urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
23.202.168.183  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.mooneevalleyleader.com.au//
Effective URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Submission: On June 13 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 114 IPs in 10 countries across 73 domains to perform 278 HTTP transactions. The main IP is 23.202.168.183, located in Sydney, Australia and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 665553.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 6th 2023. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 165.69.249.4 16509 (AMAZON-02)
3 20 23.202.168.183 16625 (AKAMAI-AS)
1 12 104.99.188.230 9443 (VOCUS-RET...)
15 23.202.169.72 16625 (AKAMAI-AS)
1 151.101.194.217 54113 (FASTLY)
1 3.5.168.128 16509 (AMAZON-02)
3 104.18.24.111 13335 (CLOUDFLAR...)
26 104.99.188.143 9443 (VOCUS-RET...)
3 104.74.39.62 16625 (AKAMAI-AS)
2 104.99.189.198 9443 (VOCUS-RET...)
6 18.67.93.121 16509 (AMAZON-02)
2 18.65.244.110 16509 (AMAZON-02)
1 18.244.214.42 16509 (AMAZON-02)
5 142.250.66.206 15169 (GOOGLE)
1 104.83.204.181 16625 (AKAMAI-AS)
1 142.250.71.70 15169 (GOOGLE)
1 4 204.79.197.237 8068 (MICROSOFT...)
2 157.240.8.23 32934 (FACEBOOK)
1 18.65.244.99 16509 (AMAZON-02)
2 44.205.131.107 14618 (AMAZON-AES)
2 151.101.65.175 54113 (FASTLY)
1 172.67.38.106 13335 (CLOUDFLAR...)
1 23.55.11.47 16625 (AKAMAI-AS)
6 142.250.204.2 15169 (GOOGLE)
3 108.158.21.125 16509 (AMAZON-02)
1 108.158.20.32 16509 (AMAZON-02)
2 172.67.69.191 13335 (CLOUDFLAR...)
2 151.101.28.157 54113 (FASTLY)
1 23.32.5.109 20940 (AKAMAI-ASN1)
1 18.65.248.189 16509 (AMAZON-02)
2 108.158.32.127 16509 (AMAZON-02)
4 13.35.147.66 16509 (AMAZON-02)
2 23.206.242.194 20940 (AKAMAI-ASN1)
3 151.101.129.140 54113 (FASTLY)
2 104.19.147.8 13335 (CLOUDFLAR...)
1 18.65.244.102 16509 (AMAZON-02)
1 104.18.187.31 13335 (CLOUDFLAR...)
5 162.19.138.118 16276 (OVH)
1 34.149.26.226 15169 (GOOGLE)
3 3.104.132.249 16509 (AMAZON-02)
1 18.65.244.67 16509 (AMAZON-02)
1 108.158.32.114 16509 (AMAZON-02)
2 18.155.192.129 16509 (AMAZON-02)
2 142.250.66.226 15169 (GOOGLE)
2 142.250.71.66 15169 (GOOGLE)
2 117.18.232.195 15133 (EDGECAST)
2 104.244.42.67 13414 (TWITTER)
1 108.158.35.170 16509 (AMAZON-02)
2 23.55.6.117 16625 (AKAMAI-AS)
1 143.244.62.6 60068 (CDN77 _)
1 67.199.150.87 3257 (GTT-BACKB...)
2 34.102.253.54 396982 (GOOGLE-CL...)
2 52.74.235.159 16509 (AMAZON-02)
1 182.161.73.145 55569 (CRITEO-AS...)
4 69.173.158.65 26667 (RUBICONPR...)
1 172.64.151.101 13335 (CLOUDFLAR...)
2 7 103.43.90.54 29990 (ASN-APPNEX)
1 104.99.189.111 9443 (VOCUS-RET...)
1 18.65.244.42 16509 (AMAZON-02)
1 3.104.159.235 16509 (AMAZON-02)
4 157.240.8.35 32934 (FACEBOOK)
1 18.138.164.249 16509 (AMAZON-02)
1 20.40.202.2 8075 (MICROSOFT...)
1 23.221.20.194 16625 (AKAMAI-AS)
2 13.107.42.14 8068 (MICROSOFT...)
2 13.107.246.31 8075 (MICROSOFT...)
1 44.195.76.49 14618 (AMAZON-AES)
3 18.232.189.0 14618 (AMAZON-AES)
1 2 52.46.151.131 16509 (AMAZON-02)
1 151.101.1.140 54113 (FASTLY)
1 108.158.32.13 16509 (AMAZON-02)
2 162.19.138.117 16276 (OVH)
2 23.202.168.218 16625 (AKAMAI-AS)
2 108.158.14.99 16509 (AMAZON-02)
3 6 142.250.204.6 15169 (GOOGLE)
1 142.250.67.8 15169 (GOOGLE)
2 23.55.4.150 16625 (AKAMAI-AS)
1 52.76.196.116 16509 (AMAZON-02)
1 35.173.120.247 14618 (AMAZON-AES)
1 63.140.39.82 14618 (AMAZON-AES)
1 1 13.251.142.250 16509 (AMAZON-02)
1 3.77.62.68 16509 (AMAZON-02)
4 151.101.64.84 54113 (FASTLY)
2 20.114.190.119 8075 (MICROSOFT...)
1 34.49.241.189 396982 (GOOGLE-CL...)
3 142.250.66.196 15169 (GOOGLE)
2 142.250.67.3 15169 (GOOGLE)
1 63.140.56.177 15224 (OMNITURE)
1 151.101.0.84 54113 (FASTLY)
2 35.71.131.137 16509 (AMAZON-02)
2 51.75.92.187 16276 (OVH)
2 51.75.88.178 16276 (OVH)
3 51.75.95.199 16276 (OVH)
1 51.75.95.112 16276 (OVH)
2 51.75.93.54 16276 (OVH)
1 51.75.88.190 16276 (OVH)
1 51.75.89.188 16276 (OVH)
2 51.75.95.135 16276 (OVH)
1 51.75.89.23 16276 (OVH)
1 51.75.89.127 16276 (OVH)
2 182.161.73.129 55569 (CRITEO-AS...)
5 142.250.71.65 15169 (GOOGLE)
1 13.239.155.123 16509 (AMAZON-02)
1 2 20.205.115.81 8075 (MICROSOFT...)
1 182.161.73.136 55569 (CRITEO-AS...)
1 35.241.45.82 15169 (GOOGLE)
1 63.140.56.170 15224 (OMNITURE)
2 142.250.66.193 15169 (GOOGLE)
1 108.158.20.50 16509 (AMAZON-02)
1 172.64.149.180 13335 (CLOUDFLAR...)
1 104.99.189.67 9443 (VOCUS-RET...)
2 2 50.31.142.223 23352 (SERVERCEN...)
1 52.37.30.173 16509 (AMAZON-02)
2 3 35.213.12.39 15169 (GOOGLE)
2 2 54.95.211.239 16509 (AMAZON-02)
2 35.162.199.133 16509 (AMAZON-02)
1 18.67.175.108 16509 (AMAZON-02)
278 114
1    165.69.249.4 (Australia)

ASN16509 (AMAZON-02, US)
PTR: ip-165.69.249.4.news.com.au
www.mooneevalleyleader.com.au
20    23.202.168.183 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-168-183.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
12    104.99.188.230 (Sydney, Australia)

ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU)
PTR: a104-99-188-230.deploy.static.akamaitechnologies.com
tags.news.com.au
15    23.202.169.72 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-169-72.deploy.static.akamaitechnologies.com
resourcesssl.newscdn.com.au
1    151.101.194.217 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
1    3.5.168.128 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
3    104.18.24.111 (None, )

ASN13335 (CLOUDFLARENET, US)
bedsberry.com
26    104.99.188.143 (Sydney, Australia)

ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU)
PTR: a104-99-188-143.deploy.static.akamaitechnologies.com
content.api.news
mhr.talk.news.com.au
client.api.news
3    104.74.39.62 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-39-62.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
2    104.99.189.198 (Sydney, Australia)

ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU)
PTR: a104-99-189-198.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.heraldsun.com.au
6    18.67.93.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-121.syd62.r.cloudfront.net
tags.tiqcdn.com
2    18.65.244.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-110.syd3.r.cloudfront.net
assets.vidora.com
1    18.244.214.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-214-42.sfo53.r.cloudfront.net
static.adsafeprotected.com
5    142.250.66.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f14.1e100.net
news.google.com
1    104.83.204.181 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-204-181.deploy.static.akamaitechnologies.com
cdn.optimizely.com
1    142.250.71.70 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f6.1e100.net
ad.doubleclick.net
4    204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net
1    18.65.244.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-99.syd3.r.cloudfront.net
au.tags.newscgp.com
2    44.205.131.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-131-107.compute-1.amazonaws.com
pixel.zprk.io
2    151.101.65.175 (San Francisco, United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.55.11.47 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-11-47.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
6    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
3    108.158.21.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-21-125.syd62.r.cloudfront.net
c.amazon-adsystem.com
1    108.158.20.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-32.syd62.r.cloudfront.net
ats-wrapper.privacymanager.io
2    172.67.69.191 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
2    151.101.28.157 (San Francisco, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    23.32.5.109 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-5-109.deploy.static.akamaitechnologies.com
snap.licdn.com
1    18.65.248.189 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-248-189.syd3.r.cloudfront.net
static.chartbeat.com
2    108.158.32.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-127.syd3.r.cloudfront.net
cdn-gl.imrworldwide.com
4    13.35.147.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-66.syd1.r.cloudfront.net
au-script.dotmetrics.net
2    23.206.242.194 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-242-194.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
3    151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
alb.reddit.com
2    104.19.147.8 (None, )

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    18.65.244.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-102.syd3.r.cloudfront.net
cdn.adsafeprotected.com
1    104.18.187.31 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
1    34.149.26.226 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 226.26.149.34.bc.googleusercontent.com
api.rlcdn.com
3    3.104.132.249 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-104-132-249.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
1    18.65.244.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-67.syd3.r.cloudfront.net
ncg.tags.news.com.au
1    108.158.32.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-114.syd3.r.cloudfront.net
config.aps.amazon-adsystem.com
2    18.155.192.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-192-129.sfo53.r.cloudfront.net
geo.privacymanager.io
2    142.250.66.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net
pagead2.googlesyndication.com
2    142.250.71.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f2.1e100.net
googleads4.g.doubleclick.net
www.googleadservices.com
2    117.18.232.195 (Australia)

ASN15133 (EDGECAST, US)
t.co
2    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    108.158.35.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-35-170.syd3.r.cloudfront.net
aax.amazon-adsystem.com
2    23.55.6.117 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-6-117.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    143.244.62.6 (Sydney, Australia)

ASN60068 (CDN77 _, GB)
PTR: 109632633.syd.cdn77.com
topics.authorizedvault.com
1    67.199.150.87 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    52.74.235.159 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-235-159.ap-southeast-1.compute.amazonaws.com
g2.gumgum.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
4    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
7    103.43.90.54 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    104.99.189.111 (Sydney, Australia)

ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU)
PTR: a104-99-189-111.deploy.static.akamaitechnologies.com
a.teads.tv
1    18.65.244.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-42.syd3.r.cloudfront.net
rm-script.dotmetrics.net
1    3.104.159.235 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-104-159-235.ap-southeast-2.compute.amazonaws.com
pixel.adsafeprotected.com
4    157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
www.facebook.com
1    18.138.164.249 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-164-249.ap-southeast-1.compute.amazonaws.com
bs.serving-sys.com
1    20.40.202.2 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
1    23.221.20.194 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-20-194.deploy.static.akamaitechnologies.com
a20352597942.cdn.optimizely.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    13.107.246.31 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    44.195.76.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-76-49.compute-1.amazonaws.com
ping.chartbeat.net
3    18.232.189.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-189-0.compute-1.amazonaws.com
dpm.demdex.net
2    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    108.158.32.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-13.syd3.r.cloudfront.net
cdn-gl.imrworldwide.com
2    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    23.202.168.218 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-168-218.deploy.static.akamaitechnologies.com
s.pinimg.com
2    108.158.14.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-14-99.syd62.r.cloudfront.net
js.adsrvr.org
6    142.250.204.6 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f6.1e100.net
8228261.fls.doubleclick.net
1    142.250.67.8 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f8.1e100.net
www.googletagmanager.com
2    23.55.4.150 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-4-150.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    52.76.196.116 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-196-116.ap-southeast-1.compute.amazonaws.com
pixel.mediaiqdigital.com
1    35.173.120.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-120-247.compute-1.amazonaws.com
newscorpau.demdex.net
1    63.140.39.82 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-82.data.adobedc.net
newscorpau.sc.omtrdc.net
1    13.251.142.250 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-142-250.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
1    3.77.62.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-62-68.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
4    151.101.64.84 (San Francisco, United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
2    20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
x.clarity.ms
1    34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com
logx.optimizely.com
3    142.250.66.196 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f4.1e100.net
www.google.com
2    142.250.67.3 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f3.1e100.net
www.google.com.au
1    63.140.56.177 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-56-177.data.adobedc.net
metrics.heraldsun.com.au
1    151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
2    51.75.92.187 (Germany)

ASN16276 (OVH, FR)
c0.eu-3-id5-sync.com
c5.eu-4-id5-sync.com
2    51.75.88.178 (Germany)

ASN16276 (OVH, FR)
c1.eu-3-id5-sync.com
c4.eu-3-id5-sync.com
3    51.75.95.199 (Germany)

ASN16276 (OVH, FR)
c2.eu-3-id5-sync.com
c2.eu-4-id5-sync.com
c6.eu-4-id5-sync.com
1    51.75.95.112 (Germany)

ASN16276 (OVH, FR)
c3.eu-3-id5-sync.com
2    51.75.93.54 (Germany)

ASN16276 (OVH, FR)
c5.eu-3-id5-sync.com
c3.eu-4-id5-sync.com
1    51.75.88.190 (Germany)

ASN16276 (OVH, FR)
c6.eu-3-id5-sync.com
1    51.75.89.188 (Germany)

ASN16276 (OVH, FR)
c7.eu-3-id5-sync.com
2    51.75.95.135 (Germany)

ASN16276 (OVH, FR)
c0.eu-4-id5-sync.com
c1.eu-4-id5-sync.com
1    51.75.89.23 (Germany)

ASN16276 (OVH, FR)
c4.eu-4-id5-sync.com
1    51.75.89.127 (Germany)

ASN16276 (OVH, FR)
c7.eu-4-id5-sync.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
5    142.250.71.65 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f1.1e100.net
b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com
1    13.239.155.123 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-239-155-123.ap-southeast-2.compute.amazonaws.com
secure-sdk.imrworldwide.com
2    20.205.115.81 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
1    63.140.56.170 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-56-170.data.adobedc.net
edge.adobedc.net
2    142.250.66.193 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f1.1e100.net
tpc.googlesyndication.com
1    108.158.20.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-50.syd62.r.cloudfront.net
check.analytics.rlcdn.com
1    172.64.149.180 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    104.99.189.67 (Sydney, Australia)

ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU)
PTR: a104-99-189-67.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    50.31.142.223 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    52.37.30.173 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-30-173.us-west-2.compute.amazonaws.com
usersync.gumgum.com
3    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    54.95.211.239 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-211-239.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
2    35.162.199.133 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-199-133.us-west-2.compute.amazonaws.com
prod.tahoe-analytics.publishers.advertising.a2z.com
1    18.67.175.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-175-108.cgk51.r.cloudfront.net
au.audience.newscgp.com
Apex Domain
Subdomains		 Transfer
25 api.news
content.api.news — Cisco Umbrella Rank: 88367
client.api.news — Cisco Umbrella Rank: 329986
300 KB
22 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 665553
subscriptions.heraldsun.com.au
metrics.heraldsun.com.au
420 KB
15 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 112176
89 KB
14 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 164
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 790
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 194936
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
297 KB
14 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 103063
mhr.talk.news.com.au — Cisco Umbrella Rank: 831202
ncg.tags.news.com.au — Cisco Umbrella Rank: 211544
258 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 283
secure.adnxs.com — Cisco Umbrella Rank: 522
acdn.adnxs.com — Cisco Umbrella Rank: 631
15 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 136
b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 172
23 KB
8 eu-4-id5-sync.com
c0.eu-4-id5-sync.com — Cisco Umbrella Rank: 396592
c1.eu-4-id5-sync.com — Cisco Umbrella Rank: 383788
c2.eu-4-id5-sync.com — Cisco Umbrella Rank: 394005
c3.eu-4-id5-sync.com — Cisco Umbrella Rank: 392689
c4.eu-4-id5-sync.com — Cisco Umbrella Rank: 391416
c5.eu-4-id5-sync.com — Cisco Umbrella Rank: 392690
c6.eu-4-id5-sync.com — Cisco Umbrella Rank: 371615
c7.eu-4-id5-sync.com — Cisco Umbrella Rank: 387536
2 KB
8 eu-3-id5-sync.com
c0.eu-3-id5-sync.com — Cisco Umbrella Rank: 392686
c1.eu-3-id5-sync.com — Cisco Umbrella Rank: 394004
c2.eu-3-id5-sync.com — Cisco Umbrella Rank: 396593
c3.eu-3-id5-sync.com — Cisco Umbrella Rank: 391415
c4.eu-3-id5-sync.com — Cisco Umbrella Rank: 401683
c5.eu-3-id5-sync.com — Cisco Umbrella Rank: 391417
c6.eu-3-id5-sync.com — Cisco Umbrella Rank: 400364
c7.eu-3-id5-sync.com — Cisco Umbrella Rank: 391418
2 KB
8 google.com
news.google.com — Cisco Umbrella Rank: 6132
www.google.com — Cisco Umbrella Rank: 5
68 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 351
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 733
aax.amazon-adsystem.com — Cisco Umbrella Rank: 494
s.amazon-adsystem.com — Cisco Umbrella Rank: 345
82 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 776
x.clarity.ms — Cisco Umbrella Rank: 7537
c.clarity.ms — Cisco Umbrella Rank: 1472
28 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1095
id5-sync.com — Cisco Umbrella Rank: 569
32 KB
6 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1321
32 KB
5 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 901
5 KB
5 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 560
eus.rubiconproject.com — Cisco Umbrella Rank: 666
4 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 59081
rm-script.dotmetrics.net — Cisco Umbrella Rank: 6669
35 KB
5 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 159401
au.pixel.newscgp.com — Cisco Umbrella Rank: 181382
au.audience.newscgp.com — Cisco Umbrella Rank: 147544 Failed
49 KB
4 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1419
insight.adsrvr.org — Cisco Umbrella Rank: 1061
5 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 249
newscorpau.demdex.net — Cisco Umbrella Rank: 149920
5 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
5 KB
4 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 3543
bs.serving-sys.com — Cisco Umbrella Rank: 2102
lm.serving-sys.com — Cisco Umbrella Rank: 3492
43 KB
4 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 4417
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 8126
63 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 357
c.bing.com — Cisco Umbrella Rank: 226
16 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 390
2 KB
3 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1795
usersync.gumgum.com — Cisco Umbrella Rank: 1813
3 KB
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 601
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 516
224 B
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3169
collector.brandmetrics.com — Cisco Umbrella Rank: 3517
23 KB
3 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 2202
geo.privacymanager.io — Cisco Umbrella Rank: 2166
63 KB
3 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 5792
udc-neb.kampyle.com — Cisco Umbrella Rank: 2526
87 KB
3 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 832
a20352597942.cdn.optimizely.com — Cisco Umbrella Rank: 175573
logx.optimizely.com — Cisco Umbrella Rank: 1676
128 KB
3 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 694
cdn.adsafeprotected.com — Cisco Umbrella Rank: 4998
pixel.adsafeprotected.com — Cisco Umbrella Rank: 773
8 KB
3 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2093
widget-pixels.outbrain.com — Cisco Umbrella Rank: 5000
90 KB
3 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 254536
25 KB
2 a2z.com
prod.tahoe-analytics.publishers.advertising.a2z.com — Cisco Umbrella Rank: 4273
374 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 6344
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 784
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 751
31 KB
2 google.com.au
www.google.com.au — Cisco Umbrella Rank: 22775
128 B
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1101
22 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 949
581 B
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 2067
alb.reddit.com — Cisco Umbrella Rank: 1388
761 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 352 Failed
484 B
2 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 663
gum.criteo.com — Cisco Umbrella Rank: 501
227 B
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 20814
626 B
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 938
844 B
2 t.co
t.co — Cisco Umbrella Rank: 711
542 B
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1121
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4034
669 B
2 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 3003
3 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1179
13 KB
2 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 881
15 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 11734
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
73 KB
2 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 111850
6 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 756
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 3723
821 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1345
517 B
1 omtrdc.net
newscorpau.sc.omtrdc.net — Cisco Umbrella Rank: 170742
271 B
1 mediaiqdigital.com
pixel.mediaiqdigital.com — Cisco Umbrella Rank: 14564
58 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 135
21 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
82 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1477
201 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1746
641 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 535
698 B
1 authorizedvault.com
topics.authorizedvault.com — Cisco Umbrella Rank: 8354
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
2 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1659
24 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 958
17 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 13130
20 KB
1 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 134292
1 amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
28 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 7698
9 KB
1 mooneevalleyleader.com.au
www.mooneevalleyleader.com.au
273 B
278 73
Domain Requested by
24 content.api.news www.heraldsun.com.au
20 www.heraldsun.com.au 3 redirects www.heraldsun.com.au
15 resourcesssl.newscdn.com.au www.heraldsun.com.au
resourcesssl.newscdn.com.au
12 tags.news.com.au 1 redirects www.heraldsun.com.au
tags.tiqcdn.com
au.tags.newscgp.com
6 8228261.fls.doubleclick.net 3 redirects www.heraldsun.com.au
6 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
5 b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 ct.pinterest.com s.pinimg.com
5 id5-sync.com tags.news.com.au
cdn.id5-sync.com
5 news.google.com subscriptions.heraldsun.com.au
news.google.com
4 www.facebook.com www.heraldsun.com.au
4 ib.adnxs.com 1 redirects tags.news.com.au
acdn.adnxs.com
www.heraldsun.com.au
4 fastlane.rubiconproject.com tags.news.com.au
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
4 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
3 x.bidswitch.net 2 redirects
3 www.google.com www.heraldsun.com.au
tpc.googlesyndication.com
3 secure.adnxs.com 1 redirects secure-ds.serving-sys.com
www.heraldsun.com.au
3 dpm.demdex.net tags.news.com.au
www.heraldsun.com.au
3 au.pixel.newscgp.com au.tags.newscgp.com
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 c.amazon-adsystem.com tags.tiqcdn.com
c.amazon-adsystem.com
3 bat.bing.com tags.tiqcdn.com
bat.bing.com
www.heraldsun.com.au
3 bedsberry.com www.heraldsun.com.au
bedsberry.com
2 prod.tahoe-analytics.publishers.advertising.a2z.com c.amazon-adsystem.com
2 pool.admedo.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 c.clarity.ms 1 redirects
2 static.criteo.net tags.news.com.au
static.criteo.net
2 insight.adsrvr.org js.adsrvr.org
2 www.google.com.au www.heraldsun.com.au
2 x.clarity.ms www.clarity.ms
2 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
2 acdn.adnxs.com www.heraldsun.com.au
tags.news.com.au
2 js.adsrvr.org secure-ds.serving-sys.com
2 s.pinimg.com www.heraldsun.com.au
s.pinimg.com
2 lb.eu-1-id5-sync.com tags.news.com.au
cdn.id5-sync.com
2 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 px.ads.linkedin.com snap.licdn.com
www.heraldsun.com.au
2 g2.gumgum.com tags.news.com.au
2 ads.playground.xyz tags.news.com.au
2 ads.pubmatic.com tags.news.com.au
2 analytics.twitter.com www.heraldsun.com.au
2 t.co www.heraldsun.com.au
2 pagead2.googlesyndication.com ad.doubleclick.net
securepubads.g.doubleclick.net
2 geo.privacymanager.io ats-wrapper.privacymanager.io
2 script.crazyegg.com tags.tiqcdn.com
script.crazyegg.com
2 www.redditstatic.com tags.tiqcdn.com
www.redditstatic.com
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 static.ads-twitter.com tags.tiqcdn.com
www.heraldsun.com.au
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 nebula-cdn.kampyle.com tags.tiqcdn.com
nebula-cdn.kampyle.com
2 pixel.zprk.io tags.tiqcdn.com
www.heraldsun.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 assets.vidora.com www.heraldsun.com.au
assets.vidora.com
2 widgets.outbrain.com www.heraldsun.com.au
widgets.outbrain.com
1 usersync.gumgum.com
1 eus.rubiconproject.com tags.news.com.au
1 js-sec.indexww.com tags.news.com.au
1 au.audience.newscgp.com tags.tiqcdn.com
au.tags.newscgp.com
1 check.analytics.rlcdn.com tags.news.com.au
1 edge.adobedc.net cdn1.adoberesources.net
1 udc-neb.kampyle.com
1 gum.criteo.com static.criteo.net
1 c.bing.com 1 redirects
1 secure-sdk.imrworldwide.com www.heraldsun.com.au
1 c7.eu-4-id5-sync.com cdn.id5-sync.com
1 c6.eu-4-id5-sync.com cdn.id5-sync.com
1 c5.eu-4-id5-sync.com cdn.id5-sync.com
1 c4.eu-4-id5-sync.com cdn.id5-sync.com
1 c3.eu-4-id5-sync.com cdn.id5-sync.com
1 c2.eu-4-id5-sync.com cdn.id5-sync.com
1 c1.eu-4-id5-sync.com cdn.id5-sync.com
1 c0.eu-4-id5-sync.com cdn.id5-sync.com
1 c7.eu-3-id5-sync.com cdn.id5-sync.com
1 c6.eu-3-id5-sync.com cdn.id5-sync.com
1 c5.eu-3-id5-sync.com cdn.id5-sync.com
1 c4.eu-3-id5-sync.com cdn.id5-sync.com
1 c3.eu-3-id5-sync.com cdn.id5-sync.com
1 c2.eu-3-id5-sync.com cdn.id5-sync.com
1 c1.eu-3-id5-sync.com cdn.id5-sync.com
1 c0.eu-3-id5-sync.com cdn.id5-sync.com
1 metrics.heraldsun.com.au tags.news.com.au
1 logx.optimizely.com cdn.optimizely.com
1 lm.serving-sys.com secure-ds.serving-sys.com
1 cm.everesttech.net 1 redirects
1 newscorpau.sc.omtrdc.net tags.news.com.au
1 newscorpau.demdex.net tags.news.com.au
1 pixel.mediaiqdigital.com www.heraldsun.com.au
1 www.googleadservices.com secure-ds.serving-sys.com
1 www.googletagmanager.com secure-ds.serving-sys.com
1 alb.reddit.com www.heraldsun.com.au
1 pixel-config.reddit.com www.redditstatic.com
1 ping.chartbeat.net www.heraldsun.com.au
1 a20352597942.cdn.optimizely.com cdn.optimizely.com
1 collector.brandmetrics.com cdn.brandmetrics.com
1 bs.serving-sys.com secure-ds.serving-sys.com
1 pixel.adsafeprotected.com cdn.adsafeprotected.com
1 rm-script.dotmetrics.net www.heraldsun.com.au
1 a.teads.tv tags.news.com.au
1 htlb.casalemedia.com tags.news.com.au
1 bidder.criteo.com tags.news.com.au
1 hbopenbid.pubmatic.com tags.news.com.au
1 topics.authorizedvault.com tags.news.com.au
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 ncg.tags.news.com.au au.tags.newscgp.com
1 api.rlcdn.com tags.news.com.au
1 cdn.jsdelivr.net tags.news.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 static.chartbeat.com tags.tiqcdn.com
1 snap.licdn.com tags.tiqcdn.com
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 cdn1.adoberesources.net tags.tiqcdn.com
1 cdn.id5-sync.com tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 ad.doubleclick.net tags.tiqcdn.com
1 cdn.optimizely.com tags.tiqcdn.com
1 client.api.news resourcesssl.newscdn.com.au
1 static.adsafeprotected.com www.heraldsun.com.au
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 login.newscorpaustralia.com www.heraldsun.com.au
1 mhr.talk.news.com.au www.heraldsun.com.au
1 widget-pixels.outbrain.com www.heraldsun.com.au
1 news-networkeditorial.s3-ap-southeast-2.amazonaws.com www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
1 www.mooneevalleyleader.com.au 1 redirects
278 130
Subject Issuer Validity Valid
news.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-06 -
2024-12-05		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-21 -
2025-02-21		 a year crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon RSA 2048 M01		 2024-05-10 -
2025-05-01		 a year crt.sh
bedsberry.com
E1		 2024-05-09 -
2024-08-07		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02		 2024-03-19 -
2025-04-17		 a year crt.sh
*.vidora.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-08		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-05-01 -
2024-06-27		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-23 -
2024-06-21		 3 months crt.sh
au.tags.newscgp.com
Amazon RSA 2048 M02		 2024-01-23 -
2025-02-19		 a year crt.sh
*.zprk.io
Amazon RSA 2048 M03		 2023-09-19 -
2024-10-17		 a year crt.sh
*.kampyle.com
SSL.com RSA SSL subCA		 2023-11-07 -
2024-12-07		 a year crt.sh
id5-sync.com
E1		 2024-06-04 -
2024-09-02		 3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
brandmetrics.com
GTS CA 1P5		 2024-04-29 -
2024-07-28		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2024-05-15 -
2025-06-06		 a year crt.sh
*.imrworldwide.com
GlobalSign RSA OV SSL CA 2018		 2024-05-16 -
2025-02-02		 9 months crt.sh
*.dotmetrics.net
Amazon RSA 2048 M02		 2023-08-23 -
2024-09-20		 a year crt.sh
secure-ds.serving-sys.com
R3		 2024-04-16 -
2024-07-15		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
script.crazyegg.com
E1		 2024-06-03 -
2024-09-01		 3 months crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M03		 2024-04-21 -
2025-05-19		 a year crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
*.id5-sync.com
R3		 2024-05-01 -
2024-07-30		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
www.newsconnect.com.au
Amazon RSA 2048 M02		 2024-02-08 -
2025-03-08		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-08 -
2025-05-07		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-08 -
2024-10-08		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
1657490710.rsc.cdn77.org
E5		 2024-06-11 -
2024-09-09		 3 months crt.sh
ads.playground.xyz
WR3		 2024-05-29 -
2024-08-27		 3 months crt.sh
sp-ad-exch-prd-two-eks.prd.eks.sp.adexchange.gumgum.com
Amazon RSA 2048 M02		 2024-04-05 -
2025-05-04		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-15 -
2024-07-10		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-04 -
2025-04-03		 a year crt.sh
casalemedia.com
E1		 2024-04-19 -
2024-07-18		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
teads.tv
R10		 2024-06-11 -
2024-09-09		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M03		 2024-02-28 -
2025-03-29		 a year crt.sh
bs.serving-sys.com
Amazon RSA 2048 M02		 2024-02-24 -
2025-03-24		 a year crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2024-05-13 -
2025-06-11		 a year crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2024-01-25 -
2025-01-27		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2024-07-30		 6 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-04-24 -
2025-04-17		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
*.eu-1-id5-sync.com
R3		 2024-05-01 -
2024-07-30		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.sc.omtrdc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-07 -
2025-03-09		 a year crt.sh
lm.serving-sys.com
Amazon RSA 2048 M02		 2023-12-18 -
2025-01-16		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
logx.optimizely.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-15 -
2024-11-10		 6 months crt.sh
*.google.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
metrics.heraldsun.com.au
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-19 -
2024-07-19		 a year crt.sh
*.eu-3-id5-sync.com
R3		 2024-05-01 -
2024-07-30		 3 months crt.sh
*.eu-4-id5-sync.com
R3		 2024-05-01 -
2024-07-30		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-25 -
2024-07-19		 3 months crt.sh
edge.adobedc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-21 -
2024-11-20		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2024-05-26 -
2025-06-24		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
prod.tahoe-analytics.publishers.advertising.a2z.com
Amazon RSA 2048 M02		 2024-01-22 -
2025-02-20		 a year crt.sh
au.audience.newscgp.com
Amazon RSA 2048 M02		 2024-02-27 -
2025-03-26		 a year crt.sh

