 Jul 2024 11:00:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&rl=&if=false&ts=1720695609622&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.2.1720695609618.417697071506592945&cs_est=true&ler=empty&cdl=API_unavailable&it=1720695609505&coo=false&rqm=FGET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x27f50080b680d49c","source_keys":["1","2"]},{"key_piece":"0x071bab48f337e952","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 11 Jul 2024 11:00:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7390331373317905265", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1317, tbw=3301, tp=-1, tpl=-1, uplat=308, ullat=0
pragma
no-cache
x-fb-debug
33fR2XVfP6ecEL9Y6tZppRFj/OAUAqa6mveHSGggFFsfbR7f51QMOW0wJM4QENuLBKEVLbuMz1YK+mwbu0Z+Ng==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7390331373317905265"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
pub
pixel.adsafeprotected.com/services/ 		453 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.90%5D,p:/5129/ndm.leader/local,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90%5D,p:/5129/ndm.leader/local,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.leader/local,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.leader/local,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=ceee6629-69c1-fc40-18e7-ad00e6c7f4e4&url=https%253A%252F%252Fwww.heraldsun.com.au%252Fleader%252Fbayside
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.129.195 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-129-195.ap-southeast-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
f03eb5ddf21faa700fe51263e8c57eb7b973281877ddd9d692fc3fb087da0a60

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		122 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&pid=rpozOy4hT1nmY&cb=0&ws=1600x1200&v=24.620.1905&t=2000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal-ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal-ad-block-728x90-2%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sm=d5603a00-d8ba-412c-9a45-df554a54c9f7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.113.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-113-58.syd62.r.cloudfront.net
Software
Server /
Resource Hash
d45c970754b1c9d73f6cd8b1e508b949a38c38beb0c94b9f436eab85795b9c41

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
via
1.1 899497b8fe71995dd517601bf8d5f77a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
122
x-amz-cf-id
lfU67HBUmlzk3W6McDLl86qwsnpfgfMKuUUGQLDAHK1h8MheoVn_JA==
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame CE25 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js?cb=31085170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2671
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28620
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jul 2024 10:15:38 GMT
expires
Thu, 11 Jul 2024 11:05:38 GMT
last-modified
Mon, 08 Jul 2024 19:45:39 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.253.138.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-253-138-55.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Thu, 11 Jul 2024 11:00:09 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.253.138.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-253-138-55.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Thu, 11 Jul 2024 11:00:09 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame 2038 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-42.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Age
3305
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 11 Jul 2024 10:05:05 GMT
ETag
W/"fbee957879301d939e1c5ea8e01d09a8"
Last-Modified
Tue, 16 May 2023 02:16:02 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 fbd92e37686376c632f471bbca198756.cloudfront.net (CloudFront)
X-Amz-Cf-Id
l-ucmxr37Hn4qNMqtzP7Em_xyACkhVvF1N5BOgK-9-7HyNyFMNWmrg==
X-Amz-Cf-Pop
SYD3-P1
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256
lookuplist
au.audience.newscgp.com/ 		108 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=15de4855b47787d2f2ee5284a4c4245f&&bust=17206956097180.2438135142953275&errors-in-body=1
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.175.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-175-105.cgk51.r.cloudfront.net
Software
nginx /
Resource Hash
820d2146cd9413e3a1c7d162fb1bbd14e1d5623452ddcc0b407dd4a8b30d3a3b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:10 GMT
via
1.1 c58f23d83eba9cb7f0fa30f4d356a58a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CGK51-P3
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
108
x-amz-cf-id
Wh0-0aSRneXcPQCDJ7BH0rnwjgWTRIfQcXNSuvzENMF8xgBLBBl_eg==
topicsapi.html
topics.authorizedvault.com/ Frame 84B0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.244.62.6 Sydney, Australia, ASN60068 (CDN77 _, GB),
Reverse DNS
109632633.syd.cdn77.com
Software
CDN77-Turbo /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=604800
content-encoding
gzip
content-type
text/html
date
Thu, 11 Jul 2024 11:00:10 GMT
etag
W/"b1da2234a554ee8bc6519a75d88402d9"
expires
Tue, 11 Jul 2023 17:48:38 GMT
last-modified
Mon, 26 Jun 2023 15:39:25 GMT
server
CDN77-Turbo
vary
Accept-Encoding
via
1.1 google
x-77-age
307758
x-77-cache
HIT
x-77-nzt
EQwBj/Q+BAH3LrIEAA
x-77-nzt-ray
79dc880614965da73abb8f66ab71b321
x-77-pop
sydneyAU
x-accel-date
1720387852
x-accel-date-max
1689094118
x-accel-expires
@1720992652
x-age
307758
x-cache
HIT
x-goog-generation
1687793965818864
x-goog-hash
crc32c=LvKeBQ== md5=sdoiNKVU7ovGUZp12IQC2Q==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1404
x-guploader-uploadid
ADPycdued6PJ1Ep6vC99ldIvPcD5Q2n4Vg8uR6Rg6Yvlhb0rOni3e-zPqu0tM_qE0XDXhy3ZRyO_fFEoqU_Ehpk5Zagd
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame ABA9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=162179
content-encoding
gzip
content-length
859
content-type
text/html
date
Thu, 11 Jul 2024 11:00:09 GMT
expires
Sat, 13 Jul 2024 08:03:08 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
689 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=277566
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc6ce72a0efa98fee671e04807f63b026428685fb1af3239dd269f774f6149a2

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 11 Jul 2024 11:00:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
observe-browsing-topics
?1
alt-svc
h3=":443"; ma=86400
content-length
36
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pxdj4ekOb2Cz13dahnajYaJJTFZZT8Wo0h%2FlTaNarlhaCD73JOkZ7WIxwBJvNp6pl9ay5gHZKecqojqTLwTwonvJiHPKEst75pUTkyX2dk%2FFiBDE4losxWtr9xB2WHLHrH9usteg"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8a1849c92ca8dfa7-SYD
expires
0
cdb
bidder.criteo.com/ 		0
227 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=79313432633&lsavail=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Origin
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		531 B
896 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=2&alt_size_ids=55%2C57%2C68&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&tg_v.adl=false&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&tg_i.pagetype=page-not-found&tg_i.sec1=local&tg_i.adl=false&tg_i.pos=1%2C1&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%23ad-block-728x90-1&tg_i.refreshed=false&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=113ac8400fb6926&p_screen_res=1600x1200&o_ae=1&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%23ad-block-728x90-1&slots=1&rand=0.43194647124302143
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
88d833514dd924f4ec26dbc1614f8ef8699397c2d1dd0c6df87658e811e54987

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:11 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
531
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		505 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&tg_v.adl=false&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&tg_i.pagetype=page-not-found&tg_i.sec1=local&tg_i.adl=false&tg_i.pos=2%2C2&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%23ad-block-728x90-2&tg_i.refreshed=false&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=12409c579000262&p_screen_res=1600x1200&o_ae=1&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%23ad-block-728x90-2&slots=1&rand=0.17715591600534042
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6aaf859938e9739d143127f76a087724dc4544d121b188b0ac18e93906d9d87a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
505
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 11 Jul 2024 11:00:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
639 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.222.193.119 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-193-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
observe-browsing-topics
?1
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 11 Jul 2024 11:00:09 GMT
prebid
ib.adnxs.com/ut/v3/ 		262 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.53 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
cc5a53633967317934dcbff7f7312e431f6a60c13a6bba20a462096632a3fd53
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:10 GMT
an-x-request-uuid
a24a55bf-b253-494b-83a0-bd8c165d98b9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.161; 66.203.112.161; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
262
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1720695609761&to=-480&aun=ad-block-728x90-1&gpid=%2F5129%2Fndm.leader%2Flocal%23ad-block-728x90-1&t=jlltldhf&pi=3&maxw=1800&maxh=1000&si=985711&bf=970x250%2C1800x1000%2C970x90%2C728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.23.0%22%7D&ogu=https%3A%2F%2Fwww.heraldsun.com.au&ns=10240
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.223.94 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-223-94.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
423063a18b91db9f3313a3454b96ae974665c58b9fde948553f0313b993aaf34

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:10 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=beafaf883e015095e9ed288fd27606c0&timewithTz=2024-07-11T11:00:09.054Z&country=au&newsconnectId=&fpid=15de4855b47787d2f2ee5284a4c4245f
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.169.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-169-25.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
attribution_trigger
px.ads.linkedin.com/ 		2 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=&time=1720695609776&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:10 GMT
content-encoding
gzip
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 19184808A93E4B7986CA10132B28EBFB Ref B: SYD03EDGE1119 Ref C: 2024-07-11T11:00:10Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-lor1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYc9qqceNnuo0nII+DVcw==
x-fs-uuid
00061cf6aa9c78d9eea349c823e0d573
collect
px.ads.linkedin.com/ 		0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1720695609776&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:10 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: FE10264E859B4B2A818BCF6014230EB9 Ref B: SYD03EDGE1520 Ref C: 2024-07-11T11:00:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYc9qqeDjtmhtJr1Oh0JQ==
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e38ba87fc3c01838268043d9e5f3b0ec09c532e5f9ce823592306344e89293d7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 11 Jul 2024 10:07:52 GMT
server
cloudflare
age
3137
cf-polished
origSize=64552
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BRhKTm3sJu9jRc9ERBLNJZmgSdCEgM9mhJI0%2FioYsCrfybO2UHIe5c1E8%2B%2BeMAyBeaOv%2BIH0sFo%2F8GhuecGQf8NduqMw4xEMAqWDHRxixEGwPiFLOYHNDkgZrNjsINafkoE%2F%2FoR8"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8a1849c92c70aadd-SYD
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
97081477
www.clarity.ms/tag/uet/ 		991 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/97081477
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/97081477.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b3de2c693c4f16a4c6487eb66fa1b2884f11525f50d46dfb3a0a6252d22e1a48

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
-1
date
Thu, 11 Jul 2024 11:00:10 GMT
x-azure-ref
20240711T110010Z-176dcb556f6jtwkqa7a0ck113c00000001b0000000004pv6
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
991
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fleader%2Fbayside&u=Cm0l9vD_uMNFDqSYd8&d=heraldsun.com.au&g=36976&g0=local%2Cpage-not-found%2Cno_video&g1=hwt&n=1&f=00001&c=0&x=0&m=0&y=2726&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&b=4240&t=C1YZuBDMuynyBfYin8CQ3D8bDwJYcU&V=147&i=Bayside%20%7C%20Herald%20Sun&tz=-480&_acct=anon&sn=1&sv=DZKUu5DY9oCnDsoVCACaDNwaBhZN-I&sr=external&sd=1&im=066b0f7a&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.90.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-90-195.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 Jul 2024 11:00:10 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
/
geo.privacymanager.io/ 		31 B
624 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.192.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-192-129.sfo53.r.cloudfront.net
Software
/
Resource Hash
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 15:52:00 GMT
via
1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f21e2ffc4473de4703e807b6f2df3d0e.cloudfront.net (CloudFront)
x-amz-cf-pop
HIO50-C1, SFO53-P1
age
68890
x-amzn-requestid
cfeaa67b-d606-4a5f-b78e-ada9c2267835
x-amzn-trace-id
Root=1-668eae20-067ab31223923d4f7b02494f;Parent=6fa53bae64b8d51f;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
atAlEEaTDoEEiiQ=
content-length
31
x-amz-cf-id
U5xk0BC5eSep12e356Ed9WMWnc8Q66aY48-cTvNm9QVf7JZNrd6S4w==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
hit.gif
au-script.dotmetrics.net/ 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13214&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&dom=www.heraldsun.com.au&r=1720695609832&pvs=1&ecid=098029c7-4ceb-4715-aa3f-9f05f4b4286b&c=true&tzOffset=-480&doorUrl=http%3a%2f%2fau-script.dotmetrics.net%2fdoor.js%3fid%3d13214&dfph=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-41.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
dotmetrics-hit-status
01 OK
via
1.1 3fb80f1162ff0374e396394904e92ee4.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
RyD_bg9hwlvjWEuMLDj6KJL5thTdVVJbUCd1pfCPLf0Q8P98k4w3lA==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13214&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&dom=www.heraldsun.com.au&r=1720695609832&pvs=1&pvid=098029c7-4ceb-4715-aa3f-9f05f4b4286b&c=true&tzOffset=-480
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-119.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 19:58:17 GMT
via
1.1 de78b5b2f4bbd9bb1abd6bed27a85d78.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 12:25:02 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
age
54113
x-amz-server-side-encryption
AES256
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
o1G_Dayfr0znLIMoTMFoB6SLun-uERYLCaE2eyINSB9Nfy0rqItquQ==
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.253.138.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-253-138-55.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Thu, 11 Jul 2024 11:00:09 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		199 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-127.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Aabpvbg3ktgBmwIqp1b4kZ3V88L5QhMx
content-encoding
gzip
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
date
Thu, 11 Jul 2024 10:41:42 GMT
x-amz-cf-pop
SYD3-P2
age
1108
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 06 Sep 2023 13:04:53 GMT
server
AmazonS3
etag
W/"2be1fe7a43ef5ba626afab2ceddfc177"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
2H8P9XaMwyW4-oomiLESOZdbABTnIdAEsysPL4gZQncA67aCwlSK5Q==
undefined_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/undefined_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:10 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
config
pixel-config.reddit.com/pixels/t2_vrvmwxuz/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_vrvmwxuz/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1720695609850&id=t2_vrvmwxuz&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=d413e83b-7b5c-4cff-84fd-479a0c136475&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:10 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
www.heraldsun.com.au.json
script.crazyegg.com/pages/data-scripts/0018/2988/site/ 		1023 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0018/2988/site/www.heraldsun.com.au.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86a522a5175f849257f3ef4c78e7bbc6d281c8624bc23d14af4410963d2c7971