This page contains 39 frames:

Primary Page: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Frame ID: DAD579074EB16267CA8208E8BEBAC012
Requests: 224 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2Fwww.heraldsun.com.au
Frame ID: A7CFBB6E27EF22038138F742116FEBAD
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ieCgX_3JV3Hf1Rzh0iYYz.6fHK.a2hvq&nonce=EJ2t_njDJN0iYncA9izaa093xgrTxm92&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNC4xIn0%3D
Frame ID: 3C4C89B986D481D77FC51A8E1ABCD7E9
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1718305442654&publicationId=heraldsun.com.au
Frame ID: A4AF8ECAF0B7CFD4735031C1E310111A
Requests: 1 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: 12EA17CCBE3E8447B9587C39F2136232
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 82A70EF0AAF863EA40E0E3EDE21F8B63
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 63EB3306DAA57D6FC999D18826CC84B0
Requests: 1 HTTP requests in this frame

Frame: https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Frame ID: E0FBF7877943AF2D48D5358BD8B47A9C
Requests: 1 HTTP requests in this frame

Frame: https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Frame ID: 83A3DCFABAB93C71A84F3A4B925C3291
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Frame ID: F8C369BDC9686B69B9213A4ED3673D7F
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: A6248D9063DF309BFFBBCE1E8CF51943
Requests: 1 HTTP requests in this frame

Frame: https://s.pinimg.com/ct/core.js
Frame ID: 69912920D10868055A559E5F0F5C70C9
Requests: 6 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 9AC0167A1869F897E00266C7EB1AE806
Requests: 1 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNrz8cyi2YYDFXABgwMdVo4PyQ;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8191521361507.595
Frame ID: A45ACF93E3E13B59FE84101AC4B23CB2
Requests: 1 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CKH08cyi2YYDFVMBgwMdNWgIPA;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=216126520231.71198
Frame ID: E0586A9C770A3FF43BCA2752E767D28E
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/px?id=1274268&seg=22404526&t=1
Frame ID: B433587F0F05663210FFF02125FEB1C3
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: E943C68458E67C3FD97EDEF783B63C84
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 8EBE095FBF29304AA5A4835C33D4B57A
Requests: 4 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 738E3718042BAEF9E04EFB1717BF2CD2
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 5464972D0C6503ED595730512351D440
Requests: 3 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPf08cyi2YYDFSgEgwMdCf4PTw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8668470149833.207
Frame ID: 13BF2B522B87E22E169DCA2461B7C3AD
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 225A26BD95ECBDE4D64C3C71C25DAEDF
Requests: 4 HTTP requests in this frame

Frame: https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=480683056877782366
Frame ID: 09E822C6B7B9D62BDC8B7F0E8FB7AC28
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 96901812E9B7DC243F217C5DC356DDB7
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 713B2D5226CCE5D6F7652D719E8740F2
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&upid=trk7f24&upv=1.1.0
Frame ID: F786F8A8DEEC76E915557647EBDFE3CB
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&upid=ekg5qxt&upv=1.1.0
Frame ID: F08E2764FE2F95B0AA652E84C7BA84F9
Requests: 1 HTTP requests in this frame

Frame: https://b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 44D54775F6A82A16DE24DCC5A763E834
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Frame ID: 6D32478B5A50FEF21456961C1C860175
Requests: 1 HTTP requests in this frame

Frame: https://b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0320B9C8A0BD5669562FBBDBB84877E1
Requests: 1 HTTP requests in this frame

Frame: https://b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 29E5AB89032E4B4AA473E7C65B08B96B
Requests: 1 HTTP requests in this frame

Frame: https://b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 068C15AFFA84AEDF6B8D3FE5507374DB
Requests: 1 HTTP requests in this frame

Frame: https://b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F51650BBCA247AF32177996A1AA15828
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 74384BE926A8CD44BDF93EDB336A6D2A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F42B638596AA349596221D0CAE6B49E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4A95EF8CECFACA2C291D3880A9272E78
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 64069CBDE65905FD4C549B2F162C52F7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 56AAB4359A9E724AB2A3FE88C0482B27
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: 4B0AD62A572191D36673C551BA995747
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

North west | Leader Newspapers North West Melbourne | Local Community News VIC | Moreland Leader | Hume Leader | Sunbury Leader | Moonee Valley | Herald Sun

Page URL History Show full URLs

  1. http://www.mooneevalleyleader.com.au// HTTP 307
    https://www.mooneevalleyleader.com.au// HTTP 301
    http://www.heraldsun.com.au/leader/north-west HTTP 307
    https://www.heraldsun.com.au/leader/north-west HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fn... HTTP 302
    https://www.heraldsun.com.au/leader/north-west HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2flead... HTTP 302
    https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

278
Requests

95 %
HTTPS

0 %
IPv6

73
Domains

130
Subdomains

114
IPs

10
Countries

2676 kB
Transfer

8051 kB
Size

228
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.mooneevalleyleader.com.au// HTTP 307
    https://www.mooneevalleyleader.com.au// HTTP 301
    http://www.heraldsun.com.au/leader/north-west HTTP 307
    https://www.heraldsun.com.au/leader/north-west HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fnorth-west HTTP 302
    https://www.heraldsun.com.au/leader/north-west HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fnorth-west&1718305441295853496 HTTP 302
    https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 174
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Request Chain 184
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8191521361507.595 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CNrz8cyi2YYDFXABgwMdVo4PyQ;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8191521361507.595
Request Chain 185
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=216126520231.71198 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CKH08cyi2YYDFVMBgwMdNWgIPA;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=216126520231.71198
Request Chain 191
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8668470149833.207 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPf08cyi2YYDFSgEgwMdCf4PTw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8668470149833.207
Request Chain 193
  • https://secure.adnxs.com/px?id=1297269&seg=22449553&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu1%3D%pu1=!;%26pixel_id%3D1297269%26uid%3D%24%7BUID%7D&t=2 HTTP 302
  • https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=480683056877782366
Request Chain 198
  • https://cm.everesttech.net/cm/dd?d_uuid=53552909378094550800262310694896877888 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZmtCpAAAAKFTjwM5
Request Chain 250
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=29D56305099048F0ACA0E34AACDEC778&RedC=c.clarity.ms&MXFR=1169A8E48B426B2D3730BC798F426580 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=29D56305099048F0ACA0E34AACDEC778&MUID=052D396E788667B825BC2DF379166652
Request Chain 270
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_e5835b89-e117-4700-9525-aa1229b95eaa&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=a_e5835b89-e117-4700-9525-aa1229b95eaa&s=2&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=ElVam-CgqUL2B4YzWzrZ&gdpr=0
Request Chain 271
  • https://id5-sync.com/s/441/9.gif?puid=a_e5835b89-e117-4700-9525-aa1229b95eaa&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F8%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/112/8/2.gif?puid=95D640555F12AC6A&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=7c05a3c1-844f-4343-be53-b74b301b2737&ttl=%%TTL%% HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/6/4.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/2/6/4.gif?puid=480683056877782366&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/5/5.gif?puid=656a6644-9248-4406-8d24-f89b9637f0e9&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F10%2F4%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/441/10/4/6.gif?puid=2528855460320867227&gdpr=0&gdpr_consent= HTTP 302
  • https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=11a254c4ef02180&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/822.gif?puid=AQAKre3QYYKnhQJTrvsPAQEBAQEBAQCRE_1qdgEBAJET_Wp2&expiration=1718391850&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F821%2F2%2F8.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 307
  • https://id5-sync.com/c/441/821/2/8.gif?puid=9d13a434-d0b3-462b-9d80-637c17dcbc96&gdpr=0&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESENQWLJt1p9S-uz4Upp5W3pw&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENQWLJt1p9S-uz4Upp5W3pw&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033
Request Chain 272
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=480683056877782366
Request Chain 273
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_e5835b89-e117-4700-9525-aa1229b95eaa&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_e5835b89-e117-4700-9525-aa1229b95eaa&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=b5871f59-6457-4dab-8b0d-6be88bc28910 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=b5871f59-6457-4dab-8b0d-6be88bc28910 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8d8c1b78-b15e-4aa4-8a8d-3413670eb14d&user_group=1&ssp=gumgum2&bsw_param=b5871f59-6457-4dab-8b0d-6be88bc28910

278 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request north-west
www.heraldsun.com.au/leader/
Redirect Chain
  • http://www.mooneevalleyleader.com.au//
  • https://www.mooneevalleyleader.com.au//
  • http://www.heraldsun.com.au/leader/north-west
  • https://www.heraldsun.com.au/leader/north-west
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fnorth-west
  • https://www.heraldsun.com.au/leader/north-west
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fnorth-west&1718305441295853496
  • https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
264 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
d516f64867936fce8631e3fcab05a99587bf1deec98607473942d583da92a813
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Thu, 13 Jun 2024 19:04:01 GMT
expires
Thu, 13 Jun 2024 19:04:01 GMT
host-header
a9130478a60e5f9135f765b23f26593b
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 270384 0 pmb=mTOE,2
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fnorth-west%3fnk%3d9f9cfe3ae3c420d5ae9b73204876732c-1718305441&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=9f9cfe3ae3c420d5ae9b73204876732c
x-content-type-options
nosniff
x-pathqs
TRUE
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
syd3 123 243 443
x-xss-protection
1

Redirect headers

cache-control
max-age=0, no-cache
content-length
154
content-type
text/html
date
Thu, 13 Jun 2024 19:04:01 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1692680720.184261"
expires
Thu, 13 Jun 2024 19:04:01 GMT
location
https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
pragma
no-cache
server
AkamaiGHost
vary
Accept-Encoding
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.72 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-72.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:01 GMT
last-modified
Thu, 09 Mar 2023 05:34:59 GMT
server
AmazonS3
x-amz-request-id
4D1GJEGT1GCV0Y5Q
etag
"c4ced7adf03d84494a6c1da275896d38"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=290519
accept-ranges
bytes
content-length
11472
x-amz-id-2
wh9KebbyRj+d142y6tc21p5N8dWqVI/mnkEOS3Nwey+jIgd6KJX2pmQ6oREneLwnX6WcrkmhkgQ=
expires
Mon, 17 Jun 2024 03:46:00 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.72 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-72.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:01 GMT
last-modified
Thu, 09 Mar 2023 05:35:46 GMT
server
AmazonS3
x-amz-request-id
1Q5F0NCFGRNN1BTF
etag
"ad24be3fafec705de20c00e56afe05ae"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=426810
accept-ranges
bytes
content-length
12052
x-amz-id-2
SDXHYbYN+u6ZH+AlsWcwU4O5dD4wD/aXkAVnJrVgnSyXTd4JQWGAbvUhccov1qyNu4GImKo+LG4=
expires
Tue, 18 Jun 2024 17:37:31 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.72 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-72.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
date
Thu, 13 Jun 2024 19:04:01 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
F7E2190ABEAFEACB
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=332138
accept-ranges
bytes
content-length
12440
x-amz-id-2
3wulICxh/KLwsczwJ5Fw4CNIu9UOxfPR6nLjFm3iqdm1Wh/TT35AXwT7xymgYwZPwRjSC6kR16E=
expires
Mon, 17 Jun 2024 15:19:39 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.72 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-72.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
date
Thu, 13 Jun 2024 19:04:01 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
CD6AACE1C37E02E4
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=147421
accept-ranges
bytes
content-length
11372
x-amz-id-2
B6yUAZV76p9iKhlDfZ6cX1MgEb+Xny7j/C6NlGNMpuXXyIkj1UOiJH9GdXPTewBvFTjuwQTSRos=
expires
Sat, 15 Jun 2024 12:01:02 GMT
lux.js
cdn.speedcurve.com/js/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
22ecd1f215d5f0de2519192fc103cd507c676366ac23924cf9bd7d1252477670

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
5
date
Thu, 13 Jun 2024 19:04:01 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
171
x-cache
HIT
content-length
8504
x-served-by
cache-syd10147-SYD
last-modified
Thu, 13 Jun 2024 19:01:10 GMT
server
Apache
x-timer
S1718305442.938611,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Jun 2024 19:01:10 GMT
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
db66bcc0be3d8c0ebef24695348e506fc4e08e1da99455465f097bd34f9a7424
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:01 GMT
last-modified
Tue, 11 Jun 2024 04:12:17 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"6667cea1-a67"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2366028
accept-ranges
bytes
content-length
1098
expires
Thu, 11 Jul 2024 04:17:49 GMT
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e4d91306b7a0d556e8333a647a2069cdfaa281567fc9919b804e6678f78e4a7d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:01 GMT
last-modified
Tue, 11 Jun 2024 04:12:17 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"6667cea1-1c2e"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2365981
accept-ranges
bytes
content-length
2847
expires
Thu, 11 Jul 2024 04:17:02 GMT
css-metro-desktop-critical-index.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		233 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=a7PKWmzhHsJ9FwccbBCMYrsfkRw=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
03ea55b1a6f1ee0d3329b1d40485055d8ce19e294dd9f34ca4144b8953de2ce4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:01 GMT
last-modified
Thu, 13 Jun 2024 04:01:40 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"666a6f24-3a492"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2538244
accept-ranges
bytes
content-length
32942
expires
Sat, 13 Jul 2024 04:08:05 GMT
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/indies-breaking-news/assets/ 		2 KB
915 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/indies-breaking-news/assets/style.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.72 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-72.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2e5ae2206d0d20bab9706afc6abf0e2e8b85b5a2661d6c58bca7756accc3bd5a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
xeO5zZcWOzuzU1HBretQNQCxJL3ofY1a
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:01 GMT
x-amz-request-id
RH2X65HV6TY4047M
x-amz-server-side-encryption
AES256
content-length
548
x-amz-id-2
k/RMUTRaIO6PnfJPQAdeMQT7oORP0qnkodn1Q6+YRdaentZlsRKaR7Wq+5XOPWN7VfPWTIvdtOY=
last-modified
Wed, 12 Jun 2024 23:48:47 GMT
server
AmazonS3
etag
"4aa1e1ee66ef2540c815dc70a3efaaff"
x-i
true
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=999
accept-ranges
bytes
expires
Thu, 13 Jun 2024 19:20:40 GMT
93e612
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/93e612
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
15761d5a77528d07c241c956bd34b2bf6abda40e3453e4865d5d1c69c148a139
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-pathqs
TRUE
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
x-arrrg4
https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
content-length
8772
pragma
no-cache
last-modified
Thu, 22 Feb 2024 19:44:49 GMT
blaizehappened
true
etag
"1ac1f8861adc01e2c7334b284e51e99f07d398d17eed83434324e8483744a747"
stored-attribute-sha-checksum
15761d5a77528d07c241c956bd34b2bf6abda40e3453e4865d5d1c69c148a139
vary
User-Agent
content-type
application/javascript
cache-control
max-age=21600
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f93e612&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=9f9cfe3ae3c420d5ae9b73204876732c
expires
Thu, 13 Jun 2024 19:04:01 GMT
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		83 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
aeefdb59a530585244dd2afbbaec040f62d5e5de3789294c478c2d6e9bb647ea
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:01 GMT
last-modified
Mon, 06 May 2024 07:32:24 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"66388788-14d87"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2317635
accept-ranges
bytes
content-length
33871
expires
Wed, 10 Jul 2024 14:51:16 GMT
rea-logo-grey.png
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/rea-logo-grey.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.168.128 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 19:04:02 GMT
x-amz-version-id
dKOPaz9thY.HOlUhOOqUMNe1euXfQloR
Last-Modified
Thu, 09 Sep 2021 21:19:11 GMT
Server
AmazonS3
x-amz-request-id
Y29RCHGDDKGZHKH6
ETag
"731035d55715734eff2f2a0f9afb31e7"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
28648
x-amz-id-2
A2/sPkGlyE/VTG+8aujOCCDS/UyxpMvIVlvLrrLUBV2z1N/74Rh5nv8mcOMft6SAMnUfDMx+4jAsLYIt4B7XzQ==
adblock.js
tags.news.com.au/prod/adblock/ 		373 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.230 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-230.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
098b88031b6ca6e865ad2eeb940a03ae7e97e2ff13d0df5342212793d38ff2ce

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
application/x-javascript
date
Thu, 13 Jun 2024 19:04:01 GMT
cache-control
max-age=28543
server
AkamaiNetStorage
etag
"b9eb5ad06e289c674deb4a59a9e34a7a:1715126295.425206"
content-length
373
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css?ck=a7PKWmzhHsJ9FwccbBCMYrsfkRw=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:01 GMT
last-modified
Wed, 12 Jun 2024 01:27:26 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"6668f97e-2b9a"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2538014
accept-ranges
bytes
content-length
1513
expires
Sat, 13 Jul 2024 04:04:15 GMT
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css?ck=a7PKWmzhHsJ9FwccbBCMYrsfkRw=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:01 GMT
last-modified
Wed, 12 Jun 2024 01:27:24 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"6668f97c-84b3"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2538102
accept-ranges
bytes
content-length
6839
expires
Sat, 13 Jul 2024 04:05:43 GMT
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css?ck=a7PKWmzhHsJ9FwccbBCMYrsfkRw=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:01 GMT
last-modified
Thu, 13 Jun 2024 04:01:38 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"666a6f22-c14"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2538216
accept-ranges
bytes
content-length
956
expires
Sat, 13 Jul 2024 04:07:37 GMT
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62dac2fb8b9189d4bdbc92af26170df4f76405dd2cddf7d1246cf0d451ff07d8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
br
via
1.1 google
strict-transport-security
max-age=15724800; preload
cf-cache-status
MISS
x-buildnumber
1325657617
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-asia-east1
etag
"1e3a1e5be4eb43f79fa934ef2e17eaf482a9af7eaf811f083cdaab24d7f0bca2"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-571s
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
cf-ray
893458153ea27e43-SYD
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=a7PKWmzhHsJ9FwccbBCMYrsfkRw=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.72 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-72.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
gzip
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
8F5B11CD8D3A4977
etag
"4d7595f832e4962b83a9428c3723233b"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=63297
accept-ranges
bytes
content-length
347
x-amz-id-2
6ddXKtEJacAvBrwemXv61pD/oScGsRkggfXFODIJUMkBKz+RudJ2yLMaT9j7ZL/h9v5DvtzjzDM=
expires
Fri, 14 Jun 2024 12:38:59 GMT
ktv-icon.jpg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ktv-icon.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=a7PKWmzhHsJ9FwccbBCMYrsfkRw=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.72 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-72.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fdba8926b943ef611fc6efc98f34bf6b946006bca29a6ca711c03f94e9b770ba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Thu, 09 Nov 2023 00:18:01 GMT
server
AmazonS3
x-amz-request-id
Z4MCCJZF15R9B5PP
etag
"481ac438f263d8b4ef0b66cb4ae1364c"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=349080
accept-ranges
bytes
content-length
1051
x-amz-id-2
nCWppB/Mxflt6eA82naOaTUuThfVv8dduJjYXRjIafBhqrl+FAsfFHYC++GNS2P259Kdvkf6gOM=
expires
Mon, 17 Jun 2024 20:02:02 GMT
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=a7PKWmzhHsJ9FwccbBCMYrsfkRw=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.72 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-72.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
gzip
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
FX1R9SFR5N9N9ZDW
etag
"b0f5ec7455ded53e84de4fee006a5110"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=208905
accept-ranges
bytes
content-length
342
x-amz-id-2
Rc+4Hg4S2NcN2AmaJ2UPNJf4W+eylW29KzidSVFjowTh+8vQAYCPITkaXtNd1YmuEzxcu9GTWIk=
expires
Sun, 16 Jun 2024 05:05:47 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=a7PKWmzhHsJ9FwccbBCMYrsfkRw=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.72 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-72.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
GYK4RND10PJ15EKJ
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=298422
accept-ranges
bytes
content-length
284
x-amz-id-2
mJYT9HtMl1jNV0SyX07+ufJZB2GX6CyoULs6Q6F2dem4V+EdVKpAgR3vf6nT2iUSYuk7CHsw0pQ=
expires
Mon, 17 Jun 2024 05:57:44 GMT
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=a7PKWmzhHsJ9FwccbBCMYrsfkRw=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.72 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-72.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
DEC5E6991FC87873
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=588407
accept-ranges
bytes
content-length
16112
x-amz-id-2
I4EOgf8UNxJpTpxCDvjtoRqS6y42kzE0HgxlcbTO8EEeBC/kdEaCvu4EC5897acHoSNVdzNnJDQ=
expires
Thu, 20 Jun 2024 14:30:49 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=a7PKWmzhHsJ9FwccbBCMYrsfkRw=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.72 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-72.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
BRCPFV1GAK9GFP4G
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=216611
accept-ranges
bytes
content-length
15948
x-amz-id-2
KT/DETvUoWmzDhEjGrCSBnoi4kjq4UYZY3mph8qHfzI57OHA/q5I3TIVa7bjqs/H76pW8xwNE0w=
expires
Sun, 16 Jun 2024 07:14:13 GMT
ca3ba83e3b4b2d915efeb21e5f39a8ed
content.api.news/v3/images/bin/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ca3ba83e3b4b2d915efeb21e5f39a8ed?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2948ad43dceb85a6e0a79fa9f071822e53aa3ddabc58b96aaee8817b13d5f2c5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Thu, 13 Jun 2024 07:18:19 GMT
server
Akamai Image Manager
etag
02ff8ff60d683c579180babd3e80e513-ca3ba83e3b4b2d915efeb21e5f39a8ed-150
edge-cache-tag
ca3ba83e3b4b2d915efeb21e5f39a8ed
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5141599
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
8040
expires
Mon, 12 Aug 2024 07:17:21 GMT
dd4a4773b3cb31c027f8185efbfcf4fe
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/dd4a4773b3cb31c027f8185efbfcf4fe?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8c2488b897e28a890a67498f78e07766b9c3b732d0f22905e627d609fae53c5c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Thu, 13 Jun 2024 05:05:08 GMT
server
Akamai Image Manager
etag
9638a5377a5fdaf9a26b0702b9848949-dd4a4773b3cb31c027f8185efbfcf4fe-150
edge-cache-tag
dd4a4773b3cb31c027f8185efbfcf4fe
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5133562
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4692
expires
Mon, 12 Aug 2024 05:03:24 GMT
d5a6527a810f1a3444c3f5db424d7b58
content.api.news/v3/images/bin/ 		0
0
e84b0f9f3e101e78f4816fe25fe07d1d
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e84b0f9f3e101e78f4816fe25fe07d1d?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
29279c222731bb549d6e0b9049e640dadc019d9fa434cafe431c2048995a2d78