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:10 GMT
content-encoding
gzip
cf-cache-status
HIT
age
58217
ce-version
11.5.237
content-length
456
last-modified
Wed, 10 Jul 2024 18:49:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a1849cbc8205d28-SYD
main.ea1c939c.js
s.pinimg.com/ct/lib/ 		80 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.ea1c939c.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.222.192.243 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d23d5715ffe428ffa9ce297fba04eb9ba463cbc6478269f0c53ceeeada3c95c6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"2bb7f81e0335844a4b164b873a7f7a30"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
23139
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame C26E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-100.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
3365
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Thu, 11 Jul 2024 10:04:06 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 06 Sep 2023 13:04:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
x-amz-cf-id
smhFZqjPbucdzIj8qMVp6P-uf4SfteikU72T7mVr6g37ENWUQ-U8Aw==
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
CTbRZ.5UlARhD4XceMUpZU1V6DSHtB37
x-cache
Hit from cloudfront
/
ct.pinterest.com/user/ 		321 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2612777586108&ov=%7B%22page_name%22%3A%22Bayside%20%7C%20Herald%20Sun%22%2C%22page_category%22%3A%22%22%7D&pd=%7B%22opt_out_type%22%3A%22%22%2C%22st%22%3A%22%22%2C%22country%22%3A%22%22%2C%22np%22%3A%22tealium%22%7D&cb=1720695609925&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.ea1c939c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:10 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=600
x-pinterest-rid
1480322831415502
content-length
186
pin-unauth
dWlkPVlXUXdaV0U1WTJJdE5qWTNOaTAwTURkbUxXRmxOalF0TjJRek5qWmxPV0k0TW1JMw
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
98a5c1f9a97216ab594bea30094df12248eb1060
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/ 		321 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22lead_type%22%3A%22test%22%2C%22event_id%22%3A%22263f8481062916659b056edafa42ee2d%22%7D&tid=2612777586108&cb=1720695609927&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.ea1c939c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:10 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
8003347568858390
content-length
186
pin-unauth
dWlkPVpESXlOREU0TVRrdFpUSTFPQzAwWTJVd0xXRmlOMkl0TjJWaU9UTXhNakExWWpndw
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
98a5c1f9a97216ab594bea30094df12248eb1060
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?tid=2612777586108&ov=%7B%22page_name%22%3A%22Bayside%20%7C%20Herald%20Sun%22%2C%22page_category%22%3A%22%22%7D&pd=%7B%22opt_out_type%22%3A%22%22%2C%22st%22%3A%22%22%2C%22country%22%3A%22%22%2C%22np%22%3A%22tealium%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22ea1c939c%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1720695609927
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.ea1c939c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:10 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
https://www.heraldsun.com.au
pinterest-version
98a5c1f9a97216ab594bea30094df12248eb1060
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=600
x-pinterest-rid
9172351632761023
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
script.js
au-script.dotmetrics.net/Scripts/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=285
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-41.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
27b65c06fcf400e92c162ef2a8497cc573468ed0904d1a4c92119344c9997313

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:09 GMT
content-encoding
br
via
1.1 3fb80f1162ff0374e396394904e92ee4.cloudfront.net (CloudFront)
last-modified
Mon, 15 Apr 2024 14:54:31 GMT
server
Kestrel
x-amz-cf-pop
SYD1-C1
etag
"1da8f44d2530d7f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
x-amz-cf-id
W0KQw4wAhh1_VoEIerIxj_Dz4krwKag8IItr6LNI65mQsgJkn7vz3w==
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMyMTQsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS9sZWFkZXIvYmF5c2lkZSIsInJ1cmwiOiIiLCJlY2lkIjoiMDk4MDI5YzctNGNlYi00NzE1LWFhM2YtOWYwNWY0YjQyODZiIiwiZGMiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJkZnBoIjoiIiwidHpPZmZzZXQiOi00ODAsIm9zcyI6dHJ1ZSwib3NlcyI6dHJ1ZX0%3D&r=1720695610058
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=285
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-41.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
53065a93c18274e31d437a472cc996292f0603fb8ed9b4d9880dd32ea972aea7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:10 GMT
content-encoding
br
via
1.1 3fb80f1162ff0374e396394904e92ee4.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
hHxyZDgesWulSOOINR9oPOhLMCzlKAruH9Ba0zzi7cGzdV1DcObHdw==
iu3
s.amazon-adsystem.com/ Frame A3DE
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg_3lift&dcc=t
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
292
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 11 Jul 2024 11:00:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
W4M1AMFB2PTFDNAVS4W4