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Wed, 12 Jun 2024 19:04:35 GMT
server
Akamai Image Manager
x-serial
965
etag
25eed3edd47b096219d2c007d16b3cf4-e84b0f9f3e101e78f4816fe25fe07d1d-150
edge-cache-tag
e84b0f9f3e101e78f4816fe25fe07d1d
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5097640
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4238
expires
Sun, 11 Aug 2024 19:04:42 GMT
de993f34b630c1730d3ea3669b5f3c21
content.api.news/v3/images/bin/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/de993f34b630c1730d3ea3669b5f3c21?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
18d1731dbb83e45e4763bb78d580a5fffe3baceba82725e9aff0429a0824c60e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Wed, 12 Jun 2024 08:29:04 GMT
server
Akamai Image Manager
x-serial
242
etag
16ceea3a52039ea4a7ea7d97671bcd47-de993f34b630c1730d3ea3669b5f3c21-150
edge-cache-tag
de993f34b630c1730d3ea3669b5f3c21
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5059470
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
1994
expires
Sun, 11 Aug 2024 08:28:32 GMT
e4430cd73f8e2e8041aa92c637962ba6
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e4430cd73f8e2e8041aa92c637962ba6?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
75fc996d067b9bc4fd03d789c40fd0fae24111a151bc7f917fc72c33e7bb2e09

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Tue, 11 Jun 2024 07:07:34 GMT
server
Akamai Image Manager
etag
197dcf952742493a241afb0b9b1f1b19-e4430cd73f8e2e8041aa92c637962ba6-150
edge-cache-tag
e4430cd73f8e2e8041aa92c637962ba6
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4968218
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4042
expires
Sat, 10 Aug 2024 07:07:40 GMT
f88ffdf795bf9a601f203f828a656eaf
content.api.news/v3/images/bin/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f88ffdf795bf9a601f203f828a656eaf?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
9c9681d8f41104acbaf00c730c16f060ddd798f97cfcbba631fe1781cccfdbc9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Tue, 11 Jun 2024 06:45:08 GMT
server
Akamai Image Manager
etag
8fe0757a39d84bc4fa2ba67c58501742-f88ffdf795bf9a601f203f828a656eaf-150
edge-cache-tag
f88ffdf795bf9a601f203f828a656eaf
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4966838
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
2692
expires
Sat, 10 Aug 2024 06:44:40 GMT
f4b413c859a0958354959c1f9df09d3f
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f4b413c859a0958354959c1f9df09d3f?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e90a2bf79625a2edcc926bece790049ab84d97d88859242c3c2e31811e6c6e34

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Tue, 11 Jun 2024 06:26:40 GMT
server
Akamai Image Manager
etag
078af9791ffb2215327423c2377b5673-f4b413c859a0958354959c1f9df09d3f-150
edge-cache-tag
f4b413c859a0958354959c1f9df09d3f
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4965816
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3486
expires
Sat, 10 Aug 2024 06:27:38 GMT
f9498b27979fd261928bfc32298c387e
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f9498b27979fd261928bfc32298c387e?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
86a42998901a959efd223ee932d392efb17b8ad862b2439bd30267bb9fc1612e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Tue, 11 Jun 2024 02:31:03 GMT
server
Akamai Image Manager
etag
8d77b74e18f36610122e512b01ac8b47-f9498b27979fd261928bfc32298c387e-150
edge-cache-tag
f9498b27979fd261928bfc32298c387e
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4951580
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3516
expires
Sat, 10 Aug 2024 02:30:22 GMT
a7cfe1e21e3c6afb30ca90b9ca27ef4c
content.api.news/v3/images/bin/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/a7cfe1e21e3c6afb30ca90b9ca27ef4c?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
08df926745e994c19e450275e35cd08beeeee563db4aa6d83f8d3ae8c3e9eb75

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Wed, 12 Jun 2024 19:04:57 GMT
server
Akamai Image Manager
x-serial
983
etag
b70fa3af270a36d0c98bb8ee45d7b635-a7cfe1e21e3c6afb30ca90b9ca27ef4c-150
edge-cache-tag
a7cfe1e21e3c6afb30ca90b9ca27ef4c
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5097690
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
6884
expires
Sun, 11 Aug 2024 19:05:32 GMT
c9a2f6bcd20266fa8ca215fd117099f7
content.api.news/v3/images/bin/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c9a2f6bcd20266fa8ca215fd117099f7?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ee3a0d5fdb112ed694c74932552ca126e2ae56fe0d2260a757af6e2c0fcc698d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Mon, 06 May 2024 19:00:55 GMT
server
Akamai Image Manager
etag
3155248b8e2f053c8d4fb199583a3ef7-c9a2f6bcd20266fa8ca215fd117099f7-150
edge-cache-tag
c9a2f6bcd20266fa8ca215fd117099f7
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4517982
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
7528
expires
Mon, 05 Aug 2024 02:03:44 GMT
819c9dd3ec84174b3432f206b413f0bd
content.api.news/v3/images/bin/ 		0
0
ed015552d48639615ed18f371ddf8e35
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ed015552d48639615ed18f371ddf8e35?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
91b4ae56883f1dd4b65f2af46126d91e2fcaf4d40c4b4a3ed260bea709853b42

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Sat, 20 Apr 2024 23:01:56 GMT
server
Akamai Image Manager
etag
5f520b72ff28dc8695dbeae2984705a2-ed015552d48639615ed18f371ddf8e35-150
edge-cache-tag
ed015552d48639615ed18f371ddf8e35
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=3565772
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4355
expires
Thu, 25 Jul 2024 01:33:34 GMT
ca3ba83e3b4b2d915efeb21e5f39a8ed
content.api.news/v3/images/bin/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ca3ba83e3b4b2d915efeb21e5f39a8ed?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d40a10dc1eb2243e89f9ff06e223cc9aaf40f4ee8ca9d4ec941828b57d2482c1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Thu, 13 Jun 2024 07:16:42 GMT
server
Akamai Image Manager
x-serial
801
etag
02ff8ff60d683c579180babd3e80e513-ca3ba83e3b4b2d915efeb21e5f39a8ed-650
edge-cache-tag
ca3ba83e3b4b2d915efeb21e5f39a8ed
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5141586
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
52912
expires
Mon, 12 Aug 2024 07:17:08 GMT
dd4a4773b3cb31c027f8185efbfcf4fe
content.api.news/v3/images/bin/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/dd4a4773b3cb31c027f8185efbfcf4fe?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4c2ba99ad05b8b647c05705d6496b1a802131ddc73f2e5224ea925f5bfe275f0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Thu, 13 Jun 2024 05:04:56 GMT
server
Akamai Image Manager
etag
9638a5377a5fdaf9a26b0702b9848949-dd4a4773b3cb31c027f8185efbfcf4fe-320
edge-cache-tag
dd4a4773b3cb31c027f8185efbfcf4fe
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5133565
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
16408
expires
Mon, 12 Aug 2024 05:03:27 GMT
d5a6527a810f1a3444c3f5db424d7b58
content.api.news/v3/images/bin/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/d5a6527a810f1a3444c3f5db424d7b58?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
66c07992edbce7a255b33616e07222d417c0c4156d5aaaa81f858954a92a355e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Thu, 13 Jun 2024 02:47:25 GMT
server
Akamai Image Manager
x-serial
635
etag
4e13727719bb83a356e40dd9bc38cc88-d5a6527a810f1a3444c3f5db424d7b58-320
edge-cache-tag
d5a6527a810f1a3444c3f5db424d7b58
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5125347
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
12235
expires
Mon, 12 Aug 2024 02:46:29 GMT
e84b0f9f3e101e78f4816fe25fe07d1d
content.api.news/v3/images/bin/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e84b0f9f3e101e78f4816fe25fe07d1d?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
07310e6436039e6362113ff07e5e43b8832c3e2395c075214051b384fda26d10

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Wed, 12 Jun 2024 19:03:12 GMT
server
Akamai Image Manager
x-serial
288
etag
25eed3edd47b096219d2c007d16b3cf4-e84b0f9f3e101e78f4816fe25fe07d1d-320
edge-cache-tag
e84b0f9f3e101e78f4816fe25fe07d1d
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5097517
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
12012
expires
Sun, 11 Aug 2024 19:02:39 GMT
de993f34b630c1730d3ea3669b5f3c21
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/de993f34b630c1730d3ea3669b5f3c21?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7edd07ea8c3cd6fc14431d7072ce4901e8127cc022d203e21e4624ae349c55b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Wed, 12 Jun 2024 08:29:09 GMT
server
Akamai Image Manager
x-serial
551
etag
16ceea3a52039ea4a7ea7d97671bcd47-de993f34b630c1730d3ea3669b5f3c21-650
edge-cache-tag
de993f34b630c1730d3ea3669b5f3c21
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5059332
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3476
expires
Sun, 11 Aug 2024 08:26:14 GMT
e4430cd73f8e2e8041aa92c637962ba6
content.api.news/v3/images/bin/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e4430cd73f8e2e8041aa92c637962ba6?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f0610670f531c2abc80b33bfda4a7874fa00ab23ba213f3a7910f52e16594df2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Tue, 11 Jun 2024 07:11:29 GMT
server
Akamai Image Manager
x-serial
284
etag
197dcf952742493a241afb0b9b1f1b19-e4430cd73f8e2e8041aa92c637962ba6-650
edge-cache-tag
e4430cd73f8e2e8041aa92c637962ba6
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4968327
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
34048
expires
Sat, 10 Aug 2024 07:09:29 GMT
f88ffdf795bf9a601f203f828a656eaf
content.api.news/v3/images/bin/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f88ffdf795bf9a601f203f828a656eaf?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
97011c31b9b5b44ae9f929233aad0c8af990d596f933e378bc093e652abef155

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Tue, 11 Jun 2024 06:30:52 GMT
server
Akamai Image Manager
etag
8fe0757a39d84bc4fa2ba67c58501742-f88ffdf795bf9a601f203f828a656eaf-320
edge-cache-tag
f88ffdf795bf9a601f203f828a656eaf
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4966034
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
10345
expires
Sat, 10 Aug 2024 06:31:16 GMT
f4b413c859a0958354959c1f9df09d3f
content.api.news/v3/images/bin/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f4b413c859a0958354959c1f9df09d3f?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
3d289f4f6b65293c9d005eb006089a6e72c60debe51698ccea87613df9ccf66e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Tue, 11 Jun 2024 06:33:50 GMT
server
Akamai Image Manager
x-serial
1066
etag
078af9791ffb2215327423c2377b5673-f4b413c859a0958354959c1f9df09d3f-320
edge-cache-tag
f4b413c859a0958354959c1f9df09d3f
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4966165
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
12851
expires
Sat, 10 Aug 2024 06:33:27 GMT
f9498b27979fd261928bfc32298c387e
content.api.news/v3/images/bin/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f9498b27979fd261928bfc32298c387e?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0550eb4adbc2bd19bab3c671c44db361ac514c29ae362561e0f6e91a20835b3f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Tue, 11 Jun 2024 02:30:24 GMT
server
Akamai Image Manager
x-serial
857
etag
8d77b74e18f36610122e512b01ac8b47-f9498b27979fd261928bfc32298c387e-320
edge-cache-tag
f9498b27979fd261928bfc32298c387e
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4951427
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
10485
expires
Sat, 10 Aug 2024 02:27:49 GMT
a7cfe1e21e3c6afb30ca90b9ca27ef4c
content.api.news/v3/images/bin/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/a7cfe1e21e3c6afb30ca90b9ca27ef4c?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
68cb02fda30a702c62c26c92e50d47cc2a729a086b0fa695d5ef3bcc71d9d4e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Wed, 12 Jun 2024 19:02:17 GMT
server
Akamai Image Manager
etag
b70fa3af270a36d0c98bb8ee45d7b635-a7cfe1e21e3c6afb30ca90b9ca27ef4c-320
edge-cache-tag
a7cfe1e21e3c6afb30ca90b9ca27ef4c
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5097413
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
25738
expires
Sun, 11 Aug 2024 19:00:55 GMT
c9a2f6bcd20266fa8ca215fd117099f7
content.api.news/v3/images/bin/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c9a2f6bcd20266fa8ca215fd117099f7?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a57e5869c88a460c3a1eb5beeefe8594f46e8f530a14b6d723d8ce940209b318

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Mon, 06 May 2024 19:01:36 GMT
server
Akamai Image Manager
x-serial
1233
etag
3155248b8e2f053c8d4fb199583a3ef7-c9a2f6bcd20266fa8ca215fd117099f7-320
edge-cache-tag
c9a2f6bcd20266fa8ca215fd117099f7
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4937127
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
27290
expires
Fri, 09 Aug 2024 22:29:29 GMT
819c9dd3ec84174b3432f206b413f0bd
content.api.news/v3/images/bin/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/819c9dd3ec84174b3432f206b413f0bd?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
41fc87b0864d1504d324cf594200d379083280ea9333ac0c41fd9b3a11e12f1d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Wed, 24 Apr 2024 22:00:33 GMT
server
Akamai Image Manager
etag
79921f9ec87b22ca7eec464ddec0d3fc-819c9dd3ec84174b3432f206b413f0bd-320
edge-cache-tag
819c9dd3ec84174b3432f206b413f0bd
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=3212529
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
13185
expires
Sat, 20 Jul 2024 23:26:11 GMT
ed015552d48639615ed18f371ddf8e35
content.api.news/v3/images/bin/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ed015552d48639615ed18f371ddf8e35?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
938821ff9c63082ff30895cfe872fb5e3ac8fed797db0ec4f41a08a1a83b2945

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Wed, 29 May 2024 01:34:58 GMT
server
Akamai Image Manager
x-serial
1925
etag
5f520b72ff28dc8695dbeae2984705a2-ed015552d48639615ed18f371ddf8e35-320
edge-cache-tag
ed015552d48639615ed18f371ddf8e35
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=3825102
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
16084
expires
Sun, 28 Jul 2024 01:35:44 GMT
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		1 B
974 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?ck=a7PKWmzhHsJ9FwccbBCMYrsfkRw=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/north-west
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 243 443
date
Thu, 13 Jun 2024 19:04:02 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
last-modified
Wed, 12 Jun 2024 01:27:26 GMT
server
nginx
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag
"6668f97e-1"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2538172
accept-ranges
bytes
content-length
1
expires
Sat, 13 Jul 2024 04:06:54 GMT
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		297 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6c3c03076ad818221def01363b401daf30656eb7e32179843f4d8653c01f227d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/north-west
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:02 GMT
server
AkamaiNetStorage
etag
"68cb0a6e258e0315da2c328dff184676:1713604418.727393"
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=571
expires
Thu, 13 Jun 2024 19:13:33 GMT
indies-loader.js
resourcesssl.newscdn.com.au/indies/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.72 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-72.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e8578396b1b92c9c86641ef39b7ee6f7c675d2f6fd2127cb3a1d7b518aa7eb6d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
._fGRqsQ9Nwtgi3Df5uJJy6E0ZEsHpC0
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:02 GMT
x-amz-request-id
ZSN3TNG74CTDFRWC
x-amz-server-side-encryption
AES256
content-length
2004
x-amz-id-2
3/VktaQWU+/sboAKjcoLOpDazOszbtUDUCsziRfx4ZKQ4gFUVkitwDU4PjzElddhZ/Uzar0tcMuFIxwjXbv9pQ==
last-modified
Wed, 24 Jan 2024 22:43:43 GMT
server
AmazonS3
etag
"2ce26f6c687180e8945961717dc388af"
x-i
true
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1512
accept-ranges
bytes
x-p
/indies/indies-loader.js
expires
Thu, 13 Jun 2024 19:29:14 GMT
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		95 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e62d4215000c609cb37a09aee086661e70b0726223049384ea35b159970578ac
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/north-west
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Mon, 03 Jun 2024 12:20:45 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"665db51d-17d85"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1704126
accept-ranges
bytes
content-length
26647
expires
Wed, 03 Jul 2024 12:26:08 GMT
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		0
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/north-west
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 243 443
date
Thu, 13 Jun 2024 19:04:02 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
last-modified
Mon, 03 Jun 2024 02:21:11 GMT
server
nginx
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag
"665d2897-0"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1704228
accept-ranges
bytes
content-length
0
expires
Wed, 03 Jul 2024 12:27:50 GMT
outbrain.js
widgets.outbrain.com/ 		245 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.39.62 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-39-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5289752ce792428483ca32d5bf922e4ab34d67411df8a2b5e89155c7b6f7f5d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:02 GMT
edge-cache-tag
widget-cheetah
x-traceid
3172844997957ddd38d943a9868ecc10
content-length
91044
last-modified
Wed, 05 Jun 2024 12:18:10 GMT
etag
"4f-WcoW3YctYCPSBwkRHkfbMhABfWs"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14500
access-control-allow-credentials
false
timing-allow-origin
*, *
access-control-request-headers
X-OB-STG,X-OB-PRD
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
topics.html
widgets.outbrain.com/nanoWidget/externals/topics/ Frame A7CF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.39.62 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-39-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=14400
content-length
667
content-type
text/html
date
Thu, 13 Jun 2024 19:04:02 GMT
etag
"a52151dbf5b2ca563e40ccca1ab8228c:1717595214.954123"
expires
Thu, 13 Jun 2024 23:04:02 GMT
last-modified
Wed, 05 Jun 2024 12:17:46 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.39.62 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-39-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 13 Jul 2024 19:04:02 GMT
date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
comments-count
mhr.talk.news.com.au/api/v1/ 		747 B
743 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=c6e5fed09c95f2d9969c1463acc5efed,eafd494ec26686c4dd8aea25387ad6b4,fa45cd53c1ffa40c90a766efef961883,4caef1974697fd50aebdd6208e267185,b816db6a04071669f9ab050d5b73dda9,1258ac3cedc6fcff9940e248e0a5a634,2ec89677896ee58847949a23a9f993c8,e2b9247a2b9c9dd5caf1efe44501d391,ef78d32aee73e39ea1f2ff2a7f99984f,41af11ed95265d02ea215fb783d79b44,13ad672eb4d8b3530140dd5c056dbca4,49b2ea679c9515f1bc2e3ef15b42780c,cf92d307fb11e9c715f35ecdb4c252eb,fa45cd53c1ffa40c90a766efef961883,c3f48998bf662158f4a96c0627fe27a6,24f3fbf96007215961b751a8c1ee1ce4,198c5962af1257f799ff9f62258e93ee,d414cc13a631b0a00c9a4d208944dead,721ecef55aede4ff3acb6c3eddf4513c,fa0db6de02ee8d2cf93784eca76244b7,a5208b635e7cf543ede69c5dfb68d937
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
bdd1aca384755cc0567af739bb0d064e5593012c2cb60828ef34c46857f94093
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Jun 2024 19:04:02 GMT
server
nginx/1.20.1
etag
W/"2eb-e+9QB4EyI1mOH2bumdRkMZe3Uug"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
b2776da0-29b7-11ef-8bff-1b67a42b13b4
content-length
437
x-xss-protection
1; mode=block
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0e147db4676ad509aafb8d0a56b2a364414419c79808e6ee3461a74b19b86e21
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/north-west
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-length
738
x-rq
syd3 123 242 443
server
nginx
allow
GET
vary
User-Agent
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
expires
Thu, 13 Jun 2024 19:05:02 GMT
authorize
login.newscorpaustralia.com/ Frame 3C4C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ieCgX_3JV3Hf1Rzh0iYYz.6fHK.a2hvq&nonce=EJ2t_njDJN0iYncA9izaa093xgrTxm92&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNC4xIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.99.189.198 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-189-198.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
89345815bad75509-SYD
content-encoding
gzip
content-length
933
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Thu, 13 Jun 2024 19:04:02 GMT
expires
Thu, 13 Jun 2024 19:04:02 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 537 0 pmb=mTOE,4
x-auth0-requestid
261b132aa23bc5c25d93
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1718305443
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-121.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7f9261566de1c9e35469441d0d5fad75180ce66a37cd7a02ac3a607b89f257b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
gDtXq80V5ZdPhT7qg8RsCcGwlwYzwfvG
content-encoding
br
via
1.1 18973cd357a68e16bd20873be51e8596.cloudfront.net (CloudFront)
date
Thu, 13 Jun 2024 19:01:51 GMT
last-modified
Tue, 11 Jun 2024 09:46:09 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
132
x-amz-server-side-encryption
AES256
etag
W/"a9bdeaa4e20b4eb27e890cff652b631d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
u8jXnGtQSJmKxT8E4_tJfjV5n3JPYBmas7DXnEImgQfed6a_1LVdkA==
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		103 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-121.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94f88ed2b636a66000b1a1f2480244e4641529f9e4303dd6497941d22dc525c8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
uiNgDoI7FAYbgWDYv42HFWrarrvQcrsB
content-encoding
br
via
1.1 18973cd357a68e16bd20873be51e8596.cloudfront.net (CloudFront)
date
Thu, 13 Jun 2024 19:01:08 GMT
last-modified
Tue, 11 Jun 2024 09:46:09 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
176
x-amz-server-side-encryption
AES256
etag
W/"6e4f3e8418bd2d44934cea935acd45cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
631RauvoLJ9SYVDr-khqGSqUrN0tT1bBOvwoAMmm_OyYPrC4i6qIdQ==
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		252 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
75cfff2f889e56a283381fe76a99ce4c4266d0853d60a72a28fe73704cfa5800
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/north-west
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Tue, 11 Jun 2024 04:12:17 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"6667cea1-3f0e9"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2365908
accept-ranges
bytes
content-length
65333
expires
Thu, 11 Jul 2024 04:15:50 GMT
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
67b9635b38d68a49ad3296f4157106c75441565293192bf1bd251dac723dc72f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/north-west
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Mon, 03 Jun 2024 02:21:11 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"665d2897-1fb6"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1704123
accept-ranges
bytes
content-length
3257
expires
Wed, 03 Jul 2024 12:26:05 GMT
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-110.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 f1635e40dd33e4abcdd79d3670805a7a.cloudfront.net (CloudFront)
date
Wed, 12 Jun 2024 19:27:12 GMT
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
age
85011
x-amz-server-side-encryption
AES256
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
7_3hiHQCjQU-NPIS2i0JbAWhpGnQyL_L_5rYIK34B7wn9Yr0VXV7lQ==
csp-reports
login.newscorpaustralia.com/ 		0
0
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/indies-breaking-news/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/indies-breaking-news/assets/main.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.72 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-72.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
94ccf9b12044666534ed3c190b46629b5b21e03d948f9663e9d7fe7b0b92f6ec