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 11 Jul 2024 11:00:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
38RMCPKXVFT396KTERE5
/
ct.pinterest.com/v3/ 		35 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22lead_type%22%3A%22test%22%2C%22event_id%22%3A%22263f8481062916659b056edafa42ee2d%22%7D&tid=2612777586108&cb=1720695610163&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22opt_out_type%22%3A%22%22%2C%22st%22%3A%22%22%2C%22country%22%3A%22%22%2C%22np%22%3A%22tealium%22%2C%22pin_unauth%22%3A%22dWlkPVlXUXdaV0U1WTJJdE5qWTNOaTAwTURkbUxXRmxOalF0TjJRek5qWmxPV0k0TW1JMw%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22ea1c939c%22%2C%22is_eu%22%3Afalse%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.ea1c939c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:10 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
https://www.heraldsun.com.au
pinterest-version
98a5c1f9a97216ab594bea30094df12248eb1060
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
7527142625212167
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
74cd3240d81fc1b5c2464a2e6cbbb5d1f8cee7df7b2dabfa7ea4
bedsberry.com/send/ 		299 B
719 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/send/74cd3240d81fc1b5c2464a2e6cbbb5d1f8cee7df7b2dabfa7ea4
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ff7674f42cafb1832df71955d38c1ba093a3a6200bf5d896df289445523775a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 11 Jul 2024 11:00:10 GMT
strict-transport-security
max-age=15724800; preload
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
br
x-buildnumber
1353145067
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-spot-dcpg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
8a1849cbcf35aabb-SYD
expires
Thu, 11 Jul 2024 11:00:09 GMT
activityi;dc_pre=CJShk9XqnocDFT2G6QUdjAkO4w;src=14643376;type=hs;cat=hs_02;ord=9791598902853;npa=0;auiddc=800551474.1720695610;gdid=dYmQxMT;ps=1;pcor=205329341;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
14643376.fls.doubleclick.net/ Frame 4A4A
Redirect Chain
  • https://14643376.fls.doubleclick.net/activityi;src=14643376;type=hs;cat=hs_02;ord=9791598902853;npa=0;auiddc=800551474.1720695610;gdid=dYmQxMT;ps=1;pcor=205329341;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
  • https://14643376.fls.doubleclick.net/activityi;dc_pre=CJShk9XqnocDFT2G6QUdjAkO4w;src=14643376;type=hs;cat=hs_02;ord=9791598902853;npa=0;auiddc=800551474.1720695610;gdid=dYmQxMT;ps=1;pcor=205329341;...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://14643376.fls.doubleclick.net/activityi;dc_pre=CJShk9XqnocDFT2G6QUdjAkO4w;src=14643376;type=hs;cat=hs_02;ord=9791598902853;npa=0;auiddc=800551474.1720695610;gdid=dYmQxMT;ps=1;pcor=205329341;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9185837162za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-14643376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
349
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jul 2024 11:00:10 GMT
expires
Thu, 11 Jul 2024 11:00:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jul 2024 11:00:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://14643376.fls.doubleclick.net/activityi;dc_pre=CJShk9XqnocDFT2G6QUdjAkO4w;src=14643376;type=hs;cat=hs_02;ord=9791598902853;npa=0;auiddc=800551474.1720695610;gdid=dYmQxMT;ps=1;pcor=205329341;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9185837162za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=14643376;type=hs;cat=hs_02;ord=9791598902853;npa=0;auiddc=800551474.1720695610;gdid=dYmQxMT;ps=1;pcor=205329341;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscd...
ad.doubleclick.net/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=14643376;type=hs;cat=hs_02;ord=9791598902853;npa=0;auiddc=800551474.1720695610;gdid=dYmQxMT;ps=1;pcor=205329341;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9185837162za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.6 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:10 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"17059506693269799832"}],"aggregatable_trigger_data":[{"filters":[{"14":["102302385"]}],"key_piece":"0xf6167142424c3f42","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x7108b2e926fccd61","not_filters":{"14":["102302385"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"12361332962315893044","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"17059506693269799832","filters":[{"14":["102302385"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"17059506693269799832","filters":[{"14":["102302385"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"17059506693269799832","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"17059506693269799832","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14643376"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interact
edge.adobedc.net/ee/v1/ 		729 B
819 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=6e34adb0-3d0a-4f5e-90c7-070b75574c88
Requested by
Host: cdn1.adoberesources.net
URL: https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.130 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-130.data.adobedc.net
Software
jag /
Resource Hash
6097e2b2889cb2a095b2f3e7f5b049a996576c203c4e0835a59fe6d10a242010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 11 Jul 2024 11:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge
VA6;7
access-control-allow-credentials
true
x-konductor
N/A
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-xss-protection
1; mode=block
x-request-id
6e34adb0-3d0a-4f5e-90c7-070b75574c88
4d937751a9fdb6554687b3389ee96763258217ea691e9b
bedsberry.com/af00f8/ 		3 B
459 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/af00f8/4d937751a9fdb6554687b3389ee96763258217ea691e9b
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 11 Jul 2024 11:00:10 GMT
strict-transport-security
max-age=15724800; preload
via
1.1 google
cf-cache-status
DYNAMIC
x-buildnumber
1353145067
alt-svc
h3=":443"; ma=86400
content-length
3
server
cloudflare
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-spot-dcpg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
8a1849ccd8bcaabb-SYD
expires
Thu, 11 Jul 2024 11:00:09 GMT
/
px.ads.linkedin.com/wa/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 11 Jul 2024 11:00:10 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 6CB782EAEE7246F2AE0A198F3CCD6DEC Ref B: SYD03EDGE1520 Ref C: 2024-07-11T11:00:10Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://www.heraldsun.com.au
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYc9qqgrFIIl28uJqnj5Q==
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/97081477
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:10 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240711T110010Z-176dcb556f6jtwkqa7a0ck113c00000001b0000000004pvb
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
8a1fc245-501e-0064-2147-d2df43000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
v1
lb.eu-1-id5-sync.com/lb/ 		44 B
291 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
9717b0b03cbd1f25ad0b3605d10b12c92176310dd00ef583bbb99f6bbe12f242
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 11 Jul 2024 11:00:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
bounce
id5-sync.com/ 		29 B
457 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		44 B
290 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
fcd9a43f72afabd7efb8a7d5b0ca533f82d8855ad1e4d4e4b8c73e6e8f79db6a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 11 Jul 2024 11:00:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
collect
t.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Thu, 11 Jul 2024 11:00:11 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
701.json
id5-sync.com/g/v2/ 		606 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
b47962c96dfb0fbd00ba719aafe0fb16eda3921b16c5fd140796e0143237e122
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 11 Jul 2024 11:00:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
c0.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c0.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.127 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c1.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c1.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.187 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c2.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.98 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c3.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c3.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.88.178 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c4.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c4.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.23 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c5.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c5.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.37 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c6.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c6.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
57.129.23.120 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c7.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c7.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
57.129.22.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c0.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c0.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.54 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c1.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c1.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.187 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c2.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.23 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c3.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c3.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.88.190 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c4.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c4.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.135 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c5.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c5.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.127 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c6.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c6.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.98 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c7.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c7.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.23 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 12 Jul 2024 11:00:12 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		136 KB
29 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3076149470502197&correlator=81949314135990&hxva=1&scor=487763683769611&eid=31083344%2C31085019%2C31084952%2C31085170%2C31084957%2C31084215%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407080101&ptt=17&impl=fifs&iu_parts=5129%2Cndm.leader%2Clocal&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90%2C728x90%2C1000x50%7C728x1%2C1x1&ifi=1&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1720695611777&lmt=1720695611&adxs=436%2C176%2C0%2C0&adys=28%2C1960%2C1988%2C2708&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&vis=1&psz=1600x134%7C1248x15%7C1600x767%7C1600x2726&msz=728x133%7C1248x15%7C1600x0%7C1600x0&fws=512%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=94094174.1720695612&ga_sid=1720695612&ga_hid=817944502&ga_fc=false&topics=1&tps=1&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KjJ4MWs1bWtoNld1UUstNmJsZWpGc09PaW9rX1V3OXQtMFNYc3FKbC1rWUN3Q2l5bHZCRnl5QXdUNXFfZng0VVNYAQ..&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720695608089&idt=1548&prev_scp=in2w_key20%3D1p0l%2C1p0v%2C1p0z%2C_1p0l%2C_1p0v%2C_1p0z%26in2w_key21%3D1649893594%26in2w_key23%3D22_1022646422%26in2w_key24%3D6_964721604%26in2w_key26%3D2_1671229399%2C5_1058473646%26in2w_key27%3Di%2Ci1%26in2w_key28%3D1%2C8%2C11l%26in2w_key30%3D01%26in2w_key31%3D21%26in2w_key33%3D111%26in2w_upa_bidder%3Dnobidder%26in2w_upa_price%3D-1%26in2w_upa_size%3D-1%26pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3Dbd564b79-3f74-11ef-95ec-06f47aa1faf5%26in2w_key15%3Db0%7Cin2w_key20%3D1p0l%2C1p0v%2C1p0z%2C_1p0l%2C_1p0v%2C_1p0z%26in2w_key21%3D3268084572%26in2w_key23%3D22_1022646422%26in2w_key24%3D6_964721604%26in2w_key26%3D2_1671229399%2C5_1058473646%26in2w_key27%3Db%2Cb1%2Cbg1%26in2w_key28%3D1%2C8%2C11l%26in2w_key30%3D07%26in2w_key31%3D21%26in2w_key33%3D111%26in2w_upa_bidder%3Dnobidder%26in2w_upa_price%3D-1%26in2w_upa_size%3D-1%26pos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3Dbd564b7a-3f74-11ef-95ec-06f47aa1faf5%26in2w_key15%3Db0%7Cin2w_key20%3D1p0l%2C1p0v%2C1p0z%2C_1p0l%2C_1p0v%2C_1p0z%26in2w_key21%3D1118675666%26in2w_key23%3D22_1022646422%26in2w_key24%3D6_964721604%26in2w_key26%3D2_1671229399%2C5_1058473646%26in2w_key27%3Db%2Cb1%2Cbg1%26in2w_key28%3D1%2C8%2C11l%26in2w_key30%3D10%26in2w_key31%3D21%26in2w_key33%3D111%26in2w_upa_bidder%3Dnobidder%26in2w_upa_price%3D-1%26in2w_upa_size%3D-1%26pos%3D1%26refreshed%3Dfalse%26id%3Dbd564b7b-3f74-11ef-95ec-06f47aa1faf5%26in2w_key15%3Db0%7Cin2w_key20%3D190l%2C190v%2C190z%2C_190l%2C_190v%2C_190z%26in2w_key23%3D22_1022646422%26in2w_key24%3D6_964721604%26in2w_key26%3D2_1671229399%2C5_1058473646%26in2w_key27%3Db%2Cb2%2Cbg1%26in2w_key28%3D1%2C8%2C11l%26in2w_key30%3D01%26in2w_key31%3D21%26in2w_key33%3D111%26in2w_upa_bidder%3Dnobidder%26in2w_upa_price%3D-1%26in2w_upa_size%3D-1%26pos%3D1%26id%3Dbd564b7c-3f74-11ef-95ec-06f47aa1faf5%26in2w_key15%3Db0&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3D15de4855b47787d2f2ee5284a4c4245f%26sec1%3Dlocal%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dpage-not-found%26adl%3Dfalse%26sssw%3Dtrue%26abtest%3Db%26pvid%3D15de4855b47787d2f2ee5284a4c4245f-00000000000000000000000000000000-1720695608950-669411%26amznbid%3D0%26amznp%3D0%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_UNSCORED_PG&adks=2563129716%2C481167196%2C2769923241%2C3483374759&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js?cb=31085170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
8cdd606cccdf0b5196c1e22d226fbb0b89a82feef6ea7e3d29b8698001a11a2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:12 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30065
x-xss-protection
0
google-lineitem-id
5275743052,5275743052,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138445902045,138472356620,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a1f9057a7056edf4b53110c249ae7986.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 29B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a1f9057a7056edf4b53110c249ae7986.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js?cb=31085170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jul 2024 11:00:12 GMT
expires
Thu, 11 Jul 2024 11:00:12 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_leader_S&asn=leader&fp_id=lyvuzgpuzt9tbqtea4selkrdpxlyz1720695609&fp_cr_tm=1720695609909&fp_acc_tm=1720695609909&fp_emm_tm=1720695609909&ve_id=&sessionId=y8ylkjhy9s4tpyiqh5ucmqr9jhep11720695609&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,zyrx3rlajvdr64cxuqjpty7muyff41720695610&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,17206956099067529&c30=bldv,6.0.0.673&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1720695609360&c3=st,c&c64=starttm,1720695611&adid=1720695609360&c58=isLive,false&c59=sesid,&c61=createtm,1720695611&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&c66=mediaurl,&sdd=&c62=sendTime,1720695611&rnd=321304
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.244.82 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-244-82.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:11 GMT
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
id
newscorpau.sc.omtrdc.net/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newscorpau.sc.omtrdc.net/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=03074953136548277134507282895946894978&ts=1720695612402
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.117 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-117.data.adobedc.net
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 11 Jul 2024 11:00:12 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=03074953136548277134507282895946894978&ts=1720695612408
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.219.105.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-105-60.compute-1.amazonaws.com
Software
/
Resource Hash
f5daeb8ac3aa04dce3b8bb7bb3428e46651c5ae9383adbc1f458638de8b3fae1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-va6-2-v061-0ef70382e.edge-va6.demdex.com 5 ms
pragma
no-cache
date
Thu, 11 Jul 2024 11:00:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
c0qz4/OYQYY=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
1556
expires
Thu, 01 Jan 1970 00:00:00 UTC
v3
id5-sync.com/gm/ 		668 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
91306bee3cd80e178a0a9d5deb08a56e1d626f7a28377aa9c529fd98eea44146
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 Jul 2024 11:00:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:12 GMT
content-encoding
gzip
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 12 Jul 2024 11:00:12 GMT
generic1719832636286.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		459 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1719832636286.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.175 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
459af69231567be891a6f39b937a4b7055443a58f3df773da5aa91bbc99e4eae
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
U2BHPnZpHVqdI68tVt2enfTCoUNLu9N3
content-encoding
gzip
via
1.1 varnish
date
Thu, 11 Jul 2024 11:00:12 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
3N0WRTD6MF14NXZF
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
87942
x-amz-id-2
X9IhbalZvNAR+GxySHEogu/64QQET5K5rTkRLkIiAw9SXl2sTD4hJyhojVjfTbXHPadfUZ3VPVo=
x-served-by
cache-syd10145-SYD
last-modified
Mon, 01 Jul 2024 11:17:17 GMT
server
AmazonS3
x-timer
S1720695613.748134,VS0,VE0
etag
"6704ab9a28c202c4ccb49fd4ca730ff6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
115052
up
insight.adsrvr.org/track/ Frame 7309 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 11 Jul 2024 11:00:12 GMT
server
Kestrel
vary
Accept-Encoding
up
insight.adsrvr.org/track/ Frame F58D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 11 Jul 2024 11:00:12 GMT
server
Kestrel
vary
Accept-Encoding
token_create.js
ct.pinterest.com/static/ct/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.ea1c939c.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:12 GMT
x-cdn
fastly
age
2597
etag
"19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
timing-allow-origin
https://ct.pinterest.com
alt-svc
h3=":443";ma=600
content-length
4103
ct.html
ct.pinterest.com/ Frame B0B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.ea1c939c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Thu, 11 Jul 2024 11:00:13 GMT
pinterest-version
98a5c1f9a97216ab594bea30094df12248eb1060
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
0
x-pinterest-rid
1239238665901262
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=26884371252B4F629AFE478ED519A545&RedC=c.clarity.ms&MXFR=130DE90052816C9F2DD6FDB956816240
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=26884371252B4F629AFE478ED519A545&MUID=108B7647EA3B661A133862FEEB0967AE
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=26884371252B4F629AFE478ED519A545&MUID=108B7647EA3B661A133862FEEB0967AE
Protocol
H2
Server
52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:12 GMT
last-modified
Tue, 25 Jun 2024 17:30:33 GMT
server
Microsoft-IIS/10.0
etag
"3190236225c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 817DB3657DBA4DEABAC389D199E211EE Ref B: SYD03EDGE1410 Ref C: 2024-07-11T11:00:13Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=26884371252B4F629AFE478ED519A545&MUID=108B7647EA3B661A133862FEEB0967AE
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407080101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js?cb=31085170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
4fa71f016e9254cfa92aae141645cbfe20ec065b441d112ed64c59327721994a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12885
x-xss-protection
0
syncframe
gum.criteo.com/ Frame E581 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jul 2024 11:00:12 GMT
server
Kestrel
server-processing-duration-in-ticks
337012
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
8.gif
id5-sync.com/i/701/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/701/8.gif?o=api&id5id=ID5*aNuyqNrnPyUj7TjVJi4T_lBkdAFnBQ0wYuM65iq4R86wCp-Is5EmducXVFN3Lx6w&gdpr_consent=undefined&gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 11 Jul 2024 11:00:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
view
securepubads.g.doubleclick.net/pcs/ Frame 912F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuaHj0SSGEcNgMzKHsnyxng3I8IXAh6iumb5nlBRurrTtF8f-7jzleLT2uWKQRagEEuu_sWmBRBrg4vFhVpDZK8Wn3pZycakVoeg1Wh687HmjpF0wcWi2eSqaREcv4quFlLsXRTZpeeRl0gP098XF8tg5b-uCEnaMU4aU84_hTvN6j3MVYCRl11EpTw_agi8CX9UJju6yY2oOzpLu25Gb_UykOE0kFFbZoBuAXWZWenxk0ZfvWQqUVz_d9Dp-aP1Rw5zgIwVPk8E7braC2MpHzgH3pWLYTwo-elx4ddizwA6il4reogM30tox6QvtzWwpc-mrfvz92BHKspmKFvXZwcH_qDHKxuawlbK0Ra6f3ZbjdqpEClJ_xo0U_wUgq0ZTmKWi8&sai=AMfl-YRE3FalU4vBPaT4oWDgezmrhQyABgjBs8hIt2-635Yq5xEs0SS7Txhj0a46DuvAh5eh9hGItmHbW4yd2nEZpnnQgUDYMxJ4HHK3jwpdajLgsxR8l9DSz31MAJ6CQO8&sig=Cg0ArKJSzPm6XqOWnchPEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240709/r20110914/ Frame 912F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240709/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js?cb=31085170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
cafe /
Resource Hash
7319e564328115c786a41ae6d84023d5f7e565bd9dcb601f36d71412ba152458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 15:06:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
71610
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9163
x-xss-protection
0
server
cafe
etag
8863461291424761282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jul 2024 15:06:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/ Frame 912F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js?cb=31085170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 14:58:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
72117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jul 2024 14:58:16 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 912F 		204 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js?cb=31085170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 10:09:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
3049
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64533
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 11 Jul 2024 11:09:23 GMT
14822947184821417181
tpc.googlesyndication.com/simgad/ Frame 912F 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14822947184821417181
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js?cb=31085170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
sffe /
Resource Hash
99740307ed5cfa3bfd0c6d068d455e4c76d3328c7262599434f41754fd6165c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Mon, 07 Jul 2025 10:27:57 GMT
date
Sun, 07 Jul 2024 10:27:57 GMT
x-content-type-options
nosniff
age
347536
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27589
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 07:37:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
l
www.google.com/ads/measurement/ Frame 912F 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7276 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLWOTyGp5JOsE2NZuQmVPiM99ayutRPrUYX6UbDgoTvmEcH5nKGj_1pJY-g6NE-Yg75hairM9IfvC13F4Mf8M9yJNkvvPb7VsIkPHwe3nHk7Tlqv2GSpu680_tcNLUzNDj5oO1R-Mz_56FZdklIvr_1mb-4g25SY_QivmWLkvQLbparaV-QxmZAPVE67jcRvNCM7YOWzAHIfYQLHA1B_VxuCcZirrg21CmQ6TJhYdNUTBEQD15Yqm70JvlB7mS76CCNE0yIEcIxjwsUFdtO9BO_I5VT22rKGsWm_oIGtzUNCbDrWCpJbZZ7co9PmhjBMmxmNdDQ9-JC6uF4vfbUovErTVmy-watPCl7LaYAkdXwXJRK7WYQaN_EkNvwZUgR3jQGfY&sai=AMfl-YS-U0wMQlet8gIs-rZ0hCqAbQjYntyZvZCCjrcdQNRLgP1IFBGHTPx4CjnKBIkeM3b-kJQfEoQ5qvZLn75-t_yuX3VP0LG0O7cdfH5DyoWa9jyn3TckOYTUkNALi_8&sig=Cg0ArKJSzMJ4S5H8PtEjEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240709/r20110914/ Frame 7276 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240709/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js?cb=31085170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
cafe /
Resource Hash
7319e564328115c786a41ae6d84023d5f7e565bd9dcb601f36d71412ba152458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 15:06:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
71610
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9163
x-xss-protection
0
server
cafe
etag
8863461291424761282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jul 2024 15:06:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/ Frame 7276 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js?cb=31085170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 14:58:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
72117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jul 2024 14:58:16 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7276 		204 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js?cb=31085170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 10:09:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
3049
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64533
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 11 Jul 2024 11:09:23 GMT
568199034932938525
tpc.googlesyndication.com/simgad/ Frame 7276 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/568199034932938525
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js?cb=31085170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
sffe /
Resource Hash
a85d1caf9db24f47dd0ea3c0d1c97215b3a3c2447607b5c0c7dcb46f823b3f17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Sat, 05 Jul 2025 03:07:32 GMT
date
Fri, 05 Jul 2024 03:07:32 GMT
x-content-type-options
nosniff
age
546761
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39584
x-xss-protection
0
last-modified
Fri, 19 Apr 2024 08:40:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
l
www.google.com/ads/measurement/ Frame 7276 		0
0
truncated
/ Frame 912F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ffc785f3715eab110fa28a450f2f495edab81e6fc302098b4afae4544afc30f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7276 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a5d91052bc163605a1fbe6b47bc14a5d58b9e886184ac657c60b8845cc04409

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiQmF5c2lkZSB8IEhlcmFsZCBTdW4iLCJwYWdlX3VybCI6ICJodHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1L2xlYWRlci9iYXlzaWRlIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE3MjA2OTU2MTI4OTEiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiA4LCJ1c2VyX2lkIjogIjE5MGExNzM2NWQzZWQyLTAxZGEzYjVlNjFmOC0xMTQ2MmM2Zi0xZDRjMDAtMTkwYTE3MzY1ZDQxMzhhIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXN5ZDEiLCJhY2NvdW50SWQiOiAxMzIyMjIsInVybCI6ICJodHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1L2xlYWRlci9iYXlzaWRlIiwid2Vic2l0ZUlkIjogMTMyMjI0LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI5OTA0LTIwNzItM2E1MC1mNTRiLWQ5NTUtNGM1Mi0zYWVkLWJiYTIiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTcyMDY5NTYxMjg4OSIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiA0MjcyLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41NS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi41NS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNzIwNjk1NjEyODkxLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-wb49
date
Thu, 11 Jul 2024 11:00:13 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
jload
pixel.adsafeprotected.com/ Frame F259 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|1&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138445902045&pubOrder=2553375348&cb=1487764302&custom=page-not-found&custom3=168403511&adsafe_par&impId=bd564b79-3f74-11ef-95ec-06f47aa1faf5
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.129.195 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-129-195.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
82d2839b94bc4d0949b137ebf82a2a090ca1af6e1ad5b29b7e35782032164df8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:12 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
jload
pixel.adsafeprotected.com/ Frame 3493 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138472356620&pubOrder=2553375348&cb=1492456871&custom=page-not-found&custom3=168403511&adsafe_par&impId=bd564b7a-3f74-11ef-95ec-06f47aa1faf5
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.129.195 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-129-195.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
da0092d6d20dcc503467143e07bbcd2c0a10d9679012b61a8853097de8bd1094