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
jivVgj9nPIJI4.nawGFSJCNtVuwi8CU.
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:02 GMT
x-amz-request-id
RH2TYGNNJJ3AEE9J
x-amz-server-side-encryption
AES256
content-length
1701
x-amz-id-2
IEUQWvKVy6QUl5pvUG1+7qWFuAxKQZefxTh/uptD4D/2bWDyJ2uTEu3lbwHTKrjhvpjdeAWM9FQ=
last-modified
Wed, 12 Jun 2024 23:48:46 GMT
server
AmazonS3
etag
"f8def2b04bbe0d713f7068ceddf09df0"
x-i
true
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=299
accept-ranges
bytes
expires
Thu, 13 Jun 2024 19:09:01 GMT
campaigns
resourcesssl.newscdn.com.au/indiestudio/api/public/ 		2 KB
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indiestudio/api/public/campaigns?userType=anonymous&pageType=index&site=heraldsun.com.au&section=/leader/north-west&device=desktop
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.72 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ed27a757d8722de804e7d1eeb03c104d6e30d4e0e9646fbffce003866f8b94b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
content-length
834
apigw-requestid
ZUdZdiYQywMEMPQ=
expires
Thu, 13 Jun 2024 19:04:02 GMT
campaigns
resourcesssl.newscdn.com.au/indiestudio/api/public/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indiestudio/api/public/campaigns?userType=anonymous&pageType=index&site=heraldsun.com.au&section=/leader/north-west&device=desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.72 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,x-amz-date,x-amz-security-token,x-amz-user-agent,x-amzn-trace-id,x-api-key
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
apigw-requestid
ZUdZahQvywMEMSw=
cache-control
max-age=1800
date
Thu, 13 Jun 2024 19:04:02 GMT
expires
Thu, 13 Jun 2024 19:34:02 GMT
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		295 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.99.189.198 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-189-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c34a591607f8416f5c97bfafc5f18d15868de7b201bc575f28a8aa483210132b
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
gzip
strict-transport-security
max-age=600
last-modified
Mon, 04 Mar 2024 04:51:28 GMT
x-amz-cf-pop
SYD62-P1
etag
"95baef25fd509464688925fb76473143"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=76
accept-ranges
bytes
x-amz-cf-id
27Y1GL8bo7qB346wXVZR4zPIFzPW_sQaA6iehVjAmC5-Oh64XsCRcg==
content-length
82222
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adspot_id=uizqxn_728x90_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 11:39:23 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 35e7912b77137b5fd670abbaffd598de.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
26680
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
gkPfmp0HO5-XOIfpDs3azQVv8lrTPIZKaI8uhStMyCRjt_3BQJxCFQ==
e9b6c63a76a83fa09a2f488f1f9218b4
client.api.news/collections/ 		337 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://client.api.news/collections/e9b6c63a76a83fa09a2f488f1f9218b4
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/indies-breaking-news/assets/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.143 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-143.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8a94a990f0af4a7a814dc009df3fbb1a4b14ca58d89b3dae0936b48646ebff68

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
gzip
x-origin
CAPI
x-amz-cf-pop
MEL52-P1
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
content-length
252
last-modified
Tue, 04 Jun 2024 11:07:44 GMT
server
AmazonS3
etag
"7499830b2cb74c1bf9087d11e2c4acea"
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=46
accept-ranges
bytes
x-amz-cf-id
SVJN-GH-VjnfkMKe4aN7I2SNtXCin2dDwceaLvoGHt8feQARX5z7Kw==
expires
Thu, 13 Jun 2024 19:04:48 GMT
swg.js
news.google.com/swg/js/v1/ 		209 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
381d41639eea25e32ca264e1a8934fac1eef57e2e0e5364b9c7073c31f10b5c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61348
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 20:20:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 19:08:45 GMT
pixel_93e612
www.heraldsun.com.au/akam/13/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_93e612
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/93e612
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/leader/north-west
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Thu, 13 Jun 2024 19:04:02 GMT
blaizehappened
true
x-pathqs
TRUE
vary
User-Agent
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_93e612&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=9f9cfe3ae3c420d5ae9b73204876732c
x-arrrg4
https://www.heraldsun.com.au/leader/north-west
content-length
0
20352597942.js
cdn.optimizely.com/js/ 		431 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/20352597942.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.204.181 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-204-181.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cec7c42dfaecacf48338aaa45367fe8133c3defdd3e57e6e8a0c2a60e24c1b1e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
m0Z.wIHM7Ti8opYttfBXBjaJN3atjyvb
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:03 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
8Y75M8J8FA1SRHDN
x-amz-server-side-encryption
AES256
x-amz-meta-revision
4628
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=14, origin; dur=229, cdn;desc="AkamaiION";dur=0,rtt;desc="14";dur=0,cdnip;desc="104.83.204.181";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1718305442933_389979181_173075434_24306_5011_14_18_146";dur=1
content-length
130130
x-amz-id-2
oKfGi9ZOilreGW+OZnmKhOMxIjqVNIPZsD1oesqEE35tTfuau6HyTEGjOe3YPBakVKCyEq0pp20=
last-modified
Thu, 13 Jun 2024 02:51:18 GMT
server
AmazonS3
etag
"ca19f2f188cd3c03015fab3325e394d5"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=0
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=17183054426050.7383045887491171
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.230 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-230.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
833
expires
Thu, 13 Jun 2024 19:04:02 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.230 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-230.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
application/x-javascript
date
Thu, 13 Jun 2024 19:04:02 GMT
cache-control
max-age=67267
server
AkamaiNetStorage
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
swg-button.css
news.google.com/swg/js/v1/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5195
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:19:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 19:16:56 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:16:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 19:06:04 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame A4AF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=1718305442654&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-xLlXODr2lpF17TJFoM_2tQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://payments.google.com https://payments.sandbox.google.com https://sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-xLlXODr2lpF17TJFoM_2tQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://payments.google.com https://payments.sandbox.google.com https://sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Thu, 13 Jun 2024 19:04:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/swg/_/SubscribewithgoogleClientUi/web-reports?context=eJzjStHikmII0pBicDa_xRT35xZT1OlHTE0rnzK1APG3Q8-YfgCxxNeXTGpA7JQ-gzUAiH3qZ7BGAXHrzXOsk4E46d951gIgbv98gXUqEC-JuMh6IPEiK-vTi6zsQCzEzbG4de1mNoEbD45YKBkl5RfGF5cmFScXZSallmeWZKTn56fnpCbnZKbmlRSnFpWlFsUbGRiZGJgZGuoZGMQXGAAA7_9Gmg"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
article
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/ 		456 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/article?locked=false
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
561ff627749f7abea8c650fea61169efb426ea12eafa23e86b35a29683d52b32
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
B7670439;dcadv=4149947;sz=1x2;ord=314020981118.4975
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=314020981118.4975?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.70 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f6.1e100.net
Software
cafe /
Resource Hash
58777cb0b85e2ac166949b87d113a684542e7ef5bb6c0d6b4295f3f5fcd61d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14857
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 13 Jun 2024 19:04:02 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9C90D333E5D54104BABC6AF134EDE44A Ref B: SYD03EDGE0916 Ref C: 2024-06-13T19:04:03Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
metrics.vendors.bundle.js
tags.news.com.au/prod/metrics/ 		155 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.230 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-230.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
695427dd1c627f38f177c2c15c74185f2130a6cb8390d86560714a6e31fa07bc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"8b9277f08e9a60d51169cd97923df3ed:1716945526.485363"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=61231
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.230 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-230.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
875e2dbb46ed3ac5de6ffb948be3670674574c75bf0c963ad68edb8832f06d44

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"fb68340e5f23d55e9dd6f9e882195c13:1695883768.293004"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=16267
content-length
9944
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Jun 2024 19:04:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=14, mss=1317, tbw=2779, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
MpJx20PrA0nkvFuObkTPMF1Ebf60F1rXyQnf+5uxn2X0NXfNOJVuDZBPzj4u0BY3KvxYxBcN4faXOcBTNfrr3w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-99.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 18:36:53 GMT
Content-Encoding
gzip
Via
1.1 900141041f08038f9452e4f1a092ecd2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SYD3-P1
Age
1630
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 May 2023 02:16:02 GMT
Server
AmazonS3
ETag
W/"d9de38d1900dec018a46f90cc70a48b7"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
X-Amz-Cf-Id
XC6xuNdk3YEHerYwuBZEPf8YMExMTly0NEDOEfSYXZzJMM62ksBecQ==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2024-06-13T19%3A04%3A02.714Z&country=au&newsconnectId=&fpid=9f9cfe3ae3c420d5ae9b73204876732c
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.131.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-131-107.compute-1.amazonaws.com
Software
/
Resource Hash
efd8e07b3a0b0bc85c0185b004ae6a7d6a85c4b8492a8ea983f6a81a2dedbc7d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2862
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dadc6ca0e3869997ce4d2f4f0870391b922900baad7ad28398e6b7eae5131f33
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
lF2BR1RdUHUe8DZh5WEH9SV8aYc623.y
content-encoding
gzip
via
1.1 varnish
date
Thu, 13 Jun 2024 19:04:02 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
W4Q8EA6RWEES7HF6
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
520
x-amz-id-2
DmmB3NEPgUAWMO+qq1Q9l183YxypB7pb502sPA9sVtglfoGgohQ9KqHCz8QV8BUAJnEk0KUwy3g=
x-served-by
cache-syd10156-SYD
last-modified
Wed, 15 May 2024 10:31:50 GMT
server
AmazonS3
x-timer
S1718305443.738499,VS0,VE0
etag
"173f0a39d2a91c5e1c89814ccd9db617"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
793608
id5-api.js
cdn.id5-sync.com/api/1.0/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e14e8f2ccd855240a903708f250499c1696fb13a5f76d9e7851af290922b4f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 13 Jun 2024 12:35:05 GMT
server
cloudflare
x-amz-request-id
JKGD1DDAVBJHM6CV
age
2276
etag
W/"37efcc7cc1c5ef52a27433bfc0e65e5e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8934581b4fee5741-SYD
x-amz-id-2
tsaxTo8T4fMXA0EHdNpQ7S68c0n0MfOw8FXd25h9Dp5EG2Y/JIz4mEOuEscqLVTgn7NnPt1sXM8=
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-11-47.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Fri, 04 Aug 2023 20:28:27 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
20617
expires
Thu, 13 Jun 2024 20:04:03 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.230 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-230.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b152261e1c57453fc67ef715778608859c6c09a2a50affc25d99e0bb0742380

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"f16222a57827e8a1a574ceb84af25834:1710904545.308704"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=8518
content-length
2291
tad.js
tags.news.com.au/prod/tad/ 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.230 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-230.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
50b50fc38a22a9e8489e151d1e6125217bb4f24a83746aa0e8d1cf34ae80abe7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"2cce2ddca5fafd461c6d5b93da8f7895:1718171812.599521"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=61266
content-length
37643
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
b2d51b6e2b65ea8713f9620a657f9578f3c04cb3afed5d6d8240f88d16b42c18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30969
x-xss-protection
0
server
cafe
etag
963 / 19887 / m202406100101 / config-hash: 7565594039163660619
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 13 Jun 2024 19:04:02 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		308 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-125.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89417b7e7e602e0e469946d8971f4a48d69e6511d2755b5933d95260f9771529

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:04:53 GMT
content-encoding
gzip
via
1.1 7bda591fa44b42ef6384ae955fdd5d7c.cloudfront.net (CloudFront), 1.1 e3b6a2cc8a3456f4a2dc3bfd506c4344.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jun 2024 21:55:25 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2, SYD62-P3
age
3549
x-amz-server-side-encryption
AES256
etag
W/"e80b397feb40163ad02c947203471e29"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
g-a_12_OYI0I-mPZi8cNmhYv5yxLYIP9tyw_DWgR_-hsqZd7RvAFuA==
prebid.js
tags.news.com.au/prod/prebid/ 		363 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.230 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-230.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c537d51233d2521f6b21b8b304fa129049f38c1c8ef9a3af5998f45deb3f5d3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"82c9cc7ea063583d7e2c82845a871d1e:1710384835.601223"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=30207
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		190 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-32.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c4317b85ce58155bd79c593334b5d1b79f6b23664a529820db132d5e695497fb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
tANxjlqzRHN.S2KFqQ55PqbFW8lNfW0h
content-encoding
gzip
via
1.1 ed90dc86686a84dd5c3571951738e746.cloudfront.net (CloudFront)
date
Thu, 13 Jun 2024 18:20:02 GMT
last-modified
Thu, 06 Jun 2024 07:19:43 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P3
age
2641
x-amz-server-side-encryption
AES256
etag
W/"dd180473e029c57a6d6ba60b2c8d234a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
1ysZwoF2ktejtmW4h6M9Z7AUnwITOSoWnNmt2S1Tdthd5A5-OkSUWw==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.230 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-230.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
52bda9bafc1cb7f99510d02708860999354780f43d77fc4d82c2a9abdd47f2ae

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"7b50c77463adcc95c91d1fe98b1a84bf:1706081641.07686"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=66515
content-length
6348
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
035675399800e3ae1f674fa492c731a97d18c40358fd47ccee65ffe31d5b3455

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 13 Jun 2024 18:18:52 GMT
server
cloudflare
age
2711
cf-polished
origSize=6321
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4WKjWGWZVhm4jgY47XYLCfIZ9bdjjagJq3NigVvEyNoBK4YTgVHV1xGESf77kSnINSqk9hIQ6vXB1XAlYhslP2bp7heabjL%2Fojx2ltvUvGYFEAIij32pKSBIdaVkMNVmE%2BuOXFU%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8934581bd9aba979-SYD
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.28.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
gzip
last-modified
Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000023-IAD, cache-syd10140-SYD
insight.min.js
snap.licdn.com/li.lms-analytics/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.5.109 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-5-109.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 May 2024 16:52:42 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=17238
accept-ranges
bytes
content-length
16683
chartbeat_video.js
static.chartbeat.com/js/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.248.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-248-189.syd3.r.cloudfront.net
Software
nginx /
Resource Hash
88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:23:19 GMT
content-encoding
gzip
via
1.1 053b1a4cfd9215b4abb8a58ea35b06aa.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jun 2024 00:07:44 GMT
server
nginx
x-amz-cf-pop
SYD3-P1
age
2444
etag
W/"665fac50-11d74"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
FgiBCsf9bc3hPMfUhe_k6AJ4b_wkKThmYPP8Py2bwQ640Zf4AvnXGQ==
expires
Thu, 13 Jun 2024 20:23:19 GMT
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.202309110217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-121.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18adb42d8090a13c0c22990962d0e5a2b4166c8d58550abf3e7130ac85205c7d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Nz2K2fGrSmfSRjjYcqhahi95v93ZzK5M
content-encoding
br
via
1.1 18973cd357a68e16bd20873be51e8596.cloudfront.net (CloudFront)
date
Thu, 13 Jun 2024 19:02:42 GMT
last-modified
Tue, 11 Jun 2024 09:46:06 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
81
x-amz-server-side-encryption
AES256
etag
W/"f586e05e96e4032a9a887510657a5097"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
t8yjeNVW1-wfUpgeDPXmUIy6UeEWpBtyL1Fp2bmAQMjsKu_AUFdhXw==
utag.1205.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1205.js?utv=ut4.46.202309110217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-121.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f92f9cb1a5ec54c42398b05555be2920e647a348da21b20f453df8f650a5a67

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
1hdmmQCz5ncfpfea1T4uPue8YB2EmpL0
content-encoding
br
via
1.1 18973cd357a68e16bd20873be51e8596.cloudfront.net (CloudFront)
date
Thu, 13 Jun 2024 19:01:41 GMT
last-modified
Tue, 11 Jun 2024 09:46:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
147
x-amz-server-side-encryption
AES256
etag
W/"31e7ed91175dde576575ba7eb6e151f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
YiAGZwWUrKvMViuclYIfL6P-tCeT2MRJbvgzxfJ-CNxbqRIwvQFFnw==
utag.1211.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		608 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1211.js?utv=ut4.46.202311301301
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-121.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
adfb5ae2c0f62d3a5b035d61ab7bfc8213a8a2da65d0cb8505be548957195458

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
n.SyvhhDEIvo5Km.ihbExlbTV5.cNfc9
date
Thu, 13 Jun 2024 19:01:10 GMT
via
1.1 18973cd357a68e16bd20873be51e8596.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
187
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
608
last-modified
Tue, 11 Jun 2024 09:46:08 GMT
server
AmazonS3
etag
"2a51865f3078d207761001e98b6836e9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1296000
accept-ranges
bytes
x-amz-cf-id
35d5nRxBjsoqWpdY_B5FKaFQSbgb5gyPU4InnQvd66xnSCYnIqRI3Q==
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-127.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d1b6db6af2e0ec1fc8465d55cfad297cabcf721cde00b98e5e6c4b47c7c4dc5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:42:45 GMT
content-encoding
gzip
via
1.1 b862c6b18a44c823dd40d8d760097ee2.cloudfront.net (CloudFront)
x-amz-version-id
BY1GVrdpQUXFAEUG6gUyAYK2t_lNGPpr
last-modified
Thu, 13 Jun 2024 17:19:50 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
1279
x-amz-server-side-encryption
AES256
etag
W/"22cb0f1a9a51825f64146f5abe258d3b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
U4Y84rLmTrm5MWHSZ6LIPt-P7urvHQ7ks9JM9G7cFd-996TWNO20Vw==
door.js
au-script.dotmetrics.net/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13214
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-66.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
2dfad6270523a1ae021ee983c0088450574a085a112273c859113f9e8fe0e53a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
br
via
1.1 1c65a9672d4009a4b2d2b0463141bfa6.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SYD1-C1
etag
"13214...285.2024061319"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
RDSBWWocXuu7pJ2fT8S6dBb3TzyOaOw1z_woj9GF7wvqm37-YEnM7Q==
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.242.194 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-242-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4c2e03d0e2d3f21d25a50ac39491f5124a03d778da219ccb65801c522201a370

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
gzip
x-amz-request-id
XKGND0NZ509CX06F
x-amz-cf-pop
ATL56-P2
x-amz-server-side-encryption
AES256
content-length
21820
x-amz-id-2
vaHbI0o5FSMYgdPdaFYbOMSEAv6uHVsMSKgAyNtzcRFgrLIzvgo67PGjaYRJfk9obKt+U8vCrDU=
last-modified
Wed, 06 Sep 2023 14:35:36 GMT
server
AmazonS3
etag
"220840acac0b72605c541d1c968febe3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=619
accept-ranges
bytes
x-amz-cf-id
hca-17inFhrDhEHESrmINPGBV7ufa5XP4ONnOzH01FCtESc_rbD2yw==
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Wed, 22 May 2024 17:01:28 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"16b7761205515ddc0668c12c434e8f00"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12104
2988.js
script.crazyegg.com/pages/scripts/0018/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0018/2988.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1211.js?utv=ut4.46.202311301301
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32199c514f6280be0a2531b00efcb112fb626775c4e7ac7ab5f989755ab796a7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4855
cf-polished
origSize=6897
ce-version
11.5.221
cf-bgj
minify
last-modified
Thu, 13 Jun 2024 17:43:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8934581d5df87e37-SYD
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202406110945&cb=1718305442737
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-121.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Thu, 13 Jun 2024 19:00:04 GMT
via
1.1 18973cd357a68e16bd20873be51e8596.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
239
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
VtvLmtUKP8XgZgBiWUEnz2Rln1IDQWx83wJKfKF2cg1zem9fvIzggg==
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-102.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 11 Jun 2024 11:20:27 GMT
Content-Encoding
gzip
Via
1.1 901fdc9beff7ff35478f18c7b70da04e.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD3-P1
Age
285314
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
COTKYPkucBVzEris6xAhPVnB6G2dVoTHqQozJUp1X6B0YESdmSRNFg==
metrics.main.bundle.js
tags.news.com.au/prod/metrics/ 		96 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.main.bundle.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.230 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-230.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5e75e655fc9163baefbb62bd90fbdf915510d7b3329d692b362d39c2b19b6093

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"278108e210b0329c4040336f87eb8f35:1716945525.387672"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=61247
content-length
25265
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.99.188.230 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-230.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:02 GMT
x-check-cacheable
NO
server
AkamaiGHost
x-akamai-pragma-client-ip
203.134.85.110, 58.178.40.203
x-serial
67199
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1712019818.804653"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=0, no-cache
content-length
65
mime-version
1.0
expires
Thu, 13 Jun 2024 19:04:02 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240614
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.187.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85b85b3a907c03eabbbbf958f7c5524522e1bc3dd34494581a5ab76d150b620b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10991
x-jsd-version
1.0.2085
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
822
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21980-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"637-Zbw4MGe3Ss4ZFa7ZSCu1thLOUuU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pt8AEqDL1FnqEGUnrxuzjb52cqvL%2BDTLOS3AIxR20n%2FBJMAlM7iiRkQpCCNKn%2F2%2BqsFMuqK8rsYo5HKHQyHKT6nVc%2BYlUIxr6FE%2F8Sp3UPEH4pdC4qvbEFuqwid%2BgKOdPfY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8934581b9f4a5d2a-SYD
prebid
id5-sync.com/api/config/ 		167 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
b693ff17985bc54be8d357b5ac2ddc78e06c64df046d38aadad3d9bee7ec2439
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 13 Jun 2024 19:04:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
283 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.26.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.26.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.132.249 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-132-249.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Thu, 13 Jun 2024 19:04:02 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.132.249 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-132-249.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Thu, 13 Jun 2024 19:04:02 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame 12EA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-67.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Age
2092
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 13 Jun 2024 18:29:11 GMT
ETag
W/"fbee957879301d939e1c5ea8e01d09a8"
Last-Modified
Tue, 16 May 2023 02:16:02 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 55d9a4fa548a24d777eff07223b71680.cloudfront.net (CloudFront)
X-Amz-Cf-Id
DCvzA0tQuHjU2OGGUBU1pD1jBxqLIFDIrGwpdw6AIAIzEkqo-R6jMQ==
X-Amz-Cf-Pop
SYD3-P1
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256
5119
config.aps.amazon-adsystem.com/configs/ 		531 B
796 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/5119
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-114.syd3.r.cloudfront.net
Software
CloudFront /
Resource Hash
b8464dcb7e2e01bf45bea28cd900120b54874408b41a83ccd573931cae12fac8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:54:01 GMT
via
1.1 dc5b7b7a6895b629c6cb8eef5910309e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD3-P2
age
602
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
531
x-amz-cf-id
pbthQA6k_4jQlmP-drdHa3PpfAWfOHskD9nYWKVEOkCUMAwSvEGSsg==
config
c.amazon-adsystem.com/cdn/prod/ 		636 B
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-125.syd62.r.cloudfront.net
Software
Server /
Resource Hash
0e53454a6a3599c9e3c46ed4eb2132a19bd03b72d6be5282a2d4fb093249751f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:15:35 GMT
via
1.1 e3b6a2cc8a3456f4a2dc3bfd506c4344.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P3
age
13706
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
636
x-amz-cf-id
z3SfaM5kosAFH8CBuoe19dA5Em832w4pTWhgDJK26cg8TuUF9-gsyg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-125.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 dd92061892eeccf2295e6eb3a8dfc954.cloudfront.net (CloudFront)
date
Thu, 13 Jun 2024 15:15:39 GMT
x-amz-cf-pop
SYD62-P3
age
13704
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
e9UTKBSVwVBW09xwbsqObYUED65RrJZ_52PwM3qf1i89f2DsLTM5yQ==
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.132.249 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-132-249.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Thu, 13 Jun 2024 19:04:02 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
/
geo.privacymanager.io/ 		31 B
627 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.192.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-192-129.sfo53.r.cloudfront.net
Software
/
Resource Hash
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 14:35:29 GMT
via
1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 2c3647ef49160329b5e0eb6fc7545c36.cloudfront.net (CloudFront)
x-amz-cf-pop
HIO50-C1, SFO53-P1
age
16114
x-amzn-requestid
60908a9e-1def-4f65-bc4a-27fffcad1db2
x-amzn-trace-id
Root=1-666b03b1-34543a156ea1ac0d14c10d0b;Parent=7b566970ce2d009c;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
ZT2DvHxQjoEEUjQ=
content-length
31
x-amz-cf-id
Ev1cYCi1hVgmJlo82pg79xv9d9yEEKA4RPMlexaX6iKJ4vZ04WpH1Q==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240610/r20110914/elements/html/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240610/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=314020981118.4975?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
11545
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4395
x-xss-protection
0
server
cafe
etag
4271344721252203484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Jun 2024 15:51:38 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkzdPJVzU7hEfqrQV7ANpc570IqBnm_MkoV6enePvvT2egjj7TtUQ2ocsB8YOjxZQgEpg8m1aQocmb_NCJJtzu7I3C4SEa7EuDw9HgyvcpwunEJP1Zh0AGsWp7w9zwOHZVPrDjfg3BdWbaRelltc1W1ROqZi8fTlq5HIbj4ZDUWafRsgXaj2A&sai=AMfl-YQ4x5hV20FQS1AeWwJmXbczMt3shn_CQyVhdbXHxho0bZbQnqvovj8fRG3n2pQPo599TFFb0VgTyxdrBlU&sig=Cg0ArKJSzIgXGGsGzzhKEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20240610.69103&arae=1&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=314020981118.4975?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 13 Jun 2024 19:04:03 GMT
adsct
t.co/1/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=21b1a5be-c5a5-4a84-bf55-219d896f104c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=483ac611-34c3-4722-9ef9-222fa8596919&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&tw_iframe_status=0&txn_id=olqt8&type=javascript&version=2.3.30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.18.232.195 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
145
date
Thu, 13 Jun 2024 19:04:03 GMT
strict-transport-security
max-age=0
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
d109df83ac2c91a1
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
ec4a8c0332f3e67ffe3707bd6bc9594a0221f670b08f33309eb146e698156614
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=21b1a5be-c5a5-4a84-bf55-219d896f104c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=483ac611-34c3-4722-9ef9-222fa8596919&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&tw_iframe_status=0&txn_id=olqt8&type=javascript&version=2.3.30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
145
date
Thu, 13 Jun 2024 19:04:03 GMT
strict-transport-security
max-age=631138519
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
12ff758c76c333df
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
34247f7b066e828bf6981a51629eff392cffbbeda4651e3e428a149b24575d9f
content-length
43
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/ 		463 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
a61500a342875a17afc10c79e9c1596ae0e18182bf57f34390b4a68dad5ce1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 17:12:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
6678
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147345
x-xss-protection
0
server
cafe
etag
14651848665127099269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 13 Jun 2025 17:12:44 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		113 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&pid=ebfKRESf8MZsi&cb=0&ws=1600x1200&v=24.610.1703&t=2000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fnorthwest-ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fnorthwest-ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fnorthwest-ad-block-300x250-2%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fnorthwest-ad-block-728x90-2%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%2C%22version%22%3A%5B%2210%22%2C%220%22%2C%220%22%5D%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Not%2FA%29Brand%22%2C%22version%22%3A%5B%228%22%2C%220%22%2C%220%22%2C%220%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22126%22%2C%220%22%2C%226478%22%2C%2255%22%5D%7D%2C%7B%22brand%22%3A%22Google+Chrome%22%2C%22version%22%3A%5B%22126%22%2C%220%22%2C%226478%22%2C%2255%22%5D%7D%5D%7D%7D%7D&sm=a1206b0f-13b0-4ea6-951c-364d59ad4d11&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.35.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-35-170.syd3.r.cloudfront.net
Software
Server /
Resource Hash
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:02 GMT
via
1.1 b862c6b18a44c823dd40d8d760097ee2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD3-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
113
x-amz-cf-id
h6G8CDclsMZefmPn_X4aR4fLI717WYxwrX5EeSqQT_ldzifCSeXLnA==
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 82A7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
343
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28337
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 18:58:20 GMT
expires
Thu, 13 Jun 2024 19:48:20 GMT
last-modified
Mon, 10 Jun 2024 20:12:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 63EB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.55.6.117 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-6-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=55506
content-encoding
gzip
content-length
859
content-type
text/html
date
Thu, 13 Jun 2024 19:04:03 GMT
expires
Fri, 14 Jun 2024 10:29:09 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
topicsapi.html
topics.authorizedvault.com/ Frame E0FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.244.62.6 Sydney, Australia, ASN60068 (CDN77 _, GB),
Reverse DNS
109632633.syd.cdn77.com
Software
CDN77-Turbo /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=604800
content-encoding
gzip
content-type
text/html
date
Thu, 13 Jun 2024 19:04:03 GMT
etag
W/"b1da2234a554ee8bc6519a75d88402d9"
expires
Tue, 11 Jul 2023 17:48:38 GMT
last-modified
Mon, 26 Jun 2023 15:39:25 GMT
server
CDN77-Turbo
vary
Accept-Encoding
via
1.1 google
x-77-age
336795
x-77-cache
HIT
x-77-nzt
EQwBj/Q+BAH3myMFAA
x-77-nzt-ray
79dc88069cc1a91aa3426b662cb01827
x-77-pop
sydneyAU
x-accel-date
1717968648
x-accel-date-max
1689094118
x-accel-expires
@1718573448
x-age
336795
x-cache
HIT
x-goog-generation
1687793965818864
x-goog-hash
crc32c=LvKeBQ== md5=sdoiNKVU7ovGUZp12IQC2Q==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1404
x-guploader-uploadid
ADPycdued6PJ1Ep6vC99ldIvPcD5Q2n4Vg8uR6Rg6Yvlhb0rOni3e-zPqu0tM_qE0XDXhy3ZRyO_fFEoqU_Ehpk5Zagd
translator
hbopenbid.pubmatic.com/ 		0
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.87 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 13 Jun 2024 19:04:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.playground.xyz/host-config/ 		0
342 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/host-config/prebid?v=2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
1cffd9b7-7bc9-4980-af6d-e6dfd1832222
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1718305443111&to=-480&aun=ad-block-728x90-1&gpid=%2F5129%2Fndm.leader%2Flocal%2Fnorthwest%23ad-block-728x90-1&t=jlltldhf&pi=3&maxw=1800&maxh=1000&si=985711&bf=970x250%2C1800x1000%2C970x90%2C728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.23.0%22%7D&ogu=https%3A%2F%2Fwww.heraldsun.com.au&ns=10240
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.235.159 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-235-159.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5c6f646be7d733a83798859f8e804875a51819220010d59c77d4fbe45bbea098