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:12 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 912F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7276 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.19.8.522.js
static.adsafeprotected.com/ Frame F259 		228 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.522.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|1&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138445902045&pubOrder=2553375348&cb=1487764302&custom=page-not-found&custom3=168403511&adsafe_par&impId=bd564b79-3f74-11ef-95ec-06f47aa1faf5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.199.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-199-5.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5198ba4c0705ec13918c3bbe4fb8128d936afe65af4bab66dd5cb671d4e94a2

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 20:54:37 GMT
x-amz-version-id
x2zxwJRAippgNLPG4kijTmGz_LNkw9zA
content-encoding
gzip
via
1.1 3f8fd6340fce279c5b09dff400f7a746.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P3
age
50737
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 09 Jul 2024 20:44:32 GMT
server
AmazonS3
etag
W/"c78d9f12dd9fa6f1bf1fe79e3c99cf4a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
5RmhEhbP38O5qDuAPFPZzBL8MmEcKEOSALtDK6jLCrIQZaFIllV12w==
main.19.8.522.js
static.adsafeprotected.com/ Frame 3493 		228 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.522.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138472356620&pubOrder=2553375348&cb=1492456871&custom=page-not-found&custom3=168403511&adsafe_par&impId=bd564b7a-3f74-11ef-95ec-06f47aa1faf5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.199.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-199-5.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5198ba4c0705ec13918c3bbe4fb8128d936afe65af4bab66dd5cb671d4e94a2

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 20:54:37 GMT
x-amz-version-id
x2zxwJRAippgNLPG4kijTmGz_LNkw9zA
content-encoding
gzip
via
1.1 3f8fd6340fce279c5b09dff400f7a746.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P3
age
50737
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 09 Jul 2024 20:44:32 GMT
server
AmazonS3
etag
W/"c78d9f12dd9fa6f1bf1fe79e3c99cf4a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
5RmhEhbP38O5qDuAPFPZzBL8MmEcKEOSALtDK6jLCrIQZaFIllV12w==
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=03074953136548277134507282895946894978&d_cid_ic=newsnkidcookie%0115de4855b47787d2f2ee5284a4c4245f%011&ts=1720695613038
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.219.105.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-105-60.compute-1.amazonaws.com
Software
/
Resource Hash
3b78c60731f2b8501cd5300f210570f527789694a7d4a27db4c336a0b3079251
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-va6-2-v061-0a21f61ba.edge-va6.demdex.com 3 ms
pragma
no-cache
date
Thu, 11 Jul 2024 11:00:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
bs9wrvYrQzU=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
1555
expires
Thu, 01 Jan 1970 00:00:00 UTC
s32824384504833
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.25.0/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.25.0/s32824384504833?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=11%2F6%2F2024%2019%3A0%3A13%204%20-480&cid.&newsnkidcookie.&id=15de4855b47787d2f2ee5284a4c4245f&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=15de4855b47787d2f2ee5284a4c4245f&mid=03074953136548277134507282895946894978&aamlh=7&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Clocal%7Cpage-not-found%7Cpage%20not%20found&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPercentPageViewed=5.0.1&getPreviousValue=3.0&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D4%2Cevent18%2Cevent63%3D68%2Cevent118&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Clocal&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Cleader%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=local&c9=D%3Dv9&v9=page-not-found&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=9%3A00%20PM%7CThursday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Clinux%7C-&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=68&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=pdf%20viewer%3Bchrome%20pdf%20viewer%3Bchromium%20pdf%20viewer%3Bmicrosoft%20edge%20pdf%20viewer%3Bwebkit%20built-in%20pdf&v77=D%3Dmid&v78=au%7Cnsw%7Csydney%7C-33.88%7C151.22%7Cgmt%2B10%7Cunknown&v79=au&v80=15de4855b47787d2f2ee5284a4c4245f-00000000000000000000000000000000-1720695608950-669411&v110=2024-07-11%2019%3A00%3A07&v111=0&v199=en-US%2Cen&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.189 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-189.data.adobedc.net
Software
jag /
Resource Hash
45ef81c3db1d12d7a2c4b4648f0f5e462f99718aa4961f841ffe10382c28338b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-aam-tid
OzaLRprBQmw=
date
Thu, 11 Jul 2024 11:00:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
4951
x-xss-protection
1; mode=block
dcs
dcs-prod-va6-1-v061-0ecbcc912.edge-va6.demdex.com 10 ms
pragma
no-cache
last-modified
Fri, 12 Jul 2024 11:00:13 GMT
server
jag
etag
3695165692688269312-4618517085407520753
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 10 Jul 2024 11:00:13 GMT
dest5.html
newscorpau.demdex.net/ Frame 7E98 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.232.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 11 Jul 2024 11:00:13 GMT
dcs
dcs-prod-va6-1-v061-0cb7715ad.edge-va6.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 3 Jul 2024 06:32:00 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
K3ChZbNMR5E=
ibs:dpid=411&dpuuid=Zo_7PgAAAJXXAQM8
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=03098996872470271634505174873755656088
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zo_7PgAAAJXXAQM8
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zo_7PgAAAJXXAQM8
Protocol
H2
Server
3.219.105.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-105-60.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v061-0ed29cfc5.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Thu, 11 Jul 2024 11:00:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
BdsMBqI/QYg=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zo_7PgAAAJXXAQM8
Date
Thu, 11 Jul 2024 11:00:14 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js?cb=31085170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 11 Jul 2024 11:00:13 GMT
LiveRampId
au.audience.newscgp.com/ 		94 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/LiveRampId?device_id_type=newskey&device_id=15de4855b47787d2f2ee5284a4c4245f&bust=16905034818750.019150480735628417&errors-in-body=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.175.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-175-105.cgk51.r.cloudfront.net
Software
nginx /
Resource Hash
6b3eb86f70de6a5981588839766aac82855fe577a628aceaf9dbb14d6623a2dd

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:13 GMT
via
1.1 b80fdf0c3918106e3d6de504de194cd0.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CGK51-P3
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
94
x-amz-cf-id
RcFZzpKsixdWy2K4laQ88K0tAnWp9YMJgJGAejHOik_nybg8PkYZog==
13726
check.analytics.rlcdn.com/check/ 		25 B
383 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-54.syd1.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 11 Jul 2024 11:00:13 GMT
via
1.1 1c65a9672d4009a4b2d2b0463141bfa6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
x-amzn-trace-id
Root=1-668fbb3d-434ddf4e5f73d6ea063f8c80
x-amzn-requestid
dab5f0a1-648a-4244-ae0f-580880a108ea
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
avoxoG7dDoEEhNw=
content-length
25
x-amz-cf-id
7lgQJvXmQfT-Fi-MxBNczJlGGm6Gz-tOXEPDFzgh6l0VJ61mEi14HQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 912F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst50A0rq0ntYnPbjr6pHqp6ZTm3eBJdz8kSsn2QiN1WHZTdOdCdd0I6ya4VtBRdX9qxn2ovGXLBW23UV6KUXyqbp5aCx3wrwMgoa4ZKqJ-WgUWlzoTG_cVqoyHrsJu2ksrepcAQWnZ6X3d7D-W8jYCPVISVdtXRye3ttSWOl9g26XjWN4f7aFxcNNW5KytnRbWqpFXFg3arXbGZfZEldarG5gVJAY-BCtPpKOhk3K5GkrXdv3tuomgPnvnlztOoVz93VwEG3Ao-DCmybofUOCUevgIxknflTjNStuwyaiBQ7dG2CE23gxd3mJFsSP4PRcYOCGh83Zo4OuWHl4Iuw9huRzpPx04Gb6XIiLm7xXFnFY8740YO_29iFVoYn-wsesVJ4SAFKA&sai=AMfl-YRflKpnKujAXdMkoWnDVsPB328A8bqt1GjL78bG5Xyx9_grOcjDuyMNrJrijeO5e2IGXx9bTUgy6PYmui4-q09a806RW4WaqIvV10d-cIEvJUebgviq6tsxBvH6sPM&sig=Cg0ArKJSzI2ZTt8RM2PAEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jul 2024 11:00:13 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7276 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSYTrvDxzS-pZShCnkMcnOpylhAipynjTpxrVNGlcrKkEwMDlVw5PPAR-1ZRXJx0aqCIyVU1gGC_FSzer5wrA2n1NU8vkffJdKJEkAWlID5lLS5qwa_dYC8VDhKWpzEtFT11SyMf6mf20OzJlIlGNS6ZSdW1Z9pSVGMiaR5c-RMyUbGuDMIg3l588RhbiWu3HQjGxGMwELwhxxQFjjAMLswizdqwcjEx6EIfc2MWKrIcVHmknIIbo76NyxS5fpYujaG2siaBqW0ZofuD6SPF4v0LEtG15bNlLY0ugahNgfF6UG0P1erpPPq-SGo-FEMqfNOWjZRWDsoobEdUWnvg431PCBv6CMJlrWbRNZdrgg6qSXch0U97B79Lu_SsD0zRXFR8u1Dw&sai=AMfl-YQtW9AXlQitvrgLmxYAqTqO1RvsEqJRpG2OShfEZgXSzOUlUJv2KD-iL59_QZwgc_PR9fB-ih8o1yMqdW6eZceFXxQXilUkoJA1W6IjSS0SEp1ZnnCj3CXzNI97BhE&sig=Cg0ArKJSzEn2jHkl9ErbEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:00:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jul 2024 11:00:13 GMT
sca.17.6.4.js
static.adsafeprotected.com/ Frame A990 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.199.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-199-5.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 20:54:37 GMT
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding
gzip
via
1.1 3f8fd6340fce279c5b09dff400f7a746.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P3
age
50737
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 May 2024 16:44:02 GMT
server
AmazonS3
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
cb8CDp_0F8fme3HF4GhA0GALD8MS56qW2FC49Z3WqhxGBtNj8rVSLA==
mon
pixel.adsafeprotected.com/ 		43 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=728x90|1&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138445902045&pubOrder=2553375348&cb=1487764302&custom=page-not-found&custom3=168403511&adsafe_par&impId=bd564b79-3f74-11ef-95ec-06f47aa1faf5&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:c187860f-3987-fceb-6aa3-fcda6ba40c42,c:ibhY7J,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-6dcfd5d4d-vphfr,rg:au,pt:1-5-15,wc:100.100.1600.1200,ac:536.128.728.90,am:i,cc:536.128.728.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:357,mot:0,app:0,maw:0,tdt:s,fm:uidpr2h+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C17121%7C17122%7C1713%7C1714%7C1715%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1c%7C1d%7C1e*.-%7C1e1%7C1f1%7C1g,idMap:1e*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:375,oid:bf48095a-3f74-11ef-b62a-d612c408b321,v:19.8.522,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.129.195 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-129-195.ap-southeast-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 Jul 2024 11:00:13 GMT
cache-control
no-cache
server
Apache-Coyote/1.1
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
sca.17.6.4.js
static.adsafeprotected.com/ Frame 9746 		91 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/bayside
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.199.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-199-5.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 20:54:37 GMT
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding
gzip
via
1.1 3f8fd6340fce279c5b09dff400f7a746.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P3
age
50737
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 May 2024 16:44:02 GMT
server
AmazonS3
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
cb8CDp_0F8fme3HF4GhA0GALD8MS56qW2FC49Z3WqhxGBtNj8rVSLA==
mon
pixel.adsafeprotected.com/ 		43 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=728x90|2&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138472356620&pubOrder=2553375348&cb=1492456871&custom=page-not-found&custom3=168403511&adsafe_par&impId=bd564b7a-3f74-11ef-95ec-06f47aa1faf5&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fbayside&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:67190e4c-72c1-6a5a-f8a4-62a78b5a3b10,c:ibhY8w,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6dcfd5d4d-hx96k,rg:au,pt:1-5-15,wc:100.100.1600.1200,ac:536.2060.728.90,am:i,cc:536.2060.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:394,mot:0,app:0,maw:0,tdt:s,fm:uidpr2k+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C17121%7C17122%7C1713%7C1714%7C1715%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1c%7C1d%7C1e1%7C1e2%7C1f*.-%7C1f1%7C1g,idMap:1f*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:420,oid:bf4a7a8b-3f74-11ef-9ea8-86e3fcab18cb,v:19.8.522,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.129.195 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-129-195.ap-southeast-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 11 Jul 2024 11:00:13 GMT
cache-control
no-cache
server
Apache-Coyote/1.1
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c187860f-3987-fceb-6aa3-fcda6ba40c42&tv=%7Bc:ibhY8I,pingTime:0,time:435,type:pf,sca:%7Blts:2024-07-11%2019.00.13%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:374%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:435,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:374,wc:100.100.1600.1200,ac:536.128.728.90,am:i,cc:536.128.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B75~100%5D,as:%5B75~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uidpr2h+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C17121%7C17122%7C1713%7C1714%7C1715%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1c%7C1d%7C1e*.-%7C1e1%7C1f1%7C1g,idMap:1e*,rmeas:1,rend:1,renddet:IMG.qs,siq:376%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.206.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-206-111.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:14 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c187860f-3987-fceb-6aa3-fcda6ba40c42&tv=%7Bc:ibhY93,pingTime:-2,time:456,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:40,beZ:42,mfA:397,cmA:398,inA:398,inZ:402,prA:403,prZ:408,si:415,poA:416,poZ:435,cmZ:435,mfZ:435,loA:479,loZ:482,ecZ:495,ltA:496,ltZ:496,mdA:42,mdZ:380%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:374%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:456,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:374,wc:100.100.1600.1200,ac:536.128.728.90,am:i,cc:536.128.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B96~100%5D,as:%5B96~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uidpr2h+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C17121%7C17122%7C1713%7C1714%7C1715%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1c%7C1d%7C1e*.-%7C1e1%7C1f.-%7C1f1%7C1g,idMap:1e*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:376,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local_0,google_ads_iframe_/5129/ndm.leader/local_0__container__,ad-block-728x90-1%5D,sis:455,sinceFw:80,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.206.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-206-111.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:14 GMT
server
nginx
x-server-name
dt40.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=67190e4c-72c1-6a5a-f8a4-62a78b5a3b10&tv=%7Bc:ibhY94,pingTime:-2,time:454,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:17,beZ:19,mfA:412,cmA:413,inA:413,inZ:421,prA:421,prZ:426,si:438,poA:438,poZ:446,cmZ:446,mfZ:446,loA:467,loZ:468,ecZ:472,ltA:472,ltZ:472,mdA:19,mdZ:356%7D%7D,sca:%7Blts:2024-07-11%2019.00.13,dfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:420%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:455,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:420,wc:100.100.1600.1200,ac:536.2060.728.90,am:i,cc:536.2060.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uidpr2h+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C17121%7C17122%7C1713%7C1714%7C1715%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1c%7C1d%7C1e.-%7C1e1%7C1e2%7C1f*.-%7C1f1%7C1g,idMap:1f*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:421,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local_1,google_ads_iframe_/5129/ndm.leader/local_1__container__,ad-block-728x90-2%5D,sis:454,sinceFw:33,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.206.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-206-111.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:14 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 347D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
551685
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jul 2024 01:45:28 GMT
expires
Sat, 05 Jul 2025 01:45:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E380 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oCsFbbipF3Cxl5yk_zL1fA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-oCsFbbipF3Cxl5yk_zL1fA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jul 2024 11:00:13 GMT
expires
Thu, 11 Jul 2024 11:00:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c187860f-3987-fceb-6aa3-fcda6ba40c42&tv=%7Bc:ibhY9V,time:510,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:510,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:374,wc:100.100.1600.1200,ac:536.128.728.90,am:i,cc:536.128.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B150~100%5D,as:%5B150~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uidpr2h+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C17121%7C17122%7C1713%7C1714%7C1715%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1c%7C1d%7C1e*.-%7C1e1%7C1f.-%7C1f1%7C1g,idMap:1e*,rmeas:1,rend:1,renddet:IMG.qs,siq:376,sis:455%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.206.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-206-111.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:14 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=67190e4c-72c1-6a5a-f8a4-62a78b5a3b10&tv=%7Bc:ibhY9W,time:508,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:508,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:420,wc:100.100.1600.1200,ac:536.2060.728.90,am:i,cc:536.2060.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B112~0%5D,as:%5B112~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uidpr2h+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C17121%7C17122%7C1713%7C1714%7C1715%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1c%7C1d%7C1e.-%7C1e1%7C1e2%7C1f*.-%7C1f1%7C1g,idMap:1f*,rmeas:1,rend:1,renddet:IMG.qs,siq:421,sis:454%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.206.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-206-111.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:14 GMT
server
nginx
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c187860f-3987-fceb-6aa3-fcda6ba40c42&tv=%7Bc:ibhYfd,pingTime:-10,time:838,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTQ4MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1720695613831%7C%7C052331e121c7748372567a62d262c746%7C%7C120f067c16b32be659e0180b31e62841%7C%7C147bd8ff4738bc689b213417b9b760b7%7C%7C5f53cb46123aa1c1a143c23efc45c0a4%7C%7C9d75ef06dc49ba3e78e02b29b5ce2731%7C%7C15c903eb5bfe2da93d50852e30571a08%7C%7C7effd826271a7da104afe5bbf458ecfd%7C%7C1715618633%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.206.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-206-111.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:14 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=67190e4c-72c1-6a5a-f8a4-62a78b5a3b10&tv=%7Bc:ibhYfH,pingTime:-10,time:865,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTQ4MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1720695613831%7C%7C052331e121c7748372567a62d262c746%7C%7C120f067c16b32be659e0180b31e62841%7C%7C147bd8ff4738bc689b213417b9b760b7%7C%7C5f53cb46123aa1c1a143c23efc45c0a4%7C%7C9d75ef06dc49ba3e78e02b29b5ce2731%7C%7C15c903eb5bfe2da93d50852e30571a08%7C%7C7effd826271a7da104afe5bbf458ecfd%7C%7C1715618633,sca:%7Bspg:c187860f-3987-fceb-6aa3-fcda6ba40c42%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.206.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-206-111.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:14 GMT
server
nginx
x-server-name
dt86.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
collect
t.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Thu, 11 Jul 2024 11:00:13 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
usersync
usersync.gumgum.com/ Frame 9E44
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=f5c7b812-0e74-4a61-be3a-7de6a1d85dd8
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=f5c7b812-0e74-4a61-be3a-7de6a1d85dd8
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.151.251.104 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-251-104.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 11 Jul 2024 11:00:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Thu, 11 Jul 2024 11:00:14 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=f5c7b812-0e74-4a61-be3a-7de6a1d85dd8
server
Kestrel
usync.html
eus.rubiconproject.com/ Frame 2931 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.222.193.77 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-193-77.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Thu, 11 Jul 2024 11:00:14 GMT
etag
"28052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3182 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.57.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-57-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 11 Jul 2024 11:00:14 GMT
ETag
"623de86a-cf34"
Expires
Fri, 12 Jul 2024 11:00:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 357E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
1030
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8a1849e44e3e551b-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 11 Jul 2024 11:00:14 GMT
expires
Thu, 11 Jul 2024 15:00:14 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ACD4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=160643
content-encoding
gzip
content-length
5492
content-type
text/html
date
Thu, 11 Jul 2024 11:00:14 GMT
expires
Sat, 13 Jul 2024 07:37:37 GMT
last-modified
Wed, 05 Jun 2024 06:37:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 912F 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpDnrwBumPor0-ms2Ph7aSR5GqwuL6yUaH6VSBNZ4L0qqDZan3kPOjP16WO7IHjrgYzVpNf5srgZz5oN-mnfOj9oK0khfw-0DMHo58vHNgcHOSSudB5FGkDOwYK4qnvjStagjONXPBMsbvdQJ6O5VsM-KOgBsQX0HNjbqmUA&sig=Cg0ArKJSzKVJwYOY_3JqEAE&id=lidar2&mcvt=1001&p=27,436,117,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240710&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2563129716&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1662841200&rst=1720695612831&rpt=392&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c187860f-3987-fceb-6aa3-fcda6ba40c42&tv=%7Bc:ibhYoS,pingTime:1,time:1437,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:374%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1437,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:374,wc:100.100.1600.1200,ac:536.128.728.90,am:i,cc:536.128.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1077~100%5D,as:%5B1077~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:908,fm:uidpr2h+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C17121%7C17122%7C1713%7C1714%7C1715%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1c%7C1d%7C1e*.-%7C1e1%7C1f.-%7C1f1%7C1g,idMap:1e*,rmeas:1,rend:1,renddet:IMG.qs,siq:376,sis:455%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.206.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-206-111.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:14 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c187860f-3987-fceb-6aa3-fcda6ba40c42&tv=%7Bc:ibhYoT,pingTime:1,time:1438,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:374%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1438,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:374,wc:100.100.1600.1200,ac:536.128.728.90,am:i,cc:536.128.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1078~100%5D,as:%5B1078~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:908,fm:uidpr2h+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C17121%7C17122%7C1713%7C1714%7C1715%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1c%7C1d%7C1e*.-%7C1e1%7C1f.-%7C1f1%7C1g,idMap:1e*,rmeas:1,rend:1,renddet:IMG.qs,siq:376,sis:455%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.206.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-206-111.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:14 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c187860f-3987-fceb-6aa3-fcda6ba40c42&tv=%7Bc:ibhYoT,pingTime:1,time:1438,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:374%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1438,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:374,wc:100.100.1600.1200,ac:536.128.728.90,am:i,cc:536.128.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1078~100%5D,as:%5B1078~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:908,fm:uidpr2h+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C17121%7C17122%7C1713%7C1714%7C1715%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1c%7C1d%7C1e*.-%7C1e1%7C1f.-%7C1f1%7C1g,idMap:1e*,rmeas:1,rend:1,renddet:IMG.qs,siq:376,sis:455,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.206.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-206-111.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:14 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c187860f-3987-fceb-6aa3-fcda6ba40c42&tv=%7Bc:ibhYoU,pingTime:1,time:1439,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:374%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1439,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:374,wc:100.100.1600.1200,ac:536.128.728.90,am:i,cc:536.128.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1079~100%5D,as:%5B1079~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:908,fm:uidpr2h+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C17121%7C17122%7C1713%7C1714%7C1715%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1c%7C1d%7C1e*.-%7C1e1%7C1f.-%7C1f1%7C1g,idMap:1e*,rmeas:1,rend:1,renddet:IMG.qs,siq:376,sis:455,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.206.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-206-111.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:14 GMT
server
nginx
x-server-name
dt40.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
heraldsun-32x32.png
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/favicons/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/favicons/heraldsun-32x32.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.222.192.149 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-192-149.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b17a7e54402f7e995957367dbcab5a87af22d98ee99f38ced0922f7a8888ef8e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/leader/bayside
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rq
syd3 123 242 443
date
Thu, 11 Jul 2024 11:00:18 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
last-modified
Tue, 27 Feb 2024 22:18:10 GMT
server
nginx
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag
"65de5fa2-4a8"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/png
cache-control
max-age=1357548
accept-ranges
bytes
content-length
1192
expires
Sat, 27 Jul 2024 04:06:06 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c187860f-3987-fceb-6aa3-fcda6ba40c42&tv=%7Bc:ibhZro,pingTime:5,time:5437,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:374%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5437,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:374,wc:100.100.1600.1200,ac:536.128.728.90,am:i,cc:536.128.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5077~100%5D,as:%5B5077~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:203,fm:uidpr2h+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C17121%7C17122%7C1713%7C1714%7C1715%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1c%7C1d%7C1e*.-%7C1e1%7C1f.-%7C1f1%7C1g,idMap:1e*,rmeas:1,rend:1,renddet:IMG.qs,siq:376,sis:455%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.206.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-206-111.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:18 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c187860f-3987-fceb-6aa3-fcda6ba40c42&tv=%7Bc:ibhZro,pingTime:5,time:5437,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:374%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5437,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:374,wc:100.100.1600.1200,ac:536.128.728.90,am:i,cc:536.128.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5077~100%5D,as:%5B5077~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:203,fm:uidpr2h+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C17121%7C17122%7C1713%7C1714%7C1715%7C18%7C19%7C1a1%7C1a2%7C1b1%7C1b2%7C1c%7C1d%7C1e*.-%7C1e1%7C1f.-%7C1f1%7C1g,idMap:1e*,rmeas:1,rend:1,renddet:IMG.qs,siq:376,sis:455%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.206.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-206-111.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2024 11:00:18 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWVGBsMxaVsVa29RTE0P2nB94LZrPW8suNkHHtApQGlzr_ZJ6OP4nQmo4JfyZo-h0wZYAFyUvNzXC8otIJfZIKTybWpg
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQFvLU0YIIVpmHDY5YgpNZDzCrHEM-T7NANkoZMEDrta5nzp842GhxEX0F8fe3Y2pZlwpZC5U5NgbQTsyrv40S3sGw1g
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407080101&jk=3076149470502197&bg=!rq2lreLNAAZjPzuvQz87ADQBe5WfOILJN_7dt3OZLx2TtYdSHfxoKQCJs8SWH41cm823xtJfgtqlkReZ4_hM1b7T0vFTAgAAAEZSAAAAA2gBB34ANhUYhwR4Q5-xDo1KTPeHC5mYMb_GcxJX35bzZHlReahj6YG4wVzlNVwlbrYiTMD2_WsmLIfneZkCtnf-7shu7Ce_VlLUYqCAQXDYuKPQkzo3K70CoMinL7WloUPypiuFKtWW5V7peAPC7d0CmY129FzSvCRYdpjrpZ0jI8p-1ptbuTRCsGMGqmhUg9CRwRe3DIaYbGgPrUKYR10oH7LaDUQFScGM1FT63NrymLufqL_fMfJ_kg0k_FdbrGN6UJoY4DMi3LVgnMwXDsBuhKsx8WnBZixO0F1JUO41bsS3pM3TzAR6QwZoWaUxvRFwiuST1WuoSTEaQozNEgHx98Q2ixCY2bahNII80FbsDC6mDCwU8xBHOzo49yPo5V1pleifrk5hX3pxcfM2y9Ey5WjpzJG-xKS7kv86346vIhXv7KsyooHFnAZE0iDWWAxHlsECndBOoMBwm1ANurUP6hG9OepX6zRIdgx3LyuD45KCTrCHo4ZhpF6oCAL-X_In4L5uE6LyYh7Pkgu_Kq1u7y4_aNCTdC2X0ysRMO7PAlcRD7ZEzp5q-hOr4wb9DPxSi6Ol0VsiSLLVrl6gmJvx2OgQmhQrf3oH6vsEmkmRr7vWMXKpLehCu28CnXdDqQGFdllfBEdO9f4VqAeMxmRo4tEy0NAFyvhf8Pv0M8Gc94DCQWf29TiTowdSAx44N5GIxdY5O4wx9K98dmhe1z53wSJ8nIDCaDfHepfvqjGHCfqLGzNb_JHr0hrjpuDbHjwLgqiZ9YDDJUOmihR0rFcVWyENQ9IbHcPXgRYQLf3KQF7zo4AAtkvEEhfU-1u9kbmryASTlG0YtZF7wBNLV-M9ohz5HUOOn84zjAhj9tffcLT8cTjEI0kYP31cBeLoNiMaWzzVfoGD4lXJlKVsXjH6_CiaPYyJMR8iwekpIhnLvdh-8tH3kTr2XyhIF9nloLy_86jZS1WZK3g1YqymRvAxEHw0WX8h9gKSNlUKy1gZzz4BwpA