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1718305443112&to=-480&aun=ad-block-300x250-1&gpid=%2F5129%2Fndm.leader%2Flocal%2Fnorthwest%23ad-block-300x250-1&t=jlltldhf&pi=3&maxw=300&maxh=600&si=985713&bf=300x250%2C300x600%2C160x600%2C120x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.23.0%22%7D&ogu=https%3A%2F%2Fwww.heraldsun.com.au&ns=10240
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.235.159 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-235-159.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9e0e29c5fae09dc59ec136bd64ae0c7737af9176d36961f7c38fec04b24ef7c1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
cdb
bidder.criteo.com/ 		0
227 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=42474142451&lsavail=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Origin
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		553 B
893 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=2&alt_size_ids=55%2C57%2C68&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&tg_v.adl=false&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&tg_i.pagetype=index&tg_i.sec1=local&tg_i.sec2=north-west&tg_i.adl=false&tg_i.pos=1%2C1&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%2Fnorthwest%23ad-block-728x90-1&tg_i.refreshed=false&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=17c91d94f588b88&p_screen_res=1600x1200&o_ae=1&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%2Fnorthwest%23ad-block-728x90-1&slots=1&rand=0.1597838683267223
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
00a89fe311bafa87c79d403af776783c4c638aacea4dc7d7ca49d8ec8b0eb03e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
553
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		557 B
898 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&alt_size_ids=9%2C8%2C10&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&tg_v.adl=false&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&tg_i.pagetype=index&tg_i.sec1=local&tg_i.sec2=north-west&tg_i.adl=false&tg_i.pos=1%2C1&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%2Fnorthwest%23ad-block-300x250-1&tg_i.refreshed=false&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=184e5716e25ed72&p_screen_res=1600x1200&o_ae=1&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%2Fnorthwest%23ad-block-300x250-1&slots=1&rand=0.18951838689126643
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
befe6ce4a2024bfae944e369e15700b2401399aaf2e0c117e6d70d87dd2e581f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
557
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		529 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&tg_v.adl=false&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&tg_i.pagetype=index&tg_i.sec1=local&tg_i.sec2=north-west&tg_i.adl=false&tg_i.pos=2%2C2&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%2Fnorthwest%23ad-block-300x250-2&tg_i.refreshed=false&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=19f40d3ce68ffa8&p_screen_res=1600x1200&o_ae=1&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%2Fnorthwest%23ad-block-300x250-2&slots=1&rand=0.04193819448054037
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
546bdad88bd32567d6b556f94ec3c4c8af90324fab200514ee5756ba933fcb0a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
529
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		527 B
868 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&tg_v.adl=false&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&tg_i.pagetype=index&tg_i.sec1=local&tg_i.sec2=north-west&tg_i.adl=false&tg_i.pos=2%2C2&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%2Fnorthwest%23ad-block-728x90-2&tg_i.refreshed=false&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=20a31ecb013f945&p_screen_res=1600x1200&o_ae=1&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%2Fnorthwest%23ad-block-728x90-2&slots=1&rand=0.7111905273790795
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d9ee514bcfac3c14f66b5b05947902d9c9713922c631760e5d3a64185ae09f59

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
527
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
698 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=277566
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8184c03402eaf1cb7b4f91736960aeaccdfe02bd13d0a895131d5878c51772e6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
observe-browsing-topics
?1
alt-svc
h3=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YF%2FGZZBIU1pzBy%2FjX4ef0%2BwXh4w26NwdU%2BC3P9OrpWgfYpxkArR4BzCNu%2BKuwzcAlSwrPXrCjmTvfvaZ6LJ%2BuBkKea6upWiR32E5sJURu7P6szpiqaiKxo%2FtN0wOGvJsvJm8KGsa"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8934581ba9a2a961-SYD
expires
0
prebid
ib.adnxs.com/ut/v3/ 		496 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e0fcf7e037718dc4737d04d4d06f25a612379d220ed0bb11d55ec250251b623e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:03 GMT
an-x-request-uuid
6fa6f60e-a569-426f-be20-a1caf2cf7f8b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.160; 66.203.112.160; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
496
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
641 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.99.189.111 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-189-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
observe-browsing-topics
?1
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 13 Jun 2024 19:04:03 GMT
384959879014125
connect.facebook.net/signals/config/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/384959879014125?v=2.9.158&r=stable&domain=www.heraldsun.com.au&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
13f36ccedf24d86525fcd8487366a40b9db9a1f6b2e73c073c618a28c76d38eb
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Jun 2024 19:04:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13972
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=63, mss=1317, tbw=63534, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
7XKSOs6l20HDb8QssG81SAvaPxx0qibCKqEB18VsLHzNpNMgSvopA+0bW7qePVYBf6N3Mi8apG96fo3yObRjIg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
e28a09aac839a317f28479c28d05a96cea5d146aea984e28e2ac
bedsberry.com/ 		299 B
714 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/e28a09aac839a317f28479c28d05a96cea5d146aea984e28e2ac
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
800abd7b93ce8b0d48cf5a71399993a8b024f4f0b350b4f85f65855072107dab
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
strict-transport-security
max-age=15724800; preload
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
br
x-buildnumber
1325657617
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-571s
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
8934581bbc20a953-SYD
expires
Thu, 13 Jun 2024 19:04:02 GMT
hit.gif
au-script.dotmetrics.net/ 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13214&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&dom=www.heraldsun.com.au&r=1718305443160&pvs=1&ecid=ed86e74e-2d62-4a4d-b745-b51b4fb0e03a&c=true&tzOffset=-480&doorUrl=http%3a%2f%2fau-script.dotmetrics.net%2fdoor.js%3fid%3d13214&dfph=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-66.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
dotmetrics-hit-status
01 OK
via
1.1 1c65a9672d4009a4b2d2b0463141bfa6.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
B6yGggCeKFrN250ww4-_mQava_P4I6A8IFAbOXdlxF31bdgjcc1Dqg==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13214&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&dom=www.heraldsun.com.au&r=1718305443160&pvs=1&pvid=ed86e74e-2d62-4a4d-b745-b51b4fb0e03a&c=true&tzOffset=-480
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-42.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:10:40 GMT
via
1.1 de78b5b2f4bbd9bb1abd6bed27a85d78.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 12:25:02 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
age
3203
x-amz-server-side-encryption
AES256
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
DJM_k_IWa4E2VNpwr7nFdB6eKu4xerPBVjtLVzlRfp12GOkZF184VA==
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.242.194 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-242-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f5647c47fb1b581202f34328775140b59a860d678f541caf98adf2e3d48900f2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
W4i5LqlLTAjryJ_8jp.1iw2w09RrC_Q5
date
Thu, 13 Jun 2024 19:04:03 GMT
last-modified
Tue, 30 Jan 2024 22:36:45 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
etag
"1cace6cc49d6432004661d16654e37f7"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=229
accept-ranges
bytes
content-length
18049
x-amz-cf-id
XA3h9ke8OiMqNbbL_oD5zQhxgYPrK3fInRUW8VqjoiVn8qT9Nl1tvA==
pub
pixel.adsafeprotected.com/services/ 		782 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.90%5D,p:/5129/ndm.leader/local/northwest,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90%5D,p:/5129/ndm.leader/local/northwest,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600,160.600,120.600%5D,p:/5129/ndm.leader/local/northwest,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.leader/local/northwest,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.leader/local/northwest,t:display%7D&slot=%7Bid:ad-block-300x90-1,ss:%5B300.90,315.90%5D,p:/5129/ndm.leader/local/northwest,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.leader/local/northwest,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=d080ecd9-06ac-fb59-df0f-3e721a95033b&url=https%253A%252F%252Fwww.heraldsun.com.au%252Fleader%252Fnorth-west
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.159.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-159-235.ap-southeast-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
d8dff116fab3b590edc96545362a67e3485980b894f08b303cdd78491c1eebbe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
97081477.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/97081477.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d9f5945e80f23ab8addc1908230c8aa3ffabffd8aaa4827fa91afa5785a64169
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Thu, 13 Jun 2024 19:04:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 030D8EDB346741DA91CE3F295B8AF391 Ref B: SYD03EDGE0916 Ref C: 2024-06-13T19:04:03Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97081477&Ver=2&mid=59796db4-7494-43d7-be46-509080e8e6e2&sid=b312f59029b711efbb5f95cc39b96809&vid=b313a56029b711efabaf6103c37528ab&vids=1&msclkid=N&pi=918639831&lg=en-AU&sw=1600&sh=1200&sc=24&tl=North%20west%20%7C%20Leader%20Newspapers%20North%20West%20Melbourne%20%7C%20Local%20Community%20News%20VIC%20%7C%20Moreland%20Leader%20%7C%20Hume%20Leader%20%7C%20Sunbury%20Leader%20%7C%20Moonee%20Valley%20%7C%20Herald%20Sun&p=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&r=&lt=776&evt=pageLoad&sv=1&rn=486075
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 13 Jun 2024 19:04:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CD3CA61F740C4F0FABEE9D188AC315A1 Ref B: SYD03EDGE0916 Ref C: 2024-06-13T19:04:03Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=ViewContent&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&rl=&if=false&ts=1718305443202&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.2.1718305443199.199593906317848338&cs_est=true&est_source=2353117768323382&ler=empty&cdl=API_unavailable&it=1718305443145&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=10, mss=1317, tbw=2854, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 13 Jun 2024 19:04:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=384959879014125&ev=ViewContent&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&rl=&if=false&ts=1718305443202&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.2.1718305443199.199593906317848338&cs_est=true&est_source=2353117768323382&ler=empty&cdl=API_unavailable&it=1718305443145&coo=false&es=automatic&tm=3&rqm=FGET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xb134b76a56b9d4fe","source_keys":["1","2"]},{"key_piece":"0x8c64509bbef6a95c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 13 Jun 2024 19:04:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7380065684124048542", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=10, mss=1317, tbw=7002, tp=-1, tpl=-1, uplat=353, ullat=0
pragma
no-cache
x-fb-debug
6dqzLA4sLmRNvIaGEEQv1Whl6a081M2YQsYeWvpK0bAOeIOnbmtQvK4sUkv5ahwaspqJWZx1qp3loP3k+ag+2w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7380065684124048542"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&rl=&if=false&ts=1718305443203&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1718305443199.199593906317848338&cs_est=true&ler=empty&cdl=API_unavailable&it=1718305443145&coo=false&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=10, mss=1317, tbw=3138, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 13 Jun 2024 19:04:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&rl=&if=false&ts=1718305443203&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1718305443199.199593906317848338&cs_est=true&ler=empty&cdl=API_unavailable&it=1718305443145&coo=false&rqm=FGET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x27f50080b680d49c","source_keys":["1","2"]},{"key_piece":"0x071bab48f337e952","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 13 Jun 2024 19:04:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7380065684233764856", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=10, mss=1317, tbw=3291, tp=-1, tpl=-1, uplat=345, ullat=0
pragma
no-cache
x-fb-debug
H8n6hEcCMbkghqSQcghwDOhu7Kn6SwgJD+PnJefHEL2Kum1f4INj5NykbPNLsmOwVRFXcBko8+bQPxKCQqxw2g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7380065684233764856"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
Serving
bs.serving-sys.com/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=3508885153959828698&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west$$&activityValues=$$Session%3D3333348972202930381$$&ns=0&rnd=4155539662&uinadv=%7B%7D&ccpastatus=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.164.249 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-164-249.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fb9b154b0310341a89e238556489b1dca1c4fcd93befe9abe543f68802902017

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
2604
expires
Sun, 05-Jun-2005 22:00:00 GMT
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f8a7f93503827827e8277dcf975e1a74724a5a8aec4863f4d165abeb75a4e82

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 13 Jun 2024 18:18:59 GMT
server
cloudflare
age
2704
cf-polished
origSize=64944
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SYcYKM0rEXKLqkIvzdxyqPhDbMFr8sz4DA6e9cqgPED3HtoPCvew%2BA00VGas%2Fr1frzGd3RFFECaku6pmu%2FccMA%2BEJ6iH28ieXNOt0Bmph2JwQ5dwlP5Zjr%2BxuWzcveseOcW%2BTy3r"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8934581c19cea979-SYD
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
c.js
collector.brandmetrics.com/ 		0
188 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au&rnd=5589932
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Request-Context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Date
Thu, 13 Jun 2024 19:04:03 GMT
Content-Length
0
Content-Type
text/javascript;charset=utf-8
a20352597942.html
a20352597942.cdn.optimizely.com/client_storage/ Frame 83A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.20.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-20-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
977
content-type
text/html; charset=utf-8
date
Thu, 13 Jun 2024 19:04:03 GMT
etag
"5e42b34e83acb9f055467e928820d48a"
last-modified
Thu, 13 Jun 2024 02:52:04 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="1";dur=0,cdnip;desc="23.221.20.194";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1718305443349_389542548_40047556_32_1538_1_6_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
Ye9JpkEn5hP/of6Z1Q/jXtfwSjJp9wklIQULOfL/ndZRYyL1E8g2mC/4ss8b9wOT0y+UAvZmrV0=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
AEH4ZFV7MFWJAQFG
x-amz-server-side-encryption
AES256
x-amz-version-id
y2mdg9wxU35jaxcK5gHOgeCNkPXk9zCJ
/
geo.privacymanager.io/ 		31 B
627 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.192.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-192-129.sfo53.r.cloudfront.net
Software
/
Resource Hash
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 14:35:29 GMT
via
1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 2c3647ef49160329b5e0eb6fc7545c36.cloudfront.net (CloudFront)
x-amz-cf-pop
HIO50-C1, SFO53-P1
age
16114
x-amzn-requestid
60908a9e-1def-4f65-bc4a-27fffcad1db2
x-amzn-trace-id
Root=1-666b03b1-34543a156ea1ac0d14c10d0b;Parent=7b566970ce2d009c;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
ZT2DvHxQjoEEUjQ=
content-length
31
x-amz-cf-id
hiwZDA8ZE5ymVLs713MHlqE-agBMuK5CSf6Owu5h_LfSrG-j4F_Lng==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
script.js
au-script.dotmetrics.net/Scripts/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=285
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-66.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
27b65c06fcf400e92c162ef2a8497cc573468ed0904d1a4c92119344c9997313

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
br
via
1.1 1c65a9672d4009a4b2d2b0463141bfa6.cloudfront.net (CloudFront)
last-modified
Mon, 15 Apr 2024 14:54:31 GMT
server
Kestrel
x-amz-cf-pop
SYD1-C1
etag
"1da8f44d2530d7f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
x-amz-cf-id
Ra7BTjR1ew5fWEHjJgyXSTbnblB2bJ6Bcwo5_vc3-opNlwXr3M6qRQ==
attribution_trigger
px.ads.linkedin.com/ 		0
0
collect
px.ads.linkedin.com/ 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1718305443352&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 1A79026BC2594B7BA127892FCB5E2A3E Ref B: SYD03EDGE0713 Ref C: 2024-06-13T19:04:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYayimesFyzjJBJszprvw==
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=3f0c9091103be654ad1391e460180091&timewithTz=2024-06-13T19:04:02.714Z&country=au&newsconnectId=&fpid=9f9cfe3ae3c420d5ae9b73204876732c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.131.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-131-107.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
97081477
www.clarity.ms/tag/uet/ 		991 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/97081477
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/97081477.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d2c7f0be31f6c8135d6f493ffcaa2f4a6df898ffb688e13383bc8f77888feae3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Thu, 13 Jun 2024 19:04:04 GMT
x-azure-ref
20240613T190403Z-157f9d9bf49qb7p8f6vyk7nnaw0000000m10000000000kny
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
991
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fleader%2Fnorth-west&u=xf4UiCZ6h9XBWUs3t&d=heraldsun.com.au&g=36976&g0=local%2Cnorth-west%2Cindex%2Cno_video&g1=hwt&n=1&f=00001&c=0&x=0&m=0&y=7359&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&b=2123&t=Cg0P-AD1fUKiBXtADICpB_eGv-W0z&V=147&i=North%20west%20%7C%20Leader%20Newspapers%20North%20West%20Melbourne%20%7C%20Local%20Community%20News%20VIC%20%7C%20Moreland%20Leader%20%7C%20Hume%20Leader%20%7C%20Sunbury%20Leader%20%7C%20Moonee%20Valley%20%7C%20Herald%20Sun&tz=-480&_acct=anon&sn=1&sv=C1ZcenulCKSBFj7NoD6dL-l0kg6h&sr=external&sd=1&im=066b0f7a&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.76.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-76-49.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 13 Jun 2024 19:04:03 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1718305443387
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.232.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
04a2962ab8ef3cd5d9056b3e03c655fbd16951a6ff8e0d1741d51b9dae243d90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-va6-2-v060-01f6a99ee.edge-va6.demdex.com 4 ms
pragma
no-cache
date
Thu, 13 Jun 2024 19:04:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
E7cLcvFsTAE=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
1563
expires
Thu, 01 Jan 1970 00:00:00 UTC
a20a39718deac86b3039f9184bd88bdfb06eb610a58fe69625c5
bedsberry.com/ 		3 B
455 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/a20a39718deac86b3039f9184bd88bdfb06eb610a58fe69625c5
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
strict-transport-security
max-age=15724800; preload
via
1.1 google
cf-cache-status
DYNAMIC
x-buildnumber
1325657617
alt-svc
h3=":443"; ma=86400
content-length
3
server
cloudflare
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-571s
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
8934581d4d0fa953-SYD
expires
Thu, 13 Jun 2024 19:04:02 GMT
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		199 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-127.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Aabpvbg3ktgBmwIqp1b4kZ3V88L5QhMx
content-encoding
gzip
via
1.1 b862c6b18a44c823dd40d8d760097ee2.cloudfront.net (CloudFront)
date
Thu, 13 Jun 2024 18:17:11 GMT
x-amz-cf-pop
SYD3-P2
age
2813
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 06 Sep 2023 13:04:53 GMT
server
AmazonS3
etag
W/"2be1fe7a43ef5ba626afab2ceddfc177"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
ewRR3RCxSVZhj9_oLBjOyTLt-H_qCL4pVeYeq3qMSUXpAq2nMHYZ7A==
iu3
s.amazon-adsystem.com/ Frame F8C3
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
283
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 13 Jun 2024 19:04:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
K7PD1P43NFFMX3HHG0Q7