Verdicts & Comments Add Verdict or Comment

249 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr function| admiral object| googletag function| _typeof function| loadjs boolean| isLoadedIndiesJs string| urhehlevkedkilrobacf object| fakeAd number| x_width object| OBR string| OB_releaseVer object| OBREvents function| OBR$ function| _outbrain object| OB_PROXY object| outbrain object| outbrain_rater object| ads_api function| algoliasearch object| nb object| utag_err object| domains object| parts string| p object| wut object| abtest number| num string| val object| ud string| domainPattern object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| getQueryParam function| containsDomain function| _tealium_old_error object| utag_cfg_ovrd object| indieApps object| utag_cfg object| uetq function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker function| twq boolean| cb_ad_run number| _sf_endpt function| 4dm1r11545242527 object| webpackChunk object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent number| interval object| ads_core object| ads_extra object| apsPlayerSize string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig object| adUnits object| pbjs object| __iasPET object| apstagShared object| kw_ignore object| mready function| rdt function| n function| pintrk string| gtagRename object| dataLayer function| gtag object| KAMPYLE_EMBED object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow object| _aps boolean| apstagLOADED object| apscustom function| clearImmediate function| setImmediate object| atsdetectionmodule object| atsenvelopemodule object| ats object| nca_ipsos object| dm object| ipsos_ready object| regeneratorRuntime object| twttr object| __id5_finalization_registry object| ID5 object| ggeac object| google_tag_data object| google_js_reporting_queue function| clsn object| dicnf number| google_srt function| btrp function| pdib3 function| vv function| sasrc function| stcc boolean| isAlloyConfigured object| diagPixSentCodes object| __iasAdRefreshConfig object| pbjsChunk object| _pbjsGlobals object| apsUnits function| UET function| UET_init function| UET_push object| ueto_9cb4a66fc2 boolean| hasApsUnits object| ads_ready object| google_reactive_ads_global_state object| google_tag_topics_state function| ttd_dom_ready object| ttd_up_api function| TTDUniversalPixelApi object| ttdPixel object| Criteo object| npt function| lintrk boolean| _already_called_lintrk string| _linkedin_partner_id object| _linkedin_data_partner_ids object| brandmetrics function| __assign object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv boolean| DotMetricsInitScript function| __spreadArray object| _brandmetrics function| redditNormalizeEmail string| redditId function| DIL object| adobe function| Visitor object| mconfig boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| omrhp object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| DotMetricsSettings object| $jscomp object| DotmetricsJSON object| DotMetricsObj boolean| envelopeModuleReady object| tagConfig string| CE_USER_COMMON_SCRIPT_URL object| google_tag_manager object| ORIBILI function| clarity object| clarityuetq number| google_unique_id object| gaGlobal function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| AppMeasurement_Module_ActivityMap object| s_c_il number| s_c_in object| s object| visitor boolean| explicitPageView object| nr object| metrics object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata function| cookieWrite function| cookieRead function| formatTime string| pageName function| p_fo string| ppvID object| __fo object| s_i_newscorpau-hsweb_newscorpau-global object| GoogleGcLKhOms object| __IntegralASExec object| google_image_requests

195 Cookies

Domain/Path Name / Value
.heraldsun.com.au/leader Name: nk
Value: 15de4855b47787d2f2ee5284a4c4245f
.smartadserver.com/api Name: pid
Value: 1623856770777920683
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: 15de4855b47787d2f2ee5284a4c4245f
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1720695607
.heraldsun.com.au/ Name: nk
Value: 15de4855b47787d2f2ee5284a4c4245f
.heraldsun.com.au/ Name: bm_mi
Value: DB2312182CC361E3C16A08F276D64EFF~YAAQTY/+PFQ/CpiQAQAA9lJzoRim/zKvVaRj4Fopuyh/vTAuyTqjFqHAY0pcpptv8oIyb5oye0iWsbM/pVXsqEqpxNyUfFBZSWB3XEGgw2/ZJNy+xZMmtEIBpHifc5dWSGLjVgECBqjd5y/DCv+J6N8MK6dRwpG6MMNQMVxA33Yq0/UfpCkliU1DwG3hEdSp7UYNRh18o2n1NHqQ4nnJCW2Xvxyw8FPQeRWaG9g5vIbjlAEhQPsr4GcIbNvM8tWBw823/gSCM1OfpC+IHZ/cu0b1dO0nEmpRqcZt9fpoEmNB9lSqavLuPh+wNd3lR6Jw9QZzVKR79z/QkebMcg==~1
www.heraldsun.com.au/ Name: cbd
Value: 000001
www.heraldsun.com.au/ Name: lux_uid
Value: 172069560844772643
.heraldsun.com.au/ Name: bm_sv
Value: 9C34E07C3E9A36421BC76BCFC317FF93~YAAQTY/+PKI/CpiQAQAAKlVzoRh1LH3wIzdg2853J2tlCYCfsX3OrWsQj6mHbPucuiWzivmoeCerEAY3EfQkEt9Lu2MnC+A95aw2gQk97Bp0urlUNk3qnDA9db6qx2A82vHQCF+qwcQ4TlVoXdTVg8jZK+zvMQuJUiOeAgtyjyz1DdNlaQ4QZS+KUL0QRxaD5bKg7KqsThUtnAAgRORuWL/TLcF9ztkhSTiP/DCEX9aHwty+Q13vX7zWU5lL5uCC1iN2XNWe~1
.heraldsun.com.au/ Name: utag_main
Value: v_id:0190a1735652000fa17ae82e2cf205065002b05d00b08$_sn:1$_se:1$_ss:1$_st:1720697408915$ses_id:1720695608915%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.21472198479842497
www.heraldsun.com.au/ Name: AWSALB
Value: SZsgaLXdFkrOei+/yvJIrX3O/gU59RALpKHTWTRvmzKYarWV9c96Zrk8a8uHBEkYbC7fh/bNMcj5ZJFzvzM4mShnFi15FZsn2bDWeG0wI9RX+UOLTQa31uHFBbIC
www.heraldsun.com.au/ Name: AWSALBCORS
Value: SZsgaLXdFkrOei+/yvJIrX3O/gU59RALpKHTWTRvmzKYarWV9c96Zrk8a8uHBEkYbC7fh/bNMcj5ZJFzvzM4mShnFi15FZsn2bDWeG0wI9RX+UOLTQa31uHFBbIC
.heraldsun.com.au/ Name: ak_bmsc
Value: 6C85619250D82A197810D57B3509BC04~000000000000000000000000000000~YAAQTY/+PNE/CpiQAQAA/VZzoRgt5Mp1FYUZsrxB1BcWkE2w9GOb8pD2cD/sessxqxq5NhX/zEHCzeAc4Z/C5BdfMBSvWOv+16T3s5b6Nn13TQjC3l7BqGEB3mZjoU8TOpIWYXrJn+qaaFvVBNEJHtoXRf2/F8L9a1jIG7v8xc/91+u03RVz+mwG9I18JtHoKzwTLsWkpW5XAPlbbPAiphmEBjcHFR6vB/7RRuqo2HEzkhSPmWEEXtdKQUqRoEjdcPvc6hn+gYFW2um/Sgv3O3zMkvR7jMM3kQ3rf5ZnahEyJSlxKGo+WaiJ6yMjlltz+wiN368bbPjwzkyVSL9974SAM2+jh+E6ACEXeyduFE5gON/s6tTx5tWjmzaTkG64kTejNjKoKYvgubNn1OCeOQyPRAdk9wVf7cKG/0oR/G8XuHb/qc+3xrlVuTYh8/1dzOfADQen4SxV/ezlW5y3Vl8tvD4jKvuuPeRfA489WJFW4rwg6YgUYOCz+qlkbX8=
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.doubleclick.net/ Name: APC
Value: AfxxVi4j3-QGiZsabefSZk0dpjhR2S2KDxrmSPCuXVT39IFqk4Fbag
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
www.heraldsun.com.au/ Name: _lr_retry_request
Value: true
www.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
.heraldsun.com.au/ Name: _uetsid
Value: bd475c403f7411ef88195737c5f6c96e
.heraldsun.com.au/ Name: _uetvid
Value: bd4775303f7411efbf94e56e47e0e193
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1720695609618.417697071506592945
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: f41e076d-6730-408a-9a1f-67c8fed42a0f.1720695609.1.1720695610.1720695609.b82218fd-2825-4431-9638-48de67207ae7
.bing.com/ Name: MUID
Value: 108B7647EA3B661A133862FEEB0967AE
.bat.bing.com/ Name: MR
Value: 0
.heraldsun.com.au/ Name: _ncid
Value: beafaf883e015095e9ed288fd27606c0
.heraldsun.com.au/ Name: _cb
Value: Cm0l9vD_uMNFDqSYd8
.heraldsun.com.au/ Name: _chartbeat2
Value: .1720695609787.1720695609787.1.DZKUu5DY9oCnDsoVCACaDNwaBhZN-I.1
.doubleclick.net/ Name: IDE
Value: AHWqTUmNC0tmR0IVA2ig8dq5VTmTdIbZ7OtZ52YnwnS6W8xtzGr2guJf74POjrz4WY4
.heraldsun.com.au/ Name: _cb_svref
Value: external
.newscgp.com/ Name: sp
Value: d0803049-718a-46d2-b72f-bb66c2c0f4ce
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=e61041ba-779f-4014-8f2e-27fede35fe7d&Created=07/11/2024 11:00:09&UserMode=0&guid=d744833b-5cdc-4101-81ca-d00d68c5074e&ver=1
.heraldsun.com.au/ Name: _rdt_uuid
Value: 1720695609846.d413e83b-7b5c-4cff-84fd-479a0c136475
.t.co/ Name: muc_ads
Value: 4b54289c-2059-46e2-ab94-91470e2c4f56
.heraldsun.com.au/ Name: nol_fpid
Value: lyvuzgpuzt9tbqtea4selkrdpxlyz1720695609|1720695609909|1720695609909|1720695609909
www.heraldsun.com.au/ Name: _lr_geo_location_state
Value: NSW
www.heraldsun.com.au/ Name: _lr_geo_location
Value: AU
.teads.tv/ Name: tt_viewer
Value: abe8d684-bf44-4c9c-aa7e-5288dc85c836
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13214
Value: 1
.pubmatic.com/ Name: receive-cookie-deprecation
Value: 1
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: vst
Value: a_c210ce7c-9388-4009-a6ba-1c13e24e6f31
.heraldsun.com.au/ Name: _pin_unauth
Value: dWlkPVlXUXdaV0U1WTJJdE5qWTNOaTAwTURkbUxXRmxOalF0TjJRek5qWmxPV0k0TW1JMw
.pinterest.com/ Name: ar_debug
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: H88sjm0kx23CwCVE2flDvJJU8YcjJ4IZGzhWoziozklCCow2MTauwSA8bSvIuSTCzM0UVE7n82d0NJZ0eeU-tJ8AbNkh7EbKUwfRyOii2oQ.
.adnxs.com/ Name: icu
Value: ChgIzrIrEAoYASABKAEwuva-tAY4AUABSAEQuva-tAYYAA..
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 5418435535429551266
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.800551474.1720695610
.twitter.com/ Name: guest_id_marketing
Value: v1%3A172069561013256706
.twitter.com/ Name: guest_id_ads
Value: v1%3A172069561013256706
.twitter.com/ Name: personalization_id
Value: "v1_e5FFupOPO26DaflrxD4XrA=="
.twitter.com/ Name: guest_id
Value: v1%3A172069561013256706
.heraldsun.com.au/ Name: _awl
Value: 3.1720695610.5-5bf5243b75857d1007cdf044e3d5dffe-6763652d617369612d6561737431-0
.linkedin.com/ Name: bcookie
Value: "v=2&640c8b08-338d-4ab5-8bc5-b737f9233260"
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2911:u=1:x=1:i=1720695610:t=1720782010:v=2:sig=AQEIIv7VP4Cewex_NeNhU49KjnmGXZXe"
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSYzR2lpVlAvQTBaODd6NEZlOWxab2FFYlp2Q0RubEdyVzdqUWgvNU13dWlicUhTWTBUa1E1dlp1QVArcDJHcWducnZqRExVT2JsSDdGZFFqSU9qZ2w0YnM3ai9iVlorVDZlUFJUbFVGQmcwRT0mVzZ5MXAvaU01YmZqVE40MG9sL1k5V0NxcUo4PQ=="
www.clarity.ms/ Name: CLID
Value: c936b699aa374853b6c332661e3e4813.20240711.20250711
.doubleclick.net/ Name: ar_debug
Value: 1
.heraldsun.com.au/ Name: _clck
Value: sg0z4l%7C2%7Cfnd%7C0%7C1653
.imrworldwide.com/ Name: IMRID
Value: bdd788b0-3f74-11ef-b86b-0f986ba822b4
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiYwMzA3NDk1MzEzNjU0ODI3NzEzNDUwNzI4Mjg5NTk0Njg5NDk3OFISCPq7zYuKMhABGAEqA1ZBNjAA8AH6u82LijI=
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: va6
.amazon-adsystem.com/ Name: ad-id
Value: A3VMjSjRZEtHmeMVqYLh4l4
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.rubiconproject.com/ Name: khaos
Value: LYH5QMMA-1L-EA9E
.heraldsun.com.au/ Name: _clsk
Value: v9njte%7C1720695611283%7C1%7C0%7Ct.clarity.ms%2Fcollect
.casalemedia.com/ Name: CMID
Value: Zo.7O4sFVm4AAHoLAE19SAAA
.casalemedia.com/ Name: CMPS
Value: 5030
.casalemedia.com/ Name: CMPRO
Value: 5030
.adsrvr.org/ Name: TDID
Value: f5c7b812-0e74-4a61-be3a-7de6a1d85dd8
.kargo.com/ Name: ktcid
Value: 3ad080fc-44d7-0985-5b99-41d1095abb76
.3lift.com/ Name: tluidp
Value: 3393299828261915919064
.3lift.com/ Name: tluid
Value: 3393299828261915919064
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 82D5BAC7-1836-40CA-A0D6-119178B90FC3
.rubiconproject.com/ Name: khaos_p
Value: LYH5QMMA-1L-EA9E
.tapad.com/ Name: TapAd_TS
Value: 1720695611638
.tapad.com/ Name: TapAd_DID
Value: 438cdbc9-024a-4c4d-9f33-b26606c13978
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 22918-f5c7b812-0e74-4a61-be3a-7de6a1d85dd8&KRTB&22926-f5c7b812-0e74-4a61-be3a-7de6a1d85dd8&KRTB&23031-f5c7b812-0e74-4a61-be3a-7de6a1d85dd8
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: d1634e4368f315331a4807aac1ac1392
.semasio.net/ Name: SEUNCY
Value: 6AD62DCE795F196A
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!4643
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEOFPSbykA5YyBG3062Lx5xw&KRTB&23025-CAESEOFPSbykA5YyBG3062Lx5xw&KRTB&23386-CAESEOFPSbykA5YyBG3062Lx5xw
.mathtag.com/ Name: uuid
Value: e39c668f-bb3c-4c00-836f-63654d95cbeb
.simpli.fi/ Name: suid
Value: F00C60C3359346FBA4D493D45392F7CF
.yahoo.com/ Name: A3
Value: d=AQABBDu7j2YCEAj8iuuEkT7ERxujZPt_tr8FEgEBAQEMkWaZZtxH0iMA_eMAAA&S=AQAAAmdpA3PL2o3hVNJlqZ8kXoc
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:e39c668f-bb3c-4c00-836f-63654d95cbeb
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:F00C60C3359346FBA4D493D45392F7CF&KRTB&23486-uid:F00C60C3359346FBA4D493D45392F7CF&KRTB&23489-uid:F00C60C3359346FBA4D493D45392F7CF&KRTB&23539-uid:F00C60C3359346FBA4D493D45392F7CF
.bidr.io/ Name: bito
Value: AAE2E07NH3YAABUhNU3B4A
.bidr.io/ Name: bitoIsSecure
Value: ok
www.heraldsun.com.au/ Name: metrics_pcsid
Value: not set
.ipredictive.com/ Name: cu
Value: fc0ef111-43f7-4ada-9d67-461cc23bb1fe|1720695612477
.sharethrough.com/ Name: stx_user_id
Value: 2843747a-bc30-4e1d-b7e4-705727528ecc
.heraldsun.com.au/ Name: __gads
Value: ID=b3af865730231937:T=1720695611:RT=1720695611:S=ALNI_MYUHFuFApCPk3zH_RHV554cw0yd1Q
.heraldsun.com.au/ Name: __gpi
Value: UID=00000e8c6756ffd2:T=1720695611:RT=1720695611:S=ALNI_MYhdZpqeDk3BXKfOrod-W_RmEQDOg
.heraldsun.com.au/ Name: __eoi
Value: ID=4dd32466a8dd898a:T=1720695611:RT=1720695611:S=AA-AfjbP62wfCdWHkb4uoYMLW0wZ
www.heraldsun.com.au/ Name: mdLogger
Value: false
www.heraldsun.com.au/ Name: kampyle_userid
Value: 9904-2072-3a50-f54b-d955-4c52-3aed-bba2
www.heraldsun.com.au/ Name: kampyleUserSession
Value: 1720695612889
www.heraldsun.com.au/ Name: kampyleUserSessionsCount
Value: 1
www.heraldsun.com.au/ Name: kampyleSessionPageCounter
Value: 1
www.heraldsun.com.au/ Name: kampyleUserPercentile
Value: 14.094477988951093
.lijit.com/ Name: ljt_reader
Value: I-Q0AQZHQFpB0CxTQbm9NaUb
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.demdex.net/ Name: demdex
Value: 03098996872470271634505174873755656088
.heraldsun.com.au/ Name: s_nr30
Value: 1720695613045-New
.heraldsun.com.au/ Name: s_tslv
Value: 1720695613045
.heraldsun.com.au/ Name: s_inv
Value: 0
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_tp
Value: 2820
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Clocal%257Cpage-not-found%257Cpage%2520not%2520found%2C43%2C43%2C1200%2C1%2C2
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Clocal%7Cpage-not-found%7Cpage%20not%20found
.heraldsun.com.au/ Name: s_cc
Value: true
.id5-sync.com/ Name: id5
Value: 45e8da10-78f3-724e-a020-e929f1f8940a#1720695611471#3
.id5-sync.com/ Name: 3pi
Value:
.lijit.com/ Name: _ljtrtb_80
Value: LYH5QMMA-1L-EA9E
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 108B7647EA3B661A133862FEEB0967AE
.criteo.com/ Name: uid
Value: 1a3cd6e6-f0fa-4290-b0ec-17ed07491c2d
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
www.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 100
.heraldsun.com.au/ Name: cto_bundle
Value: 8-eJT19rWU9xT3M4SFIlMkZXMUIxc1hEN0Z0WlRXYklUdktpWW9tS1dRaW1MOUtNOXhWSmFIdWJGdlZwNnl1JTJCbmNuMlJIY1NlVTMlMkZpbEN3UTZYMiUyQmFoVmxSMDFoMldZZ2xUanExUCUyRnh0Z0xpR0ZSRTkzWldmdlZzTDN2R1Fpa1FyQW5jSDRwSkJSU3NONUwlMkZwd0FDNzNxQXhFWG1rQk82NHUzU3pHVHNaQXBkUFdEZDQlM0Q
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 108B7647EA3B661A133862FEEB0967AE
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898
.heraldsun.com.au/ Name: aam_uuid
Value: 03098996872470271634505174873755656088
.rubiconproject.com/ Name: audit_p
Value: 1|WD0cx+9RTMLW+h5f8aWRjWsvGr/qdDoV5+57TR8z14lGLrix3K6dlvy0CWNKbNS1tT8h2DZUn+pumcZlz7yr2AsEy1bQpUAe/CJdOGVheLg=
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLW+h5f8aWRjWsvGr/qdDoV5+57TR8z14lGLrix3K6dlvy0CWNKbNS1tT8h2DZUn+pumcZlz7yr2AsEy1bQpUAe/CJdOGVheLg=
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsI_rLErtXokD0QBRIXCghwdWJtYXRpYxILCNKl_K7V6JA9EAUSFgoHcnViaWNvbhILCJ7UlrHV6JA9EAUSFAoFdGFwYWQSCwjyruSx1eiQPRAFEhUKBmdvb2dsZRILCOCS47zV6JA9EAUSGAoJYmlkc3dpdGNoEgsImNy2utXokD0QBRISCgNhYW0SCwiqm6nH1eiQPRAFGAEgASgCMgsIiJKs9OvokD0QBTgBWgNhYW1gAg..
.dpm.demdex.net/ Name: dpm
Value: 03098996872470271634505174873755656088
.pubmatic.com/ Name: DPSync3
Value: 1721260800%3A164%7C1721865600%3A201_245_226_197%7C1720742400%3A248
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~2jhm:18z8~2jhm"
.bidswitch.net/ Name: tuuid
Value: bee70b3f-baa3-4095-9211-ebcb874d9fbb
.bidswitch.net/ Name: c
Value: 1720695614
.bidswitch.net/ Name: tuuid_lu
Value: 1720695614
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCMID%7C03074953136548277134507282895946894978%7CMCIDTS%7C19916%7CMCAID%7CNONE%7CMCOPTOUT-1720702813s%7CNONE%7CMCAAMLH-1721300413%7C7%7CMCAAMB-1721300413%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C1571753024%7CMCSYNCSOP%7C411-19923%7CvVersion%7C5.1.1
.rlcdn.com/ Name: rlas3
Value: 4zSEBwy2xZNMcw3Ua4ynFt2BglqLDfUreOhIG2gdDCU=
.brand-display.com/ Name: _knxq_
Value: a49c6ef3-cfd4-9bec-17698c24.1720695614.0.1720695614.1720695614
.eyeota.net/ Name: mako_uid
Value: 190a1736c55-cb50000010d48ca
.eyeota.net/ Name: SERVERID
Value: 18634~DM
.ctnsnet.com/ Name: cid
Value: f8f00d360fb84c4bb47b47a034ccd6ce
.rlcdn.com/ Name: pxrc
Value: CL72vrQGEgUI6AcQABIFCOhHEAA=
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: 15b2oz208tpi
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-f8f00d360fb84c4bb47b47a034ccd6ce&KRTB&23328-f8f00d360fb84c4bb47b47a034ccd6ce&KRTB&23427-f8f00d360fb84c4bb47b47a034ccd6ce&KRTB&23445-f8f00d360fb84c4bb47b47a034ccd6ce
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-15b2oz208tpi
.pippio.com/ Name: did
Value: ZCNoyWChErIv-PzD
.pippio.com/ Name: didts
Value: 1720695614
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.quantserve.com/ Name: d
Value: EMoBCwGmLPijAA
.quantserve.com/ Name: mc
Value: 668fbb3e-c0e99-736d8-d5d8d
.bluekai.com/ Name: bku
Value: pSL99ebfMtSU5ALJ
.bluekai.com/ Name: bkpa
Value: KJy9CxObd02pSUHknpxpmEQhwtkAwE9p1eATmEAtmez0Bezy1MzhBM16BE9N1Ez6mezpBpDNBMDt1eQTJ7Jkjsk0wVC65cOpJEBOJEJsJEJsjcO+nZHkqVHkKY8rjUxk1AjoR71k16aAzskAJEBW1E161eAtJE/tjcON5VkAJEBWJE/6U6JnUNPPuDxe9WYtJ1/=
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-TPmEbhitj21XrIxtQ_aRP0n52DBXq4lsQqsdbtoH&KRTB&22979-TPmEbhitj21XrIxtQ_aRP0n52DBXq4lsQqsdbtoH&KRTB&23462-TPmEbhitj21XrIxtQ_aRP0n52DBXq4lsQqsdbtoH
.adform.net/ Name: C
Value: 1
.turn.com/ Name: uid
Value: 4459370343476593750
.creativecdn.com/ Name: ts
Value: 1720695614
.creativecdn.com/ Name: g
Value: Xk7OCjHM9OxdSBYZsECa_1720695614907
.adform.net/ Name: uid
Value: 3581404383083760547
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4459370343476593750&KRTB&23150-4459370343476593750&KRTB&23527-4459370343476593750
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7037088051316304522&KRTB&23263-7037088051316304522&KRTB&23481-7037088051316304522
.aralego.com/ Name: sspid
Value: fd045acd-5bdc-358c-a47b-a954cbfc919b
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-95deeace-0997-5604-52ae-878ff3af1a4c.g8kgpuiwta9pAG24QU91bT0dZ0irzdaM5LnIa3Ijq88
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-95deeace-0997-5604-52ae-878ff3af1a4c.g8kgpuiwta9pAG24QU91bT0dZ0irzdaM5LnIa3Ijq88
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ald7qzgmXVgRSroeP868aTELLcKE.Kw3VlY%2BqbKVY1RKC4yDEhCKq2UW6OMogo7ngEdiprHc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ald7qzgmXVgRSroeP868aTELLcKE.Kw3VlY%2BqbKVY1RKC4yDEhCKq2UW6OMogo7ngEdiprHc
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILovhLiGAgKAdc7qBYyU4ubRjw4vi41nWfuYi8SK06g0EGcYBCC_9r60BjABOgTwTC9rQgS-ynlc.7xlizQ05SU0h1s6G1n6bqUQ1Y7r7f0q1RoigHTyg7KY
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILovhLiGAgKAdc7qBYyU4ubRjw4vi41nWfuYi8SK06g0EGcYBCC_9r60BjABOgTwTC9rQgS-ynlc.7xlizQ05SU0h1s6G1n6bqUQ1Y7r7f0q1RoigHTyg7KY
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-ld7qzgmXVgRSroeP868aTELLcKE&KRTB&23334-ld7qzgmXVgRSroeP868aTELLcKE&KRTB&23417-ld7qzgmXVgRSroeP868aTELLcKE&KRTB&23426-ld7qzgmXVgRSroeP868aTELLcKE
.adx.opera.com/ Name: UID
Value: OPUfd7898f2435b4ca89e5caf872c1f6aa0
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-OrizMEoFVbNtGuM8So6rYuEZZ7NWwUq_-zmwDK2dJCg&KRTB&23047-OrizMEoFVbNtGuM8So6rYuEZZ7NWwUq_-zmwDK2dJCg&KRTB&23234-OrizMEoFVbNtGuM8So6rYuEZZ7NWwUq_-zmwDK2dJCg&KRTB&23361-OrizMEoFVbNtGuM8So6rYuEZZ7NWwUq_-zmwDK2dJCg
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUfd7898f2435b4ca89e5caf872c1f6aa0&KRTB&23485-OPUfd7898f2435b4ca89e5caf872c1f6aa0&KRTB&23524-OPUfd7898f2435b4ca89e5caf872c1f6aa0&KRTB&23575-OPUfd7898f2435b4ca89e5caf872c1f6aa0
.demdex.net/ Name: dextp
Value: 358-1-1720695613702|470-1-1720695613803|481-1-1720695613904|771-1-1720695614004|903-1-1720695614106|19566-1-1720695614207|23728-1-1720695614308|30432-1-1720695614409|30064-1-1720695614510|66757-1-1720695614611|134096-1-1720695614712|144230-1-1720695614812|144231-1-1720695614913|144232-1-1720695615013|144233-1-1720695615114|144234-1-1720695615215|144235-1-1720695615316|144236-1-1720695615416|144237-1-1720695615517|147592-1-1720695615617|461447-1-1720695615718
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-EQTNJ3hWC-K1Og21P7uPZg&KRTB&23557-EQTNJ3hWC-K1Og21P7uPZg&KRTB&23586-EQTNJ3hWC-K1Og21P7uPZg
.pubmatic.com/ Name: SPugT
Value: 1720695616
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 158393:4
.pubmatic.com/ Name: SyncRTB3
Value: 1721865600%3A96_22_165_238_220_54_254_266_209_56_264_5_3_13_107_8_179_247_176_21_99_214_71_231_7_233_234%7C1721952000%3A35%7C1721520000%3A63%7C1721260800%3A223_2_15
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.tribalfusion.com/ Name: ANON_ID
Value: aYnsIHyKalHobWm8ZaCyPqb8hptdZdeCe5wXUuej52Uk35ZagXGBASsEDDvYDbpA05ypB1uhBpT7961UodFMBdcVT1J
.w55c.net/ Name: wfivefivec
Value: 7c8u3r0w1SrRx75
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:7c8u3r0w1SrRx75&KRTB&23421-uid:7c8u3r0w1SrRx75
.pubmatic.com/ Name: PugT
Value: 1720695618