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 13 Jun 2024 19:04:03 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
FH4R0FP2927GWSFKDS89
undefined_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/undefined_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
config
pixel-config.reddit.com/pixels/t2_vrvmwxuz/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_vrvmwxuz/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1718305443425&id=t2_vrvmwxuz&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=ffb382c8-937c-4347-9872-82dc532e1c56&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_8d515a58&dpm=&dpcc=&dprc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame A624 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-13.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
3038
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Thu, 13 Jun 2024 18:13:26 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 06 Sep 2023 13:04:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 4dc21cb63e62a1d58ba1e9fef2392daa.cloudfront.net (CloudFront)
x-amz-cf-id
sdi4JpdDY5YU3d9d9_P7kN7JhkGIfXprXXntz0zGU40mw1jdgCB4FQ==
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
CTbRZ.5UlARhD4XceMUpZU1V6DSHtB37
x-cache
Hit from cloudfront
www.heraldsun.com.au.json
script.crazyegg.com/pages/data-scripts/0018/2988/site/ 		1023 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0018/2988/site/www.heraldsun.com.au.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
037a7990b9e7bf5357a8ec0c6d39fe063ecdd8da52687e76418f2b1c907ec9fd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4856
ce-version
11.5.221
content-length
454
last-modified
Thu, 13 Jun 2024 17:43:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8934581f7a4ca7f5-SYD
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMyMTQsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS9sZWFkZXIvbm9ydGgtd2VzdCIsInJ1cmwiOiIiLCJlY2lkIjoiZWQ4NmU3NGUtMmQ2Mi00YTRkLWI3NDUtYjUxYjRmYjBlMDNhIiwiZGMiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJkZnBoIjoiIiwidHpPZmZzZXQiOi00ODAsIm9zcyI6dHJ1ZSwib3NlcyI6dHJ1ZX0%3D&r=1718305443512
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=285
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-66.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
8fd59ce9cad7ff06c865b324648531261f6b38294b4755f537dd164c82f74f2a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
content-encoding
br
via
1.1 1c65a9672d4009a4b2d2b0463141bfa6.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
38_AyvtBuNXsmPrtCuaRHs85NKb56CUmJPiPg4pnJqV0c02m4XqUcA==
v1
lb.eu-1-id5-sync.com/lb/ 		44 B
291 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
35688df8c18624d01d3a9f9c42c7ccd7c6a7b435e4a6d20663ad290e533fe7f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 13 Jun 2024 19:04:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
core.js
s.pinimg.com/ct/ Frame 6991 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.168.218 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
x-cdn
akamai
etag
"9bc4bd8fd6a7603cc1c91cc83fc17417"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1878
up_loader.1.1.0.js
js.adsrvr.org/ Frame 9AC0 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.14.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-14-99.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 09:23:42 GMT
Content-Encoding
gzip
Via
1.1 6eb4925a459e5104745cfd7f77596766.cloudfront.net (CloudFront)
Last-Modified
Fri, 07 Jun 2024 09:20:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD62-P3
Age
34823
x-amz-server-side-encryption
AES256
ETag
W/"a7eb6794e868fe870db350518165c868"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
lLyZTYjK-RlgGl37jgwXZ2MF-xqtwo8ZiIEguGdqyaqGNWYdlRUb_w==
activityi;dc_pre=CNrz8cyi2YYDFXABgwMdVo4PyQ;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8191521361507.595
8228261.fls.doubleclick.net/ Frame A45A
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8191521361507.595?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CNrz8cyi2YYDFXABgwMdVo4PyQ;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=819152136150...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNrz8cyi2YYDFXABgwMdVo4PyQ;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8191521361507.595?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
957
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 19:04:04 GMT
expires
Thu, 13 Jun 2024 19:04:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 19:04:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNrz8cyi2YYDFXABgwMdVo4PyQ;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8191521361507.595?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CKH08cyi2YYDFVMBgwMdNWgIPA;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=216126520231.71198
8228261.fls.doubleclick.net/ Frame E058
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=216126520231.71198?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CKH08cyi2YYDFVMBgwMdNWgIPA;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=216126520231...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CKH08cyi2YYDFVMBgwMdNWgIPA;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=216126520231.71198?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1049
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 19:04:04 GMT
expires
Thu, 13 Jun 2024 19:04:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 19:04:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CKH08cyi2YYDFVMBgwMdNWgIPA;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=216126520231.71198?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
px
secure.adnxs.com/ Frame B433 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/px?id=1274268&seg=22404526&t=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:04 GMT
an-x-request-uuid
0c3b6b4e-a7c4-40df-aab7-d966f2bdddbd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.160; 66.203.112.160; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
uwt.js
static.ads-twitter.com/ Frame E943 		56 KB
66 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.28.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/
If-None-Match
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
If-Modified-Since
Fri, 15 Mar 2024 03:07:08 GMT
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-cache
HIT
cache-control
no-cache
x-served-by
cache-syd10140-SYD
js
www.googletagmanager.com/gtag/ Frame 8EBE 		226 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.8 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f4d95c512a8c3663cd91310face3537e1a4fe6ddf011217ca8c2c62f9cc4a990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83591
x-xss-protection
0
last-modified
Thu, 13 Jun 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Jun 2024 19:04:04 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 738E 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.14.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-14-99.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 09:23:42 GMT
Content-Encoding
gzip
Via
1.1 6eb4925a459e5104745cfd7f77596766.cloudfront.net (CloudFront)
Last-Modified
Fri, 07 Jun 2024 09:20:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD62-P3
Age
34823
x-amz-server-side-encryption
AES256
ETag
W/"a7eb6794e868fe870db350518165c868"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
X-Amz-Cf-Id
lLyZTYjK-RlgGl37jgwXZ2MF-xqtwo8ZiIEguGdqyaqGNWYdlRUb_w==
pixie.js
acdn.adnxs.com/dmp/up/ Frame 5464 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.55.4.150 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-4-150.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5d1e25f0bae3df435bf9bef434d68fa5f2833c5e398e46207fbb107fbe5a892f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 19:04:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Jun 2024 18:03:37 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"665f56f9-58e2"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
7955
Expires
Fri, 14 Jun 2024 19:04:06 GMT
activityi;dc_pre=CPf08cyi2YYDFSgEgwMdCf4PTw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8668470149833.207
8228261.fls.doubleclick.net/ Frame 13BF
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8668470149833.207?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPf08cyi2YYDFSgEgwMdCf4PTw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=866847014983...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPf08cyi2YYDFSgEgwMdCf4PTw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8668470149833.207?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west?nk=9f9cfe3ae3c420d5ae9b73204876732c-1718305441
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1006
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 19:04:04 GMT
expires
Thu, 13 Jun 2024 19:04:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 19:04:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPf08cyi2YYDFSgEgwMdCf4PTw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8668470149833.207?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
conversion.js
www.googleadservices.com/pagead/ Frame 225A 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
bf503a23e4e0eba3b3bf84282a360bf0c1664232cffb781aae272e8e77f2c63d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21119
x-xss-protection
0
server
cafe
etag
17744555452863531702
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 13 Jun 2024 19:04:04 GMT
pixel
pixel.mediaiqdigital.com/ Frame 09E8
Redirect Chain
  • https://secure.adnxs.com/px?id=1297269&seg=22449553&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu1%3D%pu1=!;%26pixel_id%3D1297269%26uid%3D%24%7BUID%7D&t=2
  • https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=480683056877782366
2 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=480683056877782366
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Server
52.76.196.116 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-196-116.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 13 Jun 2024 19:04:04 GMT
content-length
2

Redirect headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:04 GMT
an-x-request-uuid
2b0ab4ee-f66a-4201-8dca-3f613b3395ed
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=480683056877782366
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.160; 66.203.112.160; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:04 GMT
an-x-request-uuid
693dc6d1-efbe-42ce-b542-c2450aee2c34
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.160; 66.203.112.160; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attribution_trigger
px.ads.linkedin.com/ 		0
0
dest5.html
newscorpau.demdex.net/ Frame 9690 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.120.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-120-247.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 13 Jun 2024 19:04:04 GMT
dcs
dcs-prod-va6-1-v060-096ec7a92.edge-va6.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 9 May 2024 11:56:15 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
7rr0KQUgTFM=
id
newscorpau.sc.omtrdc.net/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newscorpau.sc.omtrdc.net/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=53574165532646499700264418714609127514&ts=1718305444016
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.82 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-82.data.adobedc.net
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 13 Jun 2024 19:04:04 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZmtCpAAAAKFTjwM5
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=53552909378094550800262310694896877888
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZmtCpAAAAKFTjwM5
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZmtCpAAAAKFTjwM5
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Server
18.232.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v060-087c8ec94.edge-va6.demdex.com 9 ms
pragma
no-cache
date
Thu, 13 Jun 2024 19:04:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
KqflAWOLQjk=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZmtCpAAAAKFTjwM5
Date
Thu, 13 Jun 2024 19:04:04 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
adsct
t.co/i/ Frame E943 		43 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=3911176f-bdf1-4914-bd03-36757e4bb6b5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=40a18873-f2b5-4cb8-8a89-6c34ff3b67a2&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.18.232.195 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
146
date
Thu, 13 Jun 2024 19:04:04 GMT
strict-transport-security
max-age=0
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
ed8f9879934976f6
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
3bad1d1789da82b418f68cb4e6132861b7b424ec128f4dff141fd44001af8b31
content-length
43
adsct
analytics.twitter.com/i/ Frame E943 		43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=3911176f-bdf1-4914-bd03-36757e4bb6b5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=40a18873-f2b5-4cb8-8a89-6c34ff3b67a2&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
146
date
Thu, 13 Jun 2024 19:04:04 GMT
strict-transport-security
max-age=631138519
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
5b0319cc7a11d4fb
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
34247f7b066e828bf6981a51629eff392cffbbeda4651e3e428a149b24575d9f
content-length
43
up
ib.adnxs.com/pixie/ Frame 5464 		9 B
314 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/pixie/up?pi=4332873b-84ca-4d4d-a575-ee974bcdf99a
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/up/pixie.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:04 GMT
server
nginx/1.23.4
access-control-max-age
0
access-control-allow-methods
GET, OPTIONS
content-type
application/xml
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
x-proxy-origin
66.203.112.160; 66.203.112.160; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
access-control-allow-headers
Content-Type
content-length
9
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.62.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-62-68.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
pixie
ib.adnxs.com/ Frame 5464 		42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1718305444034&v=0.0.37&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&r=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&st=1718305444034&et=1718305444130&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:04 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.23.4
x-proxy-origin
66.203.112.160; 66.203.112.160; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
42
content-type
image/gif
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/97081477
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:04 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240613T190404Z-157f9d9bf49qb7p8f6vyk7nnaw0000000m10000000000kp5
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
5c2fdb50-101e-0028-18b8-b54f73000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
main.f74ed22b.js
s.pinimg.com/ct/lib/ Frame 6991 		70 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.f74ed22b.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.168.218 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
x-cdn
akamai
etag
"446a72b73c00f6022c92a764d3c540bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
20114
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 225A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1718305444256&cv=9&fst=1718305444256&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
73f182db722abc9dda703370dd45e367ac61aea4b1ba15da698bef5911685299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1359
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/user/ Frame 6991 		321 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&tid=2612777586108&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1718305444283&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:04 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
5
alt-svc
h3=":443";ma=600
x-pinterest-rid
2367536499012368
content-length
186
pin-unauth
dWlkPVkySmtOekZqT1RBdFlqRXlOQzAwTVdFM0xUaGhOR1F0WmpkaFpEVTNabVF6Tm1GaA
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
d80afdeb0d64359b34f4a708f18dc7ee1019dc51
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/ Frame 6991 		321 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&tid=2612777586108&cb=1718305444283&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:04 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=600
x-pinterest-rid
6730006322806527
content-length
186
pin-unauth
dWlkPU9HRXlNemsxTWpNdE5tWXpOeTAwWkdZNExXSTJOR0l0WkRoa1lXTXhNemRoTXpJNA
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
d80afdeb0d64359b34f4a708f18dc7ee1019dc51
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
x.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Thu, 13 Jun 2024 19:04:04 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
events
logx.optimizely.com/v1/ 		0
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.241.49.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 Jun 2024 19:04:04 GMT
via
1.1 google
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
546c1dcd-995d-44f1-9746-185ecf9522c4
/
px.ads.linkedin.com/wa/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://www.heraldsun.com.au/
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:03 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B8AC707C5CC84529B397534949590CEF Ref B: SYD03EDGE0713 Ref C: 2024-06-13T19:04:04Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
access-control-allow-origin
https://www.heraldsun.com.au
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYayimiKytKe6h5wuxGVw==
/
www.google.com/pagead/1p-user-list/859754747/ Frame 225A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1718305444256&cv=9&fst=1718305200000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&hn=www.googleadservices.com&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLNAuTZDcROGE3JTfJ_WdX1_MCExnDW_n44PDoxcpQdiTknjGG&random=2787797461&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:04 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/859754747/ Frame 225A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/859754747/?random=1718305444256&cv=9&fst=1718305200000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&hn=www.googleadservices.com&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLNAuTZDcROGE3JTfJ_WdX1_MCExnDW_n44PDoxcpQdiTknjGG&random=2787797461&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:04 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/v3/ Frame 6991 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&tid=2612777586108&cb=1718305444507&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west%22%2C%22if%22%3Atrue%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.55%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:04 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
https://www.heraldsun.com.au
pinterest-version
d80afdeb0d64359b34f4a708f18dc7ee1019dc51
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
1177821747189532
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
701.json
id5-sync.com/g/v2/ 		586 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
aac5f7810aa4009b33815d64bf3cb9b7de375adcef8cbdd8954394605acd557c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jun 2024 19:04:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 8EBE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1718305444620&cv=11&fst=1718305444620&bg=ffffff&guid=ON&async=1&gtm=45be46c0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=106278359.1718305445&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
36e5645e5f92f1e01e415aa4fcf30757341988933fb3af7ce3aae35347a4b36f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1433
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=53574165532646499700264418714609127514&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=newsnkidcookie%019f9cfe3ae3c420d5ae9b73204876732c%011&ts=1718305444699
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.232.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
2a0136753afc552a5ff2695e211ea8f48ab3a38d675029273491a95d844fdc87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-va6-1-v060-026998402.edge-va6.demdex.com 9 ms
pragma
no-cache
date
Thu, 13 Jun 2024 19:04:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
7jpuZ9pQQ5o=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
1563
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
www.google.com/pagead/1p-user-list/707564276/ Frame 8EBE 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1718305444620&cv=11&fst=1718305200000&bg=ffffff&guid=ON&async=1&gtm=45be46c0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=106278359.1718305445&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLE6MjHQl3khGfBs0I3_EaAJAvHDU7DHv3hq0D6UqL1siJv0gK&random=428817824&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:04 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/707564276/ Frame 8EBE 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/707564276/?random=1718305444620&cv=11&fst=1718305200000&bg=ffffff&guid=ON&async=1&gtm=45be46c0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=106278359.1718305445&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLE6MjHQl3khGfBs0I3_EaAJAvHDU7DHv3hq0D6UqL1siJv0gK&random=428817824&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:04 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
id5-sync.com/ 		29 B
458 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		44 B
290 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
3dce90aa3175cbae74769a3f680dc2d6ba0871c4e5c0b82a721fa676c24024dd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 13 Jun 2024 19:04:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
s23240061653387
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.25.0/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.25.0/s23240061653387?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=14%2F5%2F2024%203%3A4%3A4%205%20-480&cid.&newsnkidcookie.&id=9f9cfe3ae3c420d5ae9b73204876732c&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=9f9cfe3ae3c420d5ae9b73204876732c&mid=53574165532646499700264418714609127514&aamlh=7&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Clocal%7Cindex%7Cnorth-west&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPercentPageViewed=5.0.1&getPreviousValue=3.0&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D21%2Cevent118&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Clocal%7Cnorth-west&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Ccustom%3A1%7Chalfpage%3A1%7Cmrec%3A1%7Cleader%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=local&c5=D%3Dv5&v5=north-west&c9=D%3Dv9&v9=index&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=5%3A04%20AM%7CFriday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=21&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=pdf%20viewer%3Bchrome%20pdf%20viewer%3Bchromium%20pdf%20viewer%3Bmicrosoft%20edge%20pdf%20viewer%3Bwebkit%20built-in%20pdf&v77=D%3Dmid&v78=au%7Cnsw%7Csydney%7C-33.88%7C151.22%7Cgmt%2B10%7Cunknown&v79=au&v80=9f9cfe3ae3c420d5ae9b73204876732c-00000000000000000000000000000000-1718305442614-103334&v110=2024-06-14%2003%3A04%3A01&v111=0&v199=en-US%2Cen&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.56.177 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-56-177.data.adobedc.net
Software
jag /
Resource Hash
894d0b829da11fd23016a7e9c0e5f2ed68f727a5d5ec0834503a78d29e043eb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-aam-tid
JjtIN2GZQgw=
date
Thu, 13 Jun 2024 19:04:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
4951
x-xss-protection
1; mode=block
dcs
dcs-prod-va6-2-v060-01e0eae52.edge-va6.demdex.com 23 ms
pragma
no-cache
last-modified
Fri, 14 Jun 2024 19:04:05 GMT
server
jag
etag
3690032847334834176-4618527639088807154
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 12 Jun 2024 19:04:05 GMT
token_create.js
ct.pinterest.com/static/ct/ Frame 6991 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:04 GMT
x-cdn
fastly
age
3151
etag
"19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
timing-allow-origin
https://ct.pinterest.com
alt-svc
h3=":443";ma=600
content-length
4103
ct.html
ct.pinterest.com/ Frame 713B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Thu, 13 Jun 2024 19:04:05 GMT
pinterest-version
d80afdeb0d64359b34f4a708f18dc7ee1019dc51
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
0
x-pinterest-rid
4168137039989523
up
insight.adsrvr.org/track/ Frame F786 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 13 Jun 2024 19:04:04 GMT
server
Kestrel
vary
Accept-Encoding
up
insight.adsrvr.org/track/ Frame F08E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 13 Jun 2024 19:04:04 GMT
server
Kestrel
vary
Accept-Encoding
/
c0.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c0.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.187 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c1.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c1.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.88.178 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c2.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.199 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c3.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c3.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.112 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c4.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c4.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.88.178 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c5.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c5.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.54 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c6.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c6.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.88.190 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c7.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c7.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.188 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c0.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c0.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.135 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c1.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c1.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.135 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c2.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.199 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c3.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c3.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.54 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c4.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c4.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.23 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c5.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c5.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.187 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c6.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c6.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.199 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c7.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c7.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.127 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Jun 2024 19:04:05 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		398 KB
105 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1803293854671472&correlator=2964413956750241&hxva=1&scor=2301879809807093&eid=31083341%2C31084210%2C31084450%2C31084215%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406100101&ptt=17&impl=fifs&iu_parts=5129%2Cndm.leader%2Clocal%2Cnorthwest&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x90%2C728x90%2C300x250%7C300x600%7C160x600%7C120x600%2C300x250%2C1000x50%7C728x1%2C300x90%7C315x90%2C1x1&ifi=1&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1718305445168&lmt=1718305445&adxs=436%2C176%2C1112%2C1112%2C0%2C1112%2C0&adys=28%2C6592%2C472%2C3093%2C6620%2C446%2C7341&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C2%7C3%7C0%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNTUiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNTUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjU1Il1dLDBd&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&vis=1&psz=1600x134%7C1248x15%7C312x250%7C312x250%7C1600x767%7C312x0%7C1600x7359&msz=728x133%7C1248x15%7C312x250%7C312x250%7C1600x0%7C312x0%7C1600x0&fws=512%2C0%2C512%2C512%2C0%2C516%2C0&ohw=0%2C0%2C0%2C0%2C0%2C312%2C0&ga_vid=979104330.1718305445&ga_sid=1718305445&ga_hid=1425554651&ga_fc=false&topics=1&tps=1&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1718305441871&idt=1139&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3Db313ae0f-29b7-11ef-b3fc-0adba0ae41bd%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3Db313ae10-29b7-11ef-b3fc-0adba0ae41bd%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3Db313ae11-29b7-11ef-b3fc-0adba0ae41bd%26vw%3D40%2C50%2C60%2C70%26vw05%3D40%2C50%2C60%26vw15%3D40%2C50%26grm%3D40%2C50%26vw10%3D40%2C50%26pub%3D40%2C50%2C60%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3Db313ae12-29b7-11ef-b3fc-0adba0ae41bd%7Cpos%3D1%26refreshed%3Dfalse%26id%3Db313ae13-29b7-11ef-b3fc-0adba0ae41bd%7Cpos%3D1%26refreshed%3Dfalse%26id%3Db313ae14-29b7-11ef-b3fc-0adba0ae41bd%7Cpos%3D1%26id%3Db313ae15-29b7-11ef-b3fc-0adba0ae41bd&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3D9f9cfe3ae3c420d5ae9b73204876732c%26sec1%3Dlocal%26sec2%3Dnorthwest%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dindex%26pid%3Dnone%26adl%3Dfalse%26sssw%3Dtrue%26abtest%3Da%26pvid%3D9f9cfe3ae3c420d5ae9b73204876732c-00000000000000000000000000000000-1718305442614-103334%26amznbid%3D0%26amznp%3D0%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_1510566_PG&adks=4048968595%2C622063987%2C1254358199%2C2075244621%2C882382985%2C3944837682%2C236741202&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
8331c7ac7844ebd69695f504793d556d9804c6a112e9833717044ec628288b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
162660,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107001
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 44D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.65 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 19:04:05 GMT
expires
Thu, 13 Jun 2024 19:04:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_leader_S&asn=leader&fp_id=wvjt7sl73obgknioulp9tcqqgdwsd1718305443&fp_cr_tm=1718305443440&fp_acc_tm=1718305443440&fp_emm_tm=1718305443440&ve_id=&sessionId=y75txlfmzunucaef23hnsbf5nszxv1718305443&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,north-west&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,laoku7d4b8uynncrdk1txqh0pwwi41718305443&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,17183054434376694&c30=bldv,6.0.0.673&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1718305442730&c3=st,c&c64=starttm,1718305444&adid=1718305442730&c58=isLive,false&c59=sesid,&c61=createtm,1718305444&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west&c66=mediaurl,&sdd=&c62=sendTime,1718305444&rnd=779240
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north-west
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.155.123 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-155-123.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:05 GMT
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
v3
id5-sync.com/gm/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f2de48828c639abbb08864cc035c53a5e3a36323cc3cfa1d27945942d6e37feb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Jun 2024 19:04:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:05 GMT
content-encoding
gzip
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Jun 2024 19:04:05 GMT
generic1715769109244.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		459 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1715769109244.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29a87db3f1d7967d183df115a6a9c96b89665cfd8c142f35946b93d13ee30246
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
beZJH2h2ibfRRAw_FrzoqWdn.S51YnrK
content-encoding
gzip
via
1.1 varnish
date
Thu, 13 Jun 2024 19:04:05 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
E272D08A0Y30NYFZ
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
87945
x-amz-id-2
56qrQ1f5C4IcnGctx5wwe70OrKthb/J7H8kCJCJ449aSRNDLZk/Lbi/KDDzHFdKTuNN0SmaxwOY=
x-served-by
cache-syd10156-SYD
last-modified
Wed, 15 May 2024 10:31:50 GMT
server
AmazonS3
x-timer
S1718305446.956093,VS0,VE0
etag
"cd4bfd27daf057ed3d1d560fc9c108a3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
121157
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=29D56305099048F0ACA0E34AACDEC778&RedC=c.clarity.ms&MXFR=1169A8E48B426B2D3730BC798F426580
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=29D56305099048F0ACA0E34AACDEC778&MUID=052D396E788667B825BC2DF379166652
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=29D56305099048F0ACA0E34AACDEC778&MUID=052D396E788667B825BC2DF379166652
Protocol
H2
Server
20.205.115.81 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:05 GMT
last-modified
Fri, 01 Mar 2024 20:23:14 GMT
server
Microsoft-IIS/10.0
etag
"4113e049166cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DAB675171BC342F0A28FFFDD455F0D32 Ref B: SYD03EDGE0916 Ref C: 2024-06-13T19:04:06Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=29D56305099048F0ACA0E34AACDEC778&MUID=052D396E788667B825BC2DF379166652
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
52772539ba017cd7c160fbcf3c614e6f419ba0cc402ad1ca230f4eda13db5649
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12670
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 6D32 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 19:04:06 GMT
server
Kestrel
server-processing-duration-in-ticks
298510
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNi4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJXaW4zMiIsInBhZ2VfdGl0bGUiOiAiTm9ydGggd2VzdCB8IExlYWRlciBOZXdzcGFwZXJzIE5vcnRoIFdlc3QgTWVsYm91cm5lIHwgTG9jYWwgQ29tbXVuaXR5IE5ld3MgVklDIHwgTW9yZWxhbmQgTGVhZGVyIHwgSHVtZSBMZWFkZXIgfCBTdW5idXJ5IExlYWRlciB8IE1vb25lZSBWYWxsZXkgfCBIZXJhbGQgU3VuIiwicGFnZV91cmwiOiAiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS9sZWFkZXIvbm9ydGgtd2VzdCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNzE4MzA1NDQ2MDAwIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogOCwidXNlcl9pZCI6ICIxOTAxMmZjNTg2YTExODUtMDFiNDMwMWNmZDA4ODItMjYwMDFmNTEtMWQ0YzAwLTE5MDEyZmM1ODZiMTQ3ZCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC1zeWQxIiwiYWNjb3VudElkIjogMTMyMjIyLCJ1cmwiOiAiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS9sZWFkZXIvbm9ydGgtd2VzdCIsIndlYnNpdGVJZCI6IDEzMjIyNCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiNDE5MS05YTY1LWI3OWEtZTZlZC00OTc3LWM2OTEtNjAyNi05YzhkIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE3MTgzMDU0NDU5OTgiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNDM5Miwia2FtcHlsZV92ZXJzaW9uIjogIjIuNTUuMCIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNTUuMCIsImhpc3RvcnlfbGVuZ3RoIjogMiwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTcxODMwNTQ0NjAwMCwicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2V9Cl19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-me
prod-instance-gatewayservice-green-7xbm
date
Thu, 13 Jun 2024 19:04:06 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
container.html
b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0320 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.65 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 19:04:05 GMT
expires
Thu, 13 Jun 2024 19:04:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 29E5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.65 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 19:04:05 GMT
expires
Thu, 13 Jun 2024 19:04:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 068C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.65 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 19:04:05 GMT
expires
Thu, 13 Jun 2024 19:04:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F516 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.65 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 19:04:05 GMT
expires
Thu, 13 Jun 2024 19:04:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
8.gif
id5-sync.com/i/701/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/701/8.gif?o=api&id5id=ID5*9IzqJntZ593dc26g8t_nfgCIZtQdWpGeGoKwwJfe2cSnSz384J7MmnnUKl48y6RF&gdpr_consent=undefined&gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 13 Jun 2024 19:04:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
interact
edge.adobedc.net/ee/v1/ 		731 B
821 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=c4ec326d-9787-4c79-b354-8f675840f2ba
Requested by
Host: cdn1.adoberesources.net
URL: https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.56.170 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-56-170.data.adobedc.net
Software
jag /
Resource Hash
2dd14a3d5077e9153a805ce0f6b2cea2c8230d91a6445ec36f76de11f913f073
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 13 Jun 2024 19:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge
AUS3;8
access-control-allow-credentials
true
x-konductor
N/A
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-xss-protection
1; mode=block
x-request-id
c4ec326d-9787-4c79-b354-8f675840f2ba
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 19:04:06 GMT
13726
check.analytics.rlcdn.com/check/ 		25 B
386 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-50.syd62.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jun 2024 19:04:06 GMT
via
1.1 3e4f9c0400441c93ce3468dd26ef9ee4.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P3
x-amzn-trace-id
Root=1-666b42a6-7758e12a335d24bc3198eaef
x-amzn-requestid
2466927c-0814-4f55-9cb9-dd054317f733
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
ZUdaIElajoEECGA=
content-length
25
x-amz-cf-id
JgOzA7YdvFC1ukdDgRfLPM8GORoLggOsGZ1LdExz3L27ewXpF3jBpA==
LiveRampId
au.audience.newscgp.com/ 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7438 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
82456
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 12 Jun 2024 20:09:50 GMT
expires
Thu, 12 Jun 2025 20:09:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5F42 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-B3oq-BLNqTsurkSyCWu6nQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-B3oq-BLNqTsurkSyCWu6nQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 19:04:06 GMT
expires
Thu, 13 Jun 2024 19:04:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
x.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Thu, 13 Jun 2024 19:04:07 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4A95 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.55.4.150 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-4-150.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 13 Jun 2024 19:04:07 GMT
ETag
"623de86a-cf34"
Expires
Fri, 14 Jun 2024 19:04:09 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
ixmatch.html
js-sec.indexww.com/um/ Frame 6406 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
610
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8934583579fea894-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 13 Jun 2024 19:04:07 GMT
expires
Thu, 13 Jun 2024 23:04:07 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 56AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.99.189.67 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-189-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
224
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Jun 2024 19:04:07 GMT
ETag
"2052a-10d-6142d69a886c0"
Last-Modified
Thu, 21 Mar 2024 15:32:19 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4B0A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.55.6.117 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-6-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=59470
content-encoding
gzip
content-length
5492
content-type
text/html
date
Thu, 13 Jun 2024 19:04:07 GMT
expires
Fri, 14 Jun 2024 11:35:17 GMT
last-modified
Wed, 05 Jun 2024 06:37:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_e5835b89-e117-4700-9525-aa1229b95eaa&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=a_e5835b89-e117-4700-9525-aa1229b95eaa&s=2&us_privacy=
  • https://usersync.gumgum.com/usersync?b=zem&i=ElVam-CgqUL2B4YzWzrZ&gdpr=0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=ElVam-CgqUL2B4YzWzrZ&gdpr=0
Protocol
HTTP/1.1
Server
52.37.30.173 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-30-173.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 13 Jun 2024 19:04:09 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 13 Jun 2024 19:04:08 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=ElVam-CgqUL2B4YzWzrZ&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
103
Expires
Thu, 01 Dec 1994 16:00:00 GMT
getuid
ib.adnxs.com/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=a_e5835b89-e117-4700-9525-aa1229b95eaa&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F8%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/112/8/2.gif?puid=95D640555F12AC6A&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=7c05a3c1-844f-4343-be53-b74b301b2737&ttl=%%TTL%%
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/6/4.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/2/6/4.gif?puid=480683056877782366&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/441/108/5/5.gif?puid=656a6644-9248-4406-8d24-f89b9637f0e9&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F10%2F4%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/441/10/4/6.gif?puid=2528855460320867227&gdpr=0&gdpr_consent=
  • https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent=
  • https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=11a254c4ef02180&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/822.gif?puid=AQAKre3QYYKnhQJTrvsPAQEBAQEBAQCRE_1qdgEBAJET_Wp2&expiration=1718391850&is_secure=true&gdpr_consent=&gdpr=0
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F821%2F2%2F8.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/821/2/8.gif?puid=9d13a434-d0b3-462b-9d80-637c17dcbc96&gdpr=0&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_I...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opi...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENQWLJt1p9S-uz4Upp5W3pw&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0Rv...
0
0
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=480683056877782366
43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=480683056877782366
Protocol
H2
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 13 Jun 2024 19:04:07 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
a513cc65-af46-4c88-bffb-772f464aab6b