4 Console Messages

Source Level URL
Text
network error URL: https://www.heraldsun.com.au/leader/bayside?nk=15de4855b47787d2f2ee5284a4c4245f-1720695607
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=360826024142.5847?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=360826024142.5847?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=360826024142.5847?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14643376.fls.doubleclick.net
a.teads.tv
a1f9057a7056edf4b53110c249ae7986.safeframe.googlesyndication.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ads.pubmatic.com
alb.reddit.com
analytics.twitter.com
api.rlcdn.com
ats-wrapper.privacymanager.io
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
bat.bing.com
bedsberry.com
bidder.criteo.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c0.eu-3-id5-sync.com
c0.eu-4-id5-sync.com
c1.eu-3-id5-sync.com
c1.eu-4-id5-sync.com
c2.eu-3-id5-sync.com
c2.eu-4-id5-sync.com
c3.eu-3-id5-sync.com
c3.eu-4-id5-sync.com
c4.eu-3-id5-sync.com
c4.eu-4-id5-sync.com
c5.eu-3-id5-sync.com
c5.eu-4-id5-sync.com
c6.eu-3-id5-sync.com
c6.eu-4-id5-sync.com
c7.eu-3-id5-sync.com
c7.eu-4-id5-sync.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.speedcurve.com
cdn1.adoberesources.net
check.analytics.rlcdn.com
client.api.news
cm.everesttech.net
config.aps.amazon-adsystem.com
connect.facebook.net
ct.pinterest.com
dpm.demdex.net
dt.adsafeprotected.com
edge.adobedc.net
eus.rubiconproject.com
fastlane.rubiconproject.com
frankston-leader.whereilive.com.au
g2.gumgum.com
geo.privacymanager.io
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
insight.adsrvr.org
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
match.adsrvr.org
metrics.heraldsun.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
newscorpau.demdex.net
newscorpau.sc.omtrdc.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-config.reddit.com
pixel.adsafeprotected.com
pixel.zprk.io
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rm-script.dotmetrics.net
s.amazon-adsystem.com
s.pinimg.com
script.crazyegg.com
secure-sdk.imrworldwide.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
t.clarity.ms
t.co
tags.news.com.au
tags.tiqcdn.com
topics.authorizedvault.com
tpc.googlesyndication.com
udc-neb.kampyle.com
usersync.gumgum.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.clarity.ms
www.facebook.com
www.google.com
www.googletagmanager.com
www.hastingsleader.com.au
www.heraldsun.com.au
www.redditstatic.com
pagead2.googlesyndication.com
www.google.com
103.43.90.53
104.18.24.111
104.19.147.8
104.244.42.67
104.99.59.32
108.158.14.99
108.158.20.32
108.158.30.125
108.158.32.100
108.158.32.127
117.18.232.195
13.107.246.31
13.107.42.14
13.35.147.31
13.35.147.40
13.35.147.41
13.35.147.54
141.95.33.120
142.250.204.2
142.250.204.8
142.250.67.1
142.250.67.6
142.250.71.66
142.250.76.102
142.250.76.98
143.244.62.6
151.101.0.84
151.101.1.140
151.101.1.175
151.101.129.229
151.101.193.140
151.101.2.217
151.101.28.157
151.101.64.84
157.240.8.23
157.240.8.35
162.19.138.120
165.69.249.4
172.217.167.100
172.217.167.65
172.64.149.180
172.64.151.101
172.67.38.106
172.67.69.191
173.222.192.149
173.222.192.243
173.222.193.119
173.222.193.77
18.155.192.129
18.232.189.0
18.239.199.5
18.65.244.111
18.65.244.119
18.65.244.42
18.65.248.189
18.67.113.58
18.67.175.105
182.161.73.129
182.161.73.136
182.161.73.145
20.114.189.70
204.79.197.237
207.65.33.78
209.54.182.161
23.198.57.183
23.198.59.89
23.198.63.128
23.46.33.181
3.104.129.195
3.219.105.60
3.221.206.111
34.149.26.226
35.241.45.82
35.71.131.137
44.208.169.25
51.75.88.178
51.75.88.190
51.75.89.127
51.75.89.23
51.75.92.187
51.75.92.37
51.75.93.54
51.75.93.98
51.75.95.135
52.220.36.221
52.231.230.148
52.63.244.82
52.76.223.94
54.151.251.104
54.166.90.195
54.253.138.55
57.129.22.38
57.129.23.120
63.140.38.189
63.140.39.117
63.140.39.130
69.173.158.65
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c
0193ae8b1db0660a66d394e6312e74441c454cdcc3f6570d05ddb5f3daaca681
035675399800e3ae1f674fa492c731a97d18c40358fd47ccee65ffe31d5b3455
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
0477716b7261e6e9d2d2f708abe9c9c27358eea96d4c556b2d9fec8cafea7d8a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076fa5f8e52d8eeca80c0c0166ecfe87b4964a99c69656b0055d64cad6f435c4
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd
0e53454a6a3599c9e3c46ed4eb2132a19bd03b72d6be5282a2d4fb093249751f
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
1b1c0ae5e517882fdba0061e8e5d58ba76ecb132fd003d628ebe29234fb68f48
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
20a7a815ac630a4b10a39504f889de0c9ea4946fc295a012c7de467922df3383
22a7c0f21be2b8240a32adb4e3b490724a69eee63bf02e47615f6d001c0f81f6
252cba438bfd754846a15aaa33cf5b69115112618cfbdca512f73308c51f0a7d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
27b65c06fcf400e92c162ef2a8497cc573468ed0904d1a4c92119344c9997313
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b6979f782d4e20493f5ec1d8b617bde510a5709715e8ebf27c03d9047cb21bd
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3
2d34732a85cdb27e5211bc6cb51e6555fe67fb4a471c39e010dd4a5a8b5206dc
2d844b74da43882bdd0577cdf52c526c20536a3739c651bfef1e5b0f4830bdbb
2e5ae2206d0d20bab9706afc6abf0e2e8b85b5a2661d6c58bca7756accc3bd5a
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3b78c60731f2b8501cd5300f210570f527789694a7d4a27db4c336a0b3079251
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43
40237646f768b1cf55cb822cec09bfe23ca18749381a48c54284a54514569226
423063a18b91db9f3313a3454b96ae974665c58b9fde948553f0313b993aaf34
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459af69231567be891a6f39b937a4b7055443a58f3df773da5aa91bbc99e4eae
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
45ef81c3db1d12d7a2c4b4648f0f5e462f99718aa4961f841ffe10382c28338b
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4da9d1ede8aa7ce6b22a39064976f93f17aa567f01c80bce92b0a582b0345b3f
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
4fa71f016e9254cfa92aae141645cbfe20ec065b441d112ed64c59327721994a
50689f24338f43879545049ba9164d66a6f4790f6022d63f7c15baa93ae4961c
5131d1e3bf858be9f257dd3d5e40a722010111ee9aafcb2dfa57f61e6130ebfd
53065a93c18274e31d437a472cc996292f0603fb8ed9b4d9880dd32ea972aea7
559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd
5a7ba462b4c7c3b7263c07b042e640d49fcc49e8c5242d356c9cd5a3f679486b
5b46ddcb005bf31c490f0e276adabbe6bcaaa4c69d33bba30c5003ec7a3a6b69
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
6097e2b2889cb2a095b2f3e7f5b049a996576c203c4e0835a59fe6d10a242010
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b41f192cbb84402491dc04a088a8544c994984332291dd44f9cc56bd4f38a6
6497ac106b48f0299b44b59d3a2cd295e23124a32e64fd1e0c2df38565af5f03
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6aaf859938e9739d143127f76a087724dc4544d121b188b0ac18e93906d9d87a
6b0dcf3e206e015bc03358da6a4f6f96db00371fb21a976e292f40503d373fc8
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d
6b3eb86f70de6a5981588839766aac82855fe577a628aceaf9dbb14d6623a2dd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dd5ee1ae7c825ba0ff5114a0f367b495687816146b8b135d06b139533adee63
6ff7674f42cafb1832df71955d38c1ba093a3a6200bf5d896df289445523775a
6ffc785f3715eab110fa28a450f2f495edab81e6fc302098b4afae4544afc30f
7319e564328115c786a41ae6d84023d5f7e565bd9dcb601f36d71412ba152458
7538deef70d942ac5fc21454137fdfe920737e17bf387ff19c10b3cf581cef73
757d80dfe05f2cff4c205281c6eee742f3d76dcab699e94a4aab27e5b4422ca1
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451
7b152261e1c57453fc67ef715778608859c6c09a2a50affc25d99e0bb0742380
80a98e6e0fc8628ac7d59d0b1be825d06f4fa08a747b4aa01fb58468bfca8e10
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
820d2146cd9413e3a1c7d162fb1bbd14e1d5623452ddcc0b407dd4a8b30d3a3b
82d2839b94bc4d0949b137ebf82a2a090ca1af6e1ad5b29b7e35782032164df8
8652c0bb729ad68bedc0d5231918c34b662abb80bbbe8439d73499f4b65ce9af
86a522a5175f849257f3ef4c78e7bbc6d281c8624bc23d14af4410963d2c7971
875e2dbb46ed3ac5de6ffb948be3670674574c75bf0c963ad68edb8832f06d44
88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf
88d833514dd924f4ec26dbc1614f8ef8699397c2d1dd0c6df87658e811e54987
8a5d91052bc163605a1fbe6b47bc14a5d58b9e886184ac657c60b8845cc04409
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8cdd606cccdf0b5196c1e22d226fbb0b89a82feef6ea7e3d29b8698001a11a2a
91306bee3cd80e178a0a9d5deb08a56e1d626f7a28377aa9c529fd98eea44146
94ccf9b12044666534ed3c190b46629b5b21e03d948f9663e9d7fe7b0b92f6ec
9717b0b03cbd1f25ad0b3605d10b12c92176310dd00ef583bbb99f6bbe12f242
99740307ed5cfa3bfd0c6d068d455e4c76d3328c7262599434f41754fd6165c7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a467f7c2b83a2dba2544ba15b6016687cd2e36189492d868994f995787d12caa
a85d1caf9db24f47dd0ea3c0d1c97215b3a3c2447607b5c0c7dcb46f823b3f17
a97bc8ec679a82ec782bd76c7302c0ca394c1ad672450f86f87bee5e0ec06b19
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
aeefdb59a530585244dd2afbbaec040f62d5e5de3789294c478c2d6e9bb647ea
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17a7e54402f7e995957367dbcab5a87af22d98ee99f38ced0922f7a8888ef8e
b3de2c693c4f16a4c6487eb66fa1b2884f11525f50d46dfb3a0a6252d22e1a48
b47962c96dfb0fbd00ba719aafe0fb16eda3921b16c5fd140796e0143237e122
b5198ba4c0705ec13918c3bbe4fb8128d936afe65af4bab66dd5cb671d4e94a2
b693ff17985bc54be8d357b5ac2ddc78e06c64df046d38aadad3d9bee7ec2439
b78de46be1aa7cb9f8c429bde4d202a358c1651ae0cc6217cbfd79097793d894
b8464dcb7e2e01bf45bea28cd900120b54874408b41a83ccd573931cae12fac8
c38179509be58e14e671994e13332739a5340b522decb59218221c0ecaebe0d4
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc146b35a2a63691ad385731452cb964042715f491f35b0a4db2d604df00e606
cc5a53633967317934dcbff7f7312e431f6a60c13a6bba20a462096632a3fd53
cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105
ccec862c86db29c4f32f3a9355031ee05e156ab3c968721cbed91f7f630a531d
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0fdd61bad967269dcbf18370d0f9400369d50c15d27958520691ef9ff84047f
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d23d5715ffe428ffa9ce297fba04eb9ba463cbc6478269f0c53ceeeada3c95c6
d45c970754b1c9d73f6cd8b1e508b949a38c38beb0c94b9f436eab85795b9c41
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d77a4a7b3b4a26964ac54bc76c5fa5a094d2a576002a00d0cbfd087602f1098e
d7dd87ba68fa2909a3530f39c97e7cf34f8a03020a0b904473787e5b3f3770c4
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510
d9f5945e80f23ab8addc1908230c8aa3ffabffd8aaa4827fa91afa5785a64169
da0092d6d20dcc503467143e07bbcd2c0a10d9679012b61a8853097de8bd1094
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
dbfeb010a0c8acddc38dea97e228787f16ac5e30b4af96b764fa2252fe3827e4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c
e03f31f070cdf96deb44c8a8760578f65f041cdfc2f69a1b449da43ee298c326
e08f19541fd090cb2aed8d5002cc53a26c6bc6278950f364c8fd9af58633401c
e38ba87fc3c01838268043d9e5f3b0ec09c532e5f9ce823592306344e89293d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
e8578396b1b92c9c86641ef39b7ee6f7c675d2f6fd2127cb3a1d7b518aa7eb6d
e9ce9cba628d445d18281ec7b7b4919349ba588aa407bfff7e4d43f657920c16
ed869b2f776f2497f9c60d79d25725b6bcb0118d63a4ef70375e193fba5e197b
ee5be89227a695f2d10c1d11c6b6265db0de645aecd562fc5f68aa32cddaec8a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef508b8dbcc345d6ab59f8fc536dfa1a08c2c8e34194d5c19ca2f8ba619d5ca9
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f03eb5ddf21faa700fe51263e8c57eb7b973281877ddd9d692fc3fb087da0a60
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f4cd2b3a7ecd9e189a4335aca67202ddd4803525c0d56d51ea80f3f247e946fe
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f5daeb8ac3aa04dce3b8bb7bb3428e46651c5ae9383adbc1f458638de8b3fae1
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9
f9e85cb0bf5742e7750767f08323e61923bdb07db8d787824f8e5f99c9917fef
fc6ce72a0efa98fee671e04807f63b026428685fb1af3239dd269f774f6149a2
fcd9a43f72afabd7efb8a7d5b0ca533f82d8855ad1e4d4e4b8c73e6e8f79db6a
fdba8926b943ef611fc6efc98f34bf6b946006bca29a6ca711c03f94e9b770ba