Redirect headers

pragma
no-cache
date
Thu, 13 Jun 2024 19:04:07 GMT
an-x-request-uuid
77edef02-9002-44b2-a322-0700e9e9915e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.playground.xyz/usersync?partner=appnexus&uid=480683056877782366
x-proxy-origin
66.203.112.160; 66.203.112.160; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_e5835b89-e117-4700-9525-aa1229b95eaa&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_e5835b89-e117-4700-9525-aa1229b95eaa&gdpr=0&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=b5871f59-6457-4dab-8b0d-6be88bc28910
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=b5871f59-6457-4dab-8b0d-6be88bc28910
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8d8c1b78-b15e-4aa4-8a8d-3413670eb14d&user_group=1&ssp=gumgum2&bsw_param=b5871f59-6457-4dab-8b0d-6be88bc28910
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8d8c1b78-b15e-4aa4-8a8d-3413670eb14d&user_group=1&ssp=gumgum2&bsw_param=b5871f59-6457-4dab-8b0d-6be88bc28910
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 13 Jun 2024 19:04:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8d8c1b78-b15e-4aa4-8a8d-3413670eb14d&user_group=1&ssp=gumgum2&bsw_param=b5871f59-6457-4dab-8b0d-6be88bc28910
Date
Thu, 13 Jun 2024 19:04:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
validate
assets.vidora.com/v1/ 		0
299 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-110.syd3.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 Jun 2024 19:04:07 GMT
via
1.1 f1635e40dd33e4abcdd79d3670805a7a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SYD3-P1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
47kxUZaiamaTOT6tTE154yxryGsWzUmrEBeiCm-d567EOMXS5sxWPw==
expires
Thu, 13 Jun 2024 19:04:06 GMT
putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ 		146 B
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.162.199.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-199-133.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ca43996ca54b18561784f90c00c49a442865985639053f46214ac2757bf8a8ab

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.heraldsun.com.au/
x-api-key
79db72eb0b5c7255afa54a253df24fb4a5ac916bf40b51c730df8850aa5665ca
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:08 GMT
x-amzn-trace-id
Root=1-666b42a8-51a476a0432e333177261205
x-amzn-requestid
170403e8-4665-48b8-b2ca-329d1c8582d0
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
ZUdaXHkwPHcEFfw=
content-length
146
putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.162.199.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-199-133.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
date
Thu, 13 Jun 2024 19:04:08 GMT
x-amz-apigw-id
ZUdaWFGJPHcEJMA=
x-amzn-requestid
4cc4d633-ade5-44dc-8aad-bdeb6c832b98
lookuplist
au.audience.newscgp.com/ 		108 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=9f9cfe3ae3c420d5ae9b73204876732c&&bust=17183054478910.613717060714855&errors-in-body=1
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.175.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-175-108.cgk51.r.cloudfront.net
Software
nginx /
Resource Hash
b6361e4b6dae5c8b780b028520cc3857b97a6755a76f5707d9b7fd9d18674456

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:04:08 GMT
via
1.1 b72d8fbcd2028257d64b778bc4a8f160.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CGK51-P3
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
108
x-amz-cf-id
YN4HQBSu6EMUul05U7ncvoFKWyyrjd9uwUqdH_CeQR5NSE33Mrx-FA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
content.api.news
URL
https://content.api.news/v3/images/bin/d5a6527a810f1a3444c3f5db424d7b58?width=150
Domain
content.api.news
URL
https://content.api.news/v3/images/bin/819c9dd3ec84174b3432f206b413f0bd?width=150
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/csp-reports
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/attribution_trigger?pid=&time=1718305443352&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/attribution_trigger?pid=&time=1718305443352&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west
Domain
au.audience.newscgp.com
URL
https://au.audience.newscgp.com/LiveRampId?device_id_type=newskey&device_id=9f9cfe3ae3c420d5ae9b73204876732c&bust=16905034818750.019150480735628417&errors-in-body=1
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENQWLJt1p9S-uz4Upp5W3pw&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406100101&jk=1803293854671472&bg=!4-Cl4K_NAAb64txl2uI7ADQBe5WfOFUjle7dWA2wPsQaDDqPYUScYVPRbJ3Ms39zdC9XNv-X74SnJISY2tlQ73ICPO76AgAAAI9SAAAAA2gBB34ANUhiFBY49IUgHNJgXYGedr66yC1GucXOSHPvIf-s1eCfJ885Deiqb_aBMHeZOQ3nI7CHJKvrCgA9OZyDXeKSPcu7nCGJ5XOfIFIbxndMkQGR9uqlG-95FOZR_Uz5Uu1PeAKkz8C5efzKDFO9Nlk5qTL5jEvslJkCmrm5zTw8orfTZqcC1UIml9_9N0kb9zRDSmhUyxDrQAw7ukbb0K63gO07KxknYNPxH412_i-Hy6Rm6YBJvX1ZEoAmxrYNwNvlznl2FL5rTjkKN3uJwnkgNY7rbgWWLDsZYtabFglPdYLg_R4RbxI8ieYGuP7UThXipGmAXDR8h9SknBHjxXTIs-5rJqcdlEqzSSC9ZDv-iPxCuUcJfvEmqY_vhaUaZ0_K4FSoI0Qs57slv9V16mOuRM42qhGbB0-8_W6gqRA53sG87F5RzGQ9f8qL1A_mnazn2furR3hyknN1gsAFoh9sCNTSpaaHHzYGQcPh_VnS9-sraUEu2cC5Zq9kiK51F8dLVNhJ0Ri6Kg37A52oypwgDVSD1S02cY-RoQfIT2AYrzpGAUoXuv5JtJYdYC4U0jA6-oh-Z4rwRQ-zUrv0vs2Y6JRem3ifVWIKtVjQvWeM9P0zo0qeVthqVffUTjby0KqURxxNGaWBOB37LvkJs2EVx1Vk5MitLabML6z5NFrsUPF9vt3NhYZlxZNMNxq4-eEAKVzbdaAe0UDAOQ5Q1boJewnhQz9Ehkj41LvcCNWWCGfdZ6XxYlcoq3OTCb0pmj3lWt73wXFag_zy_XEG35MhL3P-nH4MypdCDslhpKE14vu7RZ9QbBoX6V1ImVKsx1l0qmVpDV5wSAAqEMzr8ZHA0S6JmjWCzyM-7Vn9PbMzldDTGY4bcrQdslAn0hCaVoL9d4Bax4KztmZZzjxKJeXrh_xn6AeDWLaqABqw0fMBD55gah_DkQdpZkIWDYd4aWR0aZZhhU6GM1zO099CpAUZP6SsxDbj_Ba4KgSdv2M5UUYj_B67fOQZj28vkdHuD3fmvoQ8vn4nQ6rLDJDA-5IQ9Bkcfg

Verdicts & Comments Add Verdict or Comment

288 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 undefined| event object| fence object| sharedStorage object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr function| admiral object| googletag function| _typeof function| loadjs boolean| isLoadedIndiesJs string| urhehlevkedkilrobacf object| fakeAd number| x_width object| OBR string| OB_releaseVer object| OBREvents function| OBR$ function| _outbrain object| OB_PROXY object| outbrain object| outbrain_rater object| ads_api function| algoliasearch function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise object| nb object| app object| __svelte function| 4dm1r11545242527 object| indieApps function| GeaLoader object| vidora_ns object| vidora object| auth object| optimizely object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| wut object| abtest number| num string| val number| itr number| maxval object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| _tealium_old_error boolean| __tealium_twc_switch object| utag_cfg_ovrd object| m object| SUBSCRIPTIONS object| SWG object| utag_cfg object| uetq function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker function| twq boolean| cb_ad_run number| _sf_endpt object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent number| interval object| nca_ipsos object| dm object| ipsos_ready function| rdt object| KAMPYLE_EMBED object| ads_core object| ads_extra object| apsPlayerSize string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig object| adUnits object| pbjs object| __iasPET object| apstagShared object| kw_ignore object| mready object| webpackChunk object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| pbjsChunk object| _pbjsGlobals object| apsUnits function| DIL object| adobe function| Visitor object| mconfig object| _aps boolean| apstagLOADED object| apscustom function| clearImmediate function| setImmediate object| atsdetectionmodule object| atsenvelopemodule object| ats function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc object| twttr object| ggeac undefined| google_measure_js_timing boolean| hasApsUnits object| ads_ready object| google_reactive_ads_global_state object| google_tag_topics_state boolean| isAlloyConfigured object| Criteo boolean| DotMetricsInitScript object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData object| diagPixSentCodes object| __iasAdRefreshConfig object| __id5_finalization_registry object| ID5 function| UET function| UET_init function| UET_push object| ueto_b2855c7fdd object| brandmetrics function| __assign function| __spreadArray object| _brandmetrics function| omrhp undefined| _ object| DotMetricsSettings function| lintrk boolean| _already_called_lintrk string| _linkedin_partner_id object| _linkedin_data_partner_ids object| npt object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv string| account_suffix function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement number| s_objectID number| s_giq function| AppMeasurement function| AppMeasurement_Module_ActivityMap object| s_c_il number| s_c_in object| s object| visitor object| lastException boolean| explicitPageView object| nr object| metrics object| $jscomp object| DotmetricsJSON object| DotMetricsObj boolean| envelopeModuleReady function| redditNormalizeEmail string| redditId object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL string| CE_USER_COMMON_SCRIPT_URL undefined| CE_USER_THIRDPARTY_SCRIPT_URL undefined| oneTagObj function| ebDecode object| bsResponseObj object| categoryData function| clarity object| clarityuetq object| ORIBILI function| cookieWrite function| cookieRead function| formatTime string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo object| s_i_newscorpau-hsweb_newscorpau-global number| google_unique_id object| gaGlobal object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 function| vidoraTrackExtraElements object| vidoraHelper object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata object| GoogleGcLKhOms object| google_image_requests

228 Cookies

Domain/Path Name / Value
.heraldsun.com.au/leader Name: nk
Value: 9f9cfe3ae3c420d5ae9b73204876732c
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: 9f9cfe3ae3c420d5ae9b73204876732c
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1718305441
.heraldsun.com.au/ Name: nk
Value: 9f9cfe3ae3c420d5ae9b73204876732c
.heraldsun.com.au/ Name: bm_mi
Value: 9E586972699B169B5A1B9CB905284A84~YAAQfAUgFxnsKwmQAQAASUj8EhiGetUiyKVMooxdbV0Wt8gJ2bv/vc0ZX+pyjKFHijOHLLB1CagK5fwTC7gJS5yt9xPJ43oiBws3oBCPY4Dsd1ZZkRW08qFoFdsNcKQJ2vM+fS9ZixaQzC5MbPiQaeAFxQnNBa8Dx0OUFfP1jnZbz81L3REoH0vykNhzpho4PUGKJ9NsuJQ397WhqG3/MEna9+V0+iBuR2yiX4e2lBnuLI+xlG/1EikXAWA/fMCDmni5lqJzxUMX19LHxa6W6nkFntSic1etoURQ8jllml292K2fLCMl0vtJq2FRAnpnVU6j00dvAvoj04LX4W6IFg==~1
www.heraldsun.com.au/ Name: lux_uid
Value: 171830544200504607
.heraldsun.com.au/ Name: bm_sv
Value: E5514DFBB30FD5A3ED014116FDE4F4B2~YAAQfAUgFzPsKwmQAQAAUUn8EhhWVxz9lilHtHScYifVlNq7Ey6BpVZe4EJMcq+AZltV1+OUdv7+LE4f9OYIDqgJ+Zw9I7QHc6+8d5b/7HS080CW9V6cZ+usCgf7m08qLb298w5Gcj03tKApVK3VuJkcehNItmX1yLo1Yes11yy8BnVsjEAd3kiNm5ySyOwD30lJPT9OKJHtHpA7n6a07ytqt/ik2zG+tqxNjqd/+UHuu08KjGzY2VR+OrlONi/nkIwjrB0u~1
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3A1c8bb14d-87d2-4b28-9fe8-df43b8918121.I%2BQ51hCfsOaTt%2Fb88UlwPrgRj3H%2FCz7eRYkKjrsSfIw
.heraldsun.com.au/ Name: utag_main
Value: v_id:019012fc4b2f007fbfcfe98de7380506f002e06700b08$_sn:1$_se:1$_ss:1$_st:1718307242608$ses_id:1718305442608%3Bexp-session$_pn:1%3Bexp-session
www.heraldsun.com.au/ Name: AWSALB
Value: YbAMEGpTfPUGyt/bI2mm1tEKIQ/im+WuAzlMvyT3TsWXgjSexGz8l4NJAKS6jnB8Fa4R5Qltv5zy2U70qwjP7YC9qj+mDG4laTYnto2Sq31R9Op7+9dYzdar7Yv8
www.heraldsun.com.au/ Name: AWSALBCORS
Value: YbAMEGpTfPUGyt/bI2mm1tEKIQ/im+WuAzlMvyT3TsWXgjSexGz8l4NJAKS6jnB8Fa4R5Qltv5zy2U70qwjP7YC9qj+mDG4laTYnto2Sq31R9Op7+9dYzdar7Yv8
.heraldsun.com.au/ Name: ak_bmsc
Value: 3818C6CD71708AE3246BC0D87D7760A9~000000000000000000000000000000~YAAQfAUgF3TsKwmQAQAAR0v8EhiwxmNITeuAvF63+juB2RFmKefqiH9cFbnmhhOHAQVPEiHD24GKeVbDCS6BDJml66Q1wuMVSiZ7GzARuWP95gmt0KHuBx3374b0AOrg10tZFmb2gBDBE94OnKuIsO4OPpWYo7PcxHnJ+gPIvjEDR0bze52f112ZqIzag6TiBX9qmY2GZcx8YaB+upiyZyPIIoLVqYfbkFrDVXYw7q2UO1+BgN2bRlUjQVmY1eCmVgdvvzqFIh4lRC4fHJti4+vlSPD2soiEtOAqNmYhqq10Go78Vqs/r8X0Ps2E+vrgIOrh70HUkjThQbLY33gF9CBquiFpbeKhJbDuL531F/LODtGMF2mHXlV/XhpnItDymrHjvvwfyV2iOdc6cmcLabiHnued1BFpTcfPOYW6+TodirfRzrdsib5dCTpa0KQ0Q8fPENwfujIYXnFc+hWyFHgaN4RNNva96DjA0TsrDfhylYSmMuKap+0KPf9go75vzDk=
.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.6172665871666334
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: 6252148f-cdf6-42d7-84d5-c6ab772e7ae4.1718305443.1.1718305443.1718305443.2ed88af3-8749-4a78-96f1-d95bdfdb9e68
www.heraldsun.com.au/ Name: _lr_retry_request
Value: true
www.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
.newscgp.com/ Name: sp
Value: f6356438-12b7-4d04-8e98-63e2d6b154d6
.doubleclick.net/ Name: APC
Value: AfxxVi6GDaO7ICteLEYrnLc3TMLpxDY7YydiW2lLYs1F1g9ltbbRYA
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=ce3c52a4-3212-49ad-b91b-449c90cb7517&Created=06/13/2024 19:04:03&UserMode=0&guid=64e592bf-5f59-4bb1-94ce-15e99a5f98dd&ver=1
.heraldsun.com.au/ Name: _uetsid
Value: b312f59029b711efbb5f95cc39b96809
.heraldsun.com.au/ Name: _uetvid
Value: b313a56029b711efabaf6103c37528ab
.doubleclick.net/ Name: IDE
Value: AHWqTUmwgwsqJGekr-z0i1BxGR2osTFnTqv3l6RH9icoWGnjEZZX7SrGCGtFKLgRrLE
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1718305443199.199593906317848338
ads.playground.xyz/ Name: connect.sid
Value: s%3AhdWHvzqf4t4sMPV_i06i0ZWcGkHl4Oud.5VL7RVIQzkXpXXfEGl2s1KlbyV8XXwJQRwJkADisup0
.heraldsun.com.au/ Name: optimizelyEndUserId
Value: oeu1718305443308r0.43473677415095935
.bing.com/ Name: MUID
Value: 052D396E788667B825BC2DF379166652
.bat.bing.com/ Name: MR
Value: 0
.teads.tv/ Name: tt_viewer
Value: 05e54869-7d0d-4dfc-97fc-198999f9322d
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.t.co/ Name: muc_ads
Value: 8fd2dae2-9b56-401c-bec1-a7ed780e0634
.heraldsun.com.au/ Name: _ncid
Value: 3f0c9091103be654ad1391e460180091
.heraldsun.com.au/ Name: _awl
Value: 3.1718305443.5-daf976a62e349f58a86c39ec947d0078-6763652d617369612d6561737431-0
.heraldsun.com.au/ Name: _cb
Value: xf4UiCZ6h9XBWUs3t
.heraldsun.com.au/ Name: _chartbeat2
Value: .1718305443364.1718305443364.1.C1ZcenulCKSBFj7NoD6dL-l0kg6h.1
.heraldsun.com.au/ Name: _cb_svref
Value: external
www.heraldsun.com.au/ Name: metrics_pcsid
Value: not set
www.heraldsun.com.au/ Name: _lr_geo_location_state
Value: NSW
www.heraldsun.com.au/ Name: _lr_geo_location
Value: AU
.heraldsun.com.au/ Name: _rdt_uuid
Value: 1718305443423.ffb382c8-937c-4347-9872-82dc532e1c56
.heraldsun.com.au/ Name: nol_fpid
Value: wvjt7sl73obgknioulp9tcqqgdwsd1718305443|1718305443440|1718305443440|1718305443440
.pubmatic.com/ Name: receive-cookie-deprecation
Value: 1
.gumgum.com/ Name: cs
Value: true
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13214
Value: 1
.gumgum.com/ Name: vst
Value: a_560cadbf-f6ac-485a-9175-55cacee289dd
.adnxs.com/ Name: XANDR_PANID
Value: EF76P_AtI_TszA3KrAMIHXZgi5imgRSbMagQwZ7BtZD60Yu9w4hJeNQmT5ydXwA5gwS4VlB5EfdInG8KwZvKiSHCh9kcNF11OGBCW19SclM.
.adnxs.com/ Name: icu
Value: ChgIzrIrEAoYASABKAEwo4WtswY4AUABSAEQo4WtswYYAA..
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 480683056877782366
.twitter.com/ Name: guest_id_marketing
Value: v1%3A171830544355085805
.twitter.com/ Name: guest_id_ads
Value: v1%3A171830544355085805
.twitter.com/ Name: personalization_id
Value: "v1_jUPJy6QYIh79700D8qkFSg=="
.twitter.com/ Name: guest_id
Value: v1%3A171830544355085805
.imrworldwide.com/ Name: IMRID
Value: b36e9ee0-29b7-11ef-8568-1d8713a242a9
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 004c3mG4z0_
.serving-sys.com/ Name: G4
Value: 0009fM00RX_
.serving-sys.com/ Name: OT2
Value: 0001DC1uXb
.serving-sys.com/ Name: u2
Value: 1dc8db84-e9e7-4329-ac84-f8e0399a991f4SL050
.demdex.net/ Name: demdex
Value: 53552909378094550800262310694896877888
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M4/8D>6NRF']wIg2E>tqiio8!EKw)06K+2*qF1`*bday%p@:?
www.clarity.ms/ Name: CLID
Value: 92d72397ea2e4063aa336318bf93edcc.20240613.20250613
.heraldsun.com.au/ Name: _clck
Value: 1ltks10%7C2%7Cfml%7C0%7C1625
.rubiconproject.com/ Name: khaos
Value: LXDMP238-R-FIH2
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=3229:u=1:x=1:i=1718305444:t=1718391844:v=2:sig=AQEY0QZrKV2aDHFBE8EXph-BX-q1c_4_"
.amazon-adsystem.com/ Name: ad-id
Value: Ax2iREVrWkLavLytq7CI3VE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.linkedin.com/ Name: bcookie
Value: "v=2&60206212-f84b-438c-8247-a751a0d2ab3d"
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZmtCpAAAAKFTjwM5
.heraldsun.com.au/ Name: _pin_unauth
Value: dWlkPVkySmtOekZqT1RBdFlqRXlOQzAwTVdFM0xUaGhOR1F0WmpkaFpEVTNabVF6Tm1GaA
.doubleclick.net/ Name: ar_debug
Value: 1
.casalemedia.com/ Name: CMID
Value: ZmtCpIsFVZsAAATnAF96JwAA
.casalemedia.com/ Name: CMPS
Value: 4835
.casalemedia.com/ Name: CMPRO
Value: 4835
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.106278359.1718305445
.dpm.demdex.net/ Name: dpm
Value: 53552909378094550800262310694896877888
.pinterest.com/ Name: ar_debug
Value: 1
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSY5R0FPZkxCUTJubVRTckVDK29WUFBNY1YzMkREK25vQ01kdkFKUnNRNzcyYWVVdENxU2t1bFFKV1dtVzl4Z1hUcmt4OURWR1hSYjRQUlgrYlhGZmJoclUyekhWN2Jta1Q1eEdxVTQwOEhJbz0mcGJ1SGNaTEtoTTN0aXdRSnJPRGtOTEZTUmJNPQ=="
.adsrvr.org/ Name: TDID
Value: 7c05a3c1-844f-4343-be53-b74b301b2737
.pubmatic.com/ Name: KADUSERCOOKIE
Value: CDC3639B-DFA7-445D-BBAE-9CC20908FD11
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19888%7CMCMID%7C53574165532646499700264418714609127514%7CMCAAMLH-1718910244%7C7%7CMCAAMB-1718910244%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-541234341%7CMCOPTOUT-1718312644s%7CNONE%7CMCSYNCSOP%7C411-19895%7CMCAID%7CNONE%7CvVersion%7C5.1.1
.heraldsun.com.au/ Name: s_nr30
Value: 1718305444907-New
.heraldsun.com.au/ Name: s_tslv
Value: 1718305444907
.heraldsun.com.au/ Name: s_inv
Value: 0
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_tp
Value: 7359
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Clocal%257Cindex%257Cnorth-west%2C16%2C16%2C1200%2C1%2C6
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Clocal%7Cindex%7Cnorth-west
.heraldsun.com.au/ Name: s_cc
Value: true
.heraldsun.com.au/ Name: _clsk
Value: 72owtj%7C1718305444947%7C1%7C0%7Cx.clarity.ms%2Fcollect
.tapad.com/ Name: TapAd_TS
Value: 1718305444914
.tapad.com/ Name: TapAd_DID
Value: 656a6644-9248-4406-8d24-f89b9637f0e9
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-7c05a3c1-844f-4343-be53-b74b301b2737&KRTB&22918-7c05a3c1-844f-4343-be53-b74b301b2737&KRTB&22926-7c05a3c1-844f-4343-be53-b74b301b2737&KRTB&23031-7c05a3c1-844f-4343-be53-b74b301b2737
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: f96cdf29ff0d7ac041b3d8cddfa014a1
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEOUyAgosZ21FquTeo9kFC5Q&KRTB&23025-CAESEOUyAgosZ21FquTeo9kFC5Q&KRTB&23386-CAESEOUyAgosZ21FquTeo9kFC5Q
.semasio.net/ Name: SEUNCY
Value: 95D640555F12AC6A
.bidr.io/ Name: bito
Value: AAIrMU7M1oUAABYFGgs30g
.bidr.io/ Name: bitoIsSecure
Value: ok
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!3979
.yahoo.com/ Name: A3
Value: d=AQABBKVCa2YCECzjQTWXBnqdWrz15hO-2vkFEgEBAQGUbGZ1ZgAAAAAA_eMAAA&S=AQAAApHYRPv1c12Vh6Uui_Xb_bc
.simpli.fi/ Name: suid
Value: E8B64861CA7D43E3A1A2E7FCC9B95C38
.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898
.heraldsun.com.au/ Name: aam_uuid
Value: 53552909378094550800262310694896877888
.mathtag.com/ Name: uuid
Value: d9f5666b-42a5-4500-bdba-4291cdb81428
.turn.com/ Name: uid
Value: 4005768531039781715
.eyeota.net/ Name: mako_uid
Value: 19012fc5679-30b80000010d4865
.eyeota.net/ Name: SERVERID
Value: 18533~DM
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:E8B64861CA7D43E3A1A2E7FCC9B95C38&KRTB&23486-uid:E8B64861CA7D43E3A1A2E7FCC9B95C38&KRTB&23489-uid:E8B64861CA7D43E3A1A2E7FCC9B95C38&KRTB&23539-uid:E8B64861CA7D43E3A1A2E7FCC9B95C38
.creativecdn.com/ Name: g
Value: AQNQjGNG0Xm7TnHv3027_1718305445397
.creativecdn.com/ Name: ts
Value: 1718305445
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:d9f5666b-42a5-4500-bdba-4291cdb81428
.bluekai.com/ Name: bku
Value: pSL99vPYStSjYpTD
.bluekai.com/ Name: bkpa
Value: KJy9CxObd02pSUHknpxpmEQhwtkAwEDpBED0mE981pzT1eA6BEDyme9y1MR01pWyBMA6meAtmezlmeQTJ7Jkjsk0wVC65cOpJEBOJEJsJEJsjcO+nZHkqVHkKY8rjUxk1AjoR71k16aAzskAJEBW1E161eAtJE/tjcON5VkAJEBWJE/6U6JnUNPPuDxe9WWhJ1R=
www.heraldsun.com.au/ Name: mdLogger
Value: false
www.heraldsun.com.au/ Name: kampyle_userid
Value: 4191-9a65-b79a-e6ed-4977-c691-6026-9c8d
www.heraldsun.com.au/ Name: kampyleUserSession
Value: 1718305445998
www.heraldsun.com.au/ Name: kampyleUserSessionsCount
Value: 1
www.heraldsun.com.au/ Name: kampyleSessionPageCounter
Value: 1
www.heraldsun.com.au/ Name: kampyleUserPercentile
Value: 93.58349332414274
.heraldsun.com.au/ Name: __gads
Value: ID=3099778129f27919:T=1718305445:RT=1718305445:S=ALNI_MauTTM3F6a7qgU-t0ZQJto93VQ4nQ
.heraldsun.com.au/ Name: __gpi
Value: UID=00000e4b9ed27beb:T=1718305445:RT=1718305445:S=ALNI_MZk-1GY-JSaxtT1Ist5tUwbyNL04A
.heraldsun.com.au/ Name: __eoi
Value: ID=536305b26a4467ee:T=1718305445:RT=1718305445:S=AA-AfjaTL28Nk_3j2WmiivxihFuq
www.heraldsun.com.au/ Name: cbd
Value: 001001
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiY1MzU3NDE2NTUzMjY0NjQ5OTcwMDI2NDQxODcxNDYwOTEyNzUxNFIRCPKy8ZeBMhgBKgRBVVMzMAPwAfKy8ZeBMg==
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: aus3
.lijit.com/ Name: ljt_reader
Value: I0iYAQZHvpjKqFmwTe6_s66L
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-ZmtCpAAAAKFTjwM5&KRTB&23194-ZmtCpAAAAKFTjwM5&KRTB&23244-ZmtCpAAAAKFTjwM5
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 052D396E788667B825BC2DF379166652
.lijit.com/ Name: _ljtrtb_80
Value: LXDMP238-R-FIH2
.ipredictive.com/ Name: cu
Value: 70b98360-0093-47b1-a414-4f8ffc0c159a|1718305446447
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2248BEE0EE-CA05-4E59-0DD5-3936C86662C8%22%7D
.criteo.com/ Name: uid
Value: 7e85397d-8733-44c1-8323-fd83d0c59c60
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 052D396E788667B825BC2DF379166652
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLWaaVkyo8392svGr/qdDoVnsha/YXpx3siLGrJ4mx0Ufy0CWNKbNS1tT8h2DZUn+pumcZlz7yr2AsEy1bQpUAe/CJdOGVheLg=
.demdex.net/ Name: dextp
Value: 358-1-1718305444654|470-1-1718305444756|481-1-1718305444857|771-1-1718305444957|903-1-1718305445058|19566-1-1718305445158|23728-1-1718305445259|30432-1-1718305445360|30064-1-1718305445461|66757-1-1718305445561|134096-1-1718305445662|144230-1-1718305445763|144231-1-1718305445863|144232-1-1718305445964|144233-1-1718305446065|144234-1-1718305446166|144235-1-1718305446266|144236-1-1718305446367|144237-1-1718305446468|147592-1-1718305446569|461447-1-1718305446670
.heraldsun.com.au/ Name: cto_bundle
Value: zCz5zF96RGJZNm8lMkJHTXhQYnoxUGxJbGdHNlIwWmFscmo3aFg1Qko0MUJJUVBKVzUyTTN6RWpoZUwycWZ0OEhKeVZQbnlIS2dlSEdRQUIwQk5VS1oyUzdadmRGMDJZNGNMVzFaODFaaGdRWlVWNXdCemU0dzAyQ1FwTjlOVHRwUENPb2I0eGZMTDBzeWVpbkJtaXk2d1NWY0FrNiUyQmU2MyUyRlJiZGsycklHNXExUFBJOEklM0Q
.primis.tech/ Name: csuuid
Value: 666b42a69c8d3
.pangle-ads.com/ Name: _pangle
Value: 2hpyjGHNUcjRfahOiUnch7cVThC
.gsspat.jp/ Name: gid
Value: 181c4c3d2cdf7aafaee1c35dd4a7e8eb
.reemo-ad.jp/ Name: deviceIdentifier
Value: txQCMCeCmjoaibItdkKlQIbpXpfzHmvj
.reemo-ad.jp/ Name: sync_gadx
Value: 1
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: 1DHpphPCaW
.send.microad.jp/ Name: TR
Value: 29c9c3d9d4e5e48b0834b95b287e6ca6211a71416d5dcf40
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4b34f37d-a484-57b6-689c-e8f423c90a2a.Fm%2FuvwJBeQT6jDaJOnHDD0%2Fllu%2BdQZTqkMHuvVx14bs
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4b34f37d-a484-57b6-689c-e8f423c90a2a.Fm%2FuvwJBeQT6jDaJOnHDD0%2Fllu%2BdQZTqkMHuvVx14bs
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ASzTzfaSEV7ZonOj0I8kKKkLLcKA.0pT6xouT9mwRHmxb5i1m1af9n8DWLgFSb2EhMhsqZOA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ASzTzfaSEV7ZonOj0I8kKKkLLcKA.0pT6xouT9mwRHmxb5i1m1af9n8DWLgFSb2EhMhsqZOA
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINvQVxW7yYhKIdFylJQUX6vfXH9NOFijMF2WsFBH8KDKEGcYBCCnha2zBjABOgTwTC9rQgSTRuMZ.omoSa2AKCr84i4ywO3aPi7eBeO30iLqRg3F3miC90CQ
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINvQVxW7yYhKIdFylJQUX6vfXH9NOFijMF2WsFBH8KDKEGcYBCCnha2zBjABOgTwTC9rQgSTRuMZ.omoSa2AKCr84i4ywO3aPi7eBeO30iLqRg3F3miC90CQ
www.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 100
.adform.net/ Name: C
Value: 1
.intentiq.com/ Name: IQPData
Value: 1120628896#1718305447104#0#1718305447104
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVRmJlWGhh
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1718305447105
.adform.net/ Name: uid
Value: 2528855460320867227
.pubmatic.com/ Name: DPSync3
Value: 1719446400%3A197_201_245_226%7C1718841600%3A164%7C1718323200%3A248
.quantserve.com/ Name: mc
Value: 666b42a7-5c0e1-9cf2b-ba20a
.quantserve.com/ Name: d
Value: ENQBEgGKLPijC_vLEA
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~2iz7:18z8~2iz7"
.id5-sync.com/ Name: id5
Value: 2e54593f-4c6f-7fec-bed3-467e6b16dd08#1718305445231#4
.bidswitch.net/ Name: c
Value: 1718305447
.bidswitch.net/ Name: tuuid_lu
Value: 1718305447
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-o029raFJ6vi4Tuj_8Eqm9vYdua24Ger9pRodui9l&KRTB&22979-o029raFJ6vi4Tuj_8Eqm9vYdua24Ger9pRodui9l&KRTB&23462-o029raFJ6vi4Tuj_8Eqm9vYdua24Ger9pRodui9l
.rlcdn.com/ Name: rlas3
Value: /9ttL6DupFbTIlnGaxXu11/8w3Ea4WLI0q2nlept6Tc=
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4005768531039781715&KRTB&23150-4005768531039781715&KRTB&23527-4005768531039781715
.company-target.com/ Name: tuuid
Value: a8b0450f-5d5f-443c-84b8-c80068704278
.company-target.com/ Name: tuuid_lu
Value: 1718305447|ix:0
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: 14yqhu70zbbd
.bidswitch.net/ Name: tuuid
Value: 26a87ee3-1dc1-48fe-bd53-3e9a935061ce
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-vVtMhlGkjdbBpzAf668d9XQidZaZaAOslUAu_LGhDAk&KRTB&23047-vVtMhlGkjdbBpzAf668d9XQidZaZaAOslUAu_LGhDAk&KRTB&23234-vVtMhlGkjdbBpzAf668d9XQidZaZaAOslUAu_LGhDAk&KRTB&23361-vVtMhlGkjdbBpzAf668d9XQidZaZaAOslUAu_LGhDAk
.rlcdn.com/ Name: pxrc
Value: CKeFrbMGEgUI6AcQABIFCOhHEAA=
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-14yqhu70zbbd
.ctnsnet.com/ Name: cid_7463317b8f84468e9e048b039fd4a4a7
Value: 1
.ctnsnet.com/ Name: cid_52b1e84e91ab4ed3874cf3523320b46d
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2528855460320867227&KRTB&23263-2528855460320867227&KRTB&23481-2528855460320867227
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-SzTzfaSEV7ZonOj0I8kKKkLLcKA&KRTB&23334-SzTzfaSEV7ZonOj0I8kKKkLLcKA&KRTB&23417-SzTzfaSEV7ZonOj0I8kKKkLLcKA&KRTB&23426-SzTzfaSEV7ZonOj0I8kKKkLLcKA
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-52b1e84e91ab4ed3874cf3523320b46d&KRTB&23427-52b1e84e91ab4ed3874cf3523320b46d&KRTB&23445-52b1e84e91ab4ed3874cf3523320b46d
.adtdp.com/ Name: uid
Value: AZAS_GBH-F7s5uK77Mw
.adtdp.com/ Name: dynid
Value: AZAS_GBH-F7s5uK77Mw
.pippio.com/ Name: did
Value: rnWLZW0QuDa-wZWX
.pippio.com/ Name: didts
Value: 1718305448
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.zemanta.com/ Name: zuid
Value: ElVam-CgqUL2B4YzWzrZ
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsInNSLiLT5hT0QBRIXCghwdWJtYXRpYxILCJix5Ii0-YU9EAUSFQoGZ29vZ2xlEgsIpoj_irT5hT0QBRIWCgdydWJpY29uEgsImuzbjrT5hT0QBRIYCgliaWRzd2l0Y2gSCwjO6OOJtPmFPRAFEhIKA2FhbRILCLzl-oq0-YU9EAUSFAoFdGFwYWQSCwjm2caLtPmFPRAFGAEgASgCMgsIivC718r5hT0QBTgBWgc4aDl1MTFoYAI.
.csync.loopme.me/ Name: viewer_token
Value: 9d13a434-d0b3-462b-9d80-637c17dcbc96
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQAL_9aS1M-IXgIMGwcTAQEBAQEBAQCRE_1gjAEBAJET_WCM&KRTB&22715-AQAL_9aS1M-IXgIMGwcTAQEBAQEBAQCRE_1gjAEBAJET_WCM&KRTB&23519-AQAL_9aS1M-IXgIMGwcTAQEBAQEBAQCRE_1gjAEBAJET_WCM
.adx.opera.com/ Name: UID
Value: OPU2a72d7ff1ccd4428bc5bacbeb1ca283a
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU2a72d7ff1ccd4428bc5bacbeb1ca283a&KRTB&23485-OPU2a72d7ff1ccd4428bc5bacbeb1ca283a&KRTB&23524-OPU2a72d7ff1ccd4428bc5bacbeb1ca283a&KRTB&23575-OPU2a72d7ff1ccd4428bc5bacbeb1ca283a
pool.admedo.com/ Name: c
Value: 1718305448
pool.admedo.com/ Name: tuuid_lu
Value: 1718305448
pool.admedo.com/ Name: tuuid
Value: 24f3eeb3-75b4-47d2-a60d-129c7b9723d8
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 158393:4
.pubmatic.com/ Name: SyncRTB3
Value: 1718841600%3A2_223_15%7C1719532800%3A35%7C1719100800%3A63%7C1719446400%3A54_179_231_56_165_234_238_71_266_46_233_96_220_254_13_247_7_209_8_21_22_214_107_5_3_264_176
.tribalfusion.com/ Name: ANON_ID
Value: aGnv7yoNIvapmVrCIXOCah9K1b733gOjKLZaTg7SJSSIxdm6BWAsZaYNZdEgemSjkPAdhZdhOwtSEkihtSYeZdbJAyMo81jWXHY5DGkMH3NDiQrZbsaCTD4qNf
.dotomi.com/ Name: DotomiTest
Value: 11a254c4ef02180
.adgrx.com/ Name: ADGRX_UID
Value: b7a145a8-29b7-11ef-bc29-2c9d43092e86
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-8N2y6oXxBz-uFo9_qkJrZg&KRTB&23557-8N2y6oXxBz-uFo9_qkJrZg&KRTB&23586-8N2y6oXxBz-uFo9_qkJrZg
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.w55c.net/ Name: wfivefivec
Value: uQdWHBFo1ShPK35
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-b7a145a8-29b7-11ef-bc29-2c9d43092e86&KRTB&23275-b7a145a8-29b7-11ef-bc29-2c9d43092e86
.w55c.net/ Name: matchpubmatic
Value: 5
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmhhbGBqYmpoYG4CAKSpLqMQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjIwtDSwNDC2NDc2MTExtjAztxTiM9T1MisOLAjOiUpNTasCAPb31-glAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjIwtDSwNDC2NDc2MTExtjAztxTiM9T1MisOLAjOiUpNTasCAPb31-glAAAA
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:uQdWHBFo1ShPK35&KRTB&23421-uid:uQdWHBFo1ShPK35
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-2019090397344438679
.pubmatic.com/ Name: PugT
Value: 1718305450
.id5-sync.com/ Name: 3pi
Value: 112#1718305448174#836366249#95D640555F12AC6A|2#1718305448932#168271630#480683056877782366|821#1718305452263#-1390737121|822#1718305451082#-1792703417|264#1718305448523#-734581478#7c05a3c1-844f-4343-be53-b74b301b2737|441#1718305447447#1518207320#a_e5835b89-e117-4700-9525-aa1229b95eaa|10#1718305450121#-1440892144#2528855460320867227|108#1718305449410#1373712223
.pubmatic.com/ Name: SPugT
Value: 1718305451

7 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=314020981118.4975?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=314020981118.4975?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=314020981118.4975?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript error URL: https://www.heraldsun.com.au/leader/north-west
Message:
Access to XMLHttpRequest at 'https://px.ads.linkedin.com/attribution_trigger?pid=&time=1718305443352&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west' from origin 'https://www.heraldsun.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://px.ads.linkedin.com/attribution_trigger?pid=&time=1718305443352&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENQWLJt1p9S-uz4Upp5W3pw&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
a.teads.tv
a20352597942.cdn.optimizely.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ads.playground.xyz
ads.pubmatic.com
alb.reddit.com
analytics.twitter.com
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
b1sync.zemanta.com
b94f4527624b7936d3e8654609f3a0b5.safeframe.googlesyndication.com
bat.bing.com
bedsberry.com
bidder.criteo.com
bs.serving-sys.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c0.eu-3-id5-sync.com
c0.eu-4-id5-sync.com
c1.eu-3-id5-sync.com
c1.eu-4-id5-sync.com
c2.eu-3-id5-sync.com
c2.eu-4-id5-sync.com
c3.eu-3-id5-sync.com
c3.eu-4-id5-sync.com
c4.eu-3-id5-sync.com
c4.eu-4-id5-sync.com
c5.eu-3-id5-sync.com
c5.eu-4-id5-sync.com
c6.eu-3-id5-sync.com
c6.eu-4-id5-sync.com
c7.eu-3-id5-sync.com
c7.eu-4-id5-sync.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.optimizely.com
cdn.speedcurve.com
cdn1.adoberesources.net
check.analytics.rlcdn.com
client.api.news
cm.everesttech.net
collector.brandmetrics.com
config.aps.amazon-adsystem.com
connect.facebook.net
content.api.news
ct.pinterest.com
dpm.demdex.net
edge.adobedc.net
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
geo.privacymanager.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
insight.adsrvr.org
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
lm.serving-sys.com
login.newscorpaustralia.com
logx.optimizely.com
metrics.heraldsun.com.au
mhr.talk.news.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
news.google.com
newscorpau.demdex.net
newscorpau.sc.omtrdc.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-config.reddit.com
pixel.adsafeprotected.com
pixel.mediaiqdigital.com
pixel.zprk.io
pool.admedo.com
prod.tahoe-analytics.publishers.advertising.a2z.com
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rm-script.dotmetrics.net
s.amazon-adsystem.com
s.pinimg.com
script.crazyegg.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
subscriptions.heraldsun.com.au
t.co
tags.news.com.au
tags.tiqcdn.com
topics.authorizedvault.com
tpc.googlesyndication.com
udc-neb.kampyle.com
usersync.gumgum.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.heraldsun.com.au
www.mooneevalleyleader.com.au
www.redditstatic.com
x.bidswitch.net
x.clarity.ms
au.audience.newscgp.com
content.api.news
ib.adnxs.com
login.newscorpaustralia.com
pagead2.googlesyndication.com
px.ads.linkedin.com
103.43.90.54
104.18.187.31
104.18.24.111
104.19.147.8
104.244.42.67
104.74.39.62
104.83.204.181
104.99.188.143
104.99.188.230
104.99.189.111
104.99.189.198
104.99.189.67
108.158.14.99
108.158.20.32
108.158.20.50
108.158.21.125
108.158.32.114
108.158.32.127
108.158.32.13
108.158.35.170
117.18.232.195
13.107.246.31
13.107.42.14
13.239.155.123
13.251.142.250
13.35.147.66
142.250.204.2
142.250.204.6
142.250.66.193
142.250.66.196
142.250.66.206
142.250.66.226
142.250.67.3
142.250.67.8
142.250.71.65
142.250.71.66
142.250.71.70
143.244.62.6
151.101.0.84
151.101.1.140
151.101.129.140
151.101.194.217
151.101.28.157
151.101.64.84
151.101.65.175
157.240.8.23
157.240.8.35
162.19.138.117
162.19.138.118
165.69.249.4
172.64.149.180
172.64.151.101
172.67.38.106
172.67.69.191
18.138.164.249
18.155.192.129
18.232.189.0
18.244.214.42
18.65.244.102
18.65.244.110
18.65.244.42
18.65.244.67
18.65.244.99
18.65.248.189
18.67.175.108
18.67.93.121
182.161.73.129
182.161.73.136
182.161.73.145
20.114.190.119
20.205.115.81
20.40.202.2
204.79.197.237
23.202.168.183
23.202.168.218
23.202.169.72
23.206.242.194
23.221.20.194
23.32.5.109
23.55.11.47
23.55.4.150
23.55.6.117
3.104.132.249
3.104.159.235
3.5.168.128
3.77.62.68
34.102.253.54
34.149.26.226
34.49.241.189
35.162.199.133
35.173.120.247
35.213.12.39
35.241.45.82
35.71.131.137
44.195.76.49
44.205.131.107
50.31.142.223
51.75.88.178
51.75.88.190
51.75.89.127
51.75.89.188
51.75.89.23
51.75.92.187
51.75.93.54
51.75.95.112
51.75.95.135
51.75.95.199
52.37.30.173
52.46.151.131
52.74.235.159
52.76.196.116
54.95.211.239
63.140.39.82
63.140.56.170
63.140.56.177
67.199.150.87
69.173.158.65
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c
00a89fe311bafa87c79d403af776783c4c638aacea4dc7d7ca49d8ec8b0eb03e
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
035675399800e3ae1f674fa492c731a97d18c40358fd47ccee65ffe31d5b3455
037a7990b9e7bf5357a8ec0c6d39fe063ecdd8da52687e76418f2b1c907ec9fd
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
03ea55b1a6f1ee0d3329b1d40485055d8ce19e294dd9f34ca4144b8953de2ce4
04a2962ab8ef3cd5d9056b3e03c655fbd16951a6ff8e0d1741d51b9dae243d90
0550eb4adbc2bd19bab3c671c44db361ac514c29ae362561e0f6e91a20835b3f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07310e6436039e6362113ff07e5e43b8832c3e2395c075214051b384fda26d10
08df926745e994c19e450275e35cd08beeeee563db4aa6d83f8d3ae8c3e9eb75
098b88031b6ca6e865ad2eeb940a03ae7e97e2ff13d0df5342212793d38ff2ce
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd
0e147db4676ad509aafb8d0a56b2a364414419c79808e6ee3461a74b19b86e21
0e53454a6a3599c9e3c46ed4eb2132a19bd03b72d6be5282a2d4fb093249751f
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
13f36ccedf24d86525fcd8487366a40b9db9a1f6b2e73c073c618a28c76d38eb
15761d5a77528d07c241c956bd34b2bf6abda40e3453e4865d5d1c69c148a139
18adb42d8090a13c0c22990962d0e5a2b4166c8d58550abf3e7130ac85205c7d
18d1731dbb83e45e4763bb78d580a5fffe3baceba82725e9aff0429a0824c60e
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
22ecd1f215d5f0de2519192fc103cd507c676366ac23924cf9bd7d1252477670
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26e14e8f2ccd855240a903708f250499c1696fb13a5f76d9e7851af290922b4f
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
27b65c06fcf400e92c162ef2a8497cc573468ed0904d1a4c92119344c9997313
29279c222731bb549d6e0b9049e640dadc019d9fa434cafe431c2048995a2d78
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
2948ad43dceb85a6e0a79fa9f071822e53aa3ddabc58b96aaee8817b13d5f2c5
29a87db3f1d7967d183df115a6a9c96b89665cfd8c142f35946b93d13ee30246
2a0136753afc552a5ff2695e211ea8f48ab3a38d675029273491a95d844fdc87
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3
2dd14a3d5077e9153a805ce0f6b2cea2c8230d91a6445ec36f76de11f913f073
2dfad6270523a1ae021ee983c0088450574a085a112273c859113f9e8fe0e53a
2e5ae2206d0d20bab9706afc6abf0e2e8b85b5a2661d6c58bca7756accc3bd5a
32199c514f6280be0a2531b00efcb112fb626775c4e7ac7ab5f989755ab796a7
35688df8c18624d01d3a9f9c42c7ccd7c6a7b435e4a6d20663ad290e533fe7f6
35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a
36e5645e5f92f1e01e415aa4fcf30757341988933fb3af7ce3aae35347a4b36f
381d41639eea25e32ca264e1a8934fac1eef57e2e0e5364b9c7073c31f10b5c8
3d289f4f6b65293c9d005eb006089a6e72c60debe51698ccea87613df9ccf66e
3dce90aa3175cbae74769a3f680dc2d6ba0871c4e5c0b82a721fa676c24024dd
3ed27a757d8722de804e7d1eeb03c104d6e30d4e0e9646fbffce003866f8b94b
41fc87b0864d1504d324cf594200d379083280ea9333ac0c41fd9b3a11e12f1d
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a
4c2ba99ad05b8b647c05705d6496b1a802131ddc73f2e5224ea925f5bfe275f0
4c2e03d0e2d3f21d25a50ac39491f5124a03d778da219ccb65801c522201a370
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
50b50fc38a22a9e8489e151d1e6125217bb4f24a83746aa0e8d1cf34ae80abe7
52772539ba017cd7c160fbcf3c614e6f419ba0cc402ad1ca230f4eda13db5649
5289752ce792428483ca32d5bf922e4ab34d67411df8a2b5e89155c7b6f7f5d2
52bda9bafc1cb7f99510d02708860999354780f43d77fc4d82c2a9abdd47f2ae
546bdad88bd32567d6b556f94ec3c4c8af90324fab200514ee5756ba933fcb0a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd
561ff627749f7abea8c650fea61169efb426ea12eafa23e86b35a29683d52b32
58777cb0b85e2ac166949b87d113a684542e7ef5bb6c0d6b4295f3f5fcd61d71
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5c6f646be7d733a83798859f8e804875a51819220010d59c77d4fbe45bbea098
5d1e25f0bae3df435bf9bef434d68fa5f2833c5e398e46207fbb107fbe5a892f
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5e75e655fc9163baefbb62bd90fbdf915510d7b3329d692b362d39c2b19b6093
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62dac2fb8b9189d4bdbc92af26170df4f76405dd2cddf7d1246cf0d451ff07d8
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
66c07992edbce7a255b33616e07222d417c0c4156d5aaaa81f858954a92a355e
67b9635b38d68a49ad3296f4157106c75441565293192bf1bd251dac723dc72f
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
68cb02fda30a702c62c26c92e50d47cc2a729a086b0fa695d5ef3bcc71d9d4e9
695427dd1c627f38f177c2c15c74185f2130a6cb8390d86560714a6e31fa07bc
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d
6c3c03076ad818221def01363b401daf30656eb7e32179843f4d8653c01f227d
73f182db722abc9dda703370dd45e367ac61aea4b1ba15da698bef5911685299
75cfff2f889e56a283381fe76a99ce4c4266d0853d60a72a28fe73704cfa5800
75fc996d067b9bc4fd03d789c40fd0fae24111a151bc7f917fc72c33e7bb2e09
7b152261e1c57453fc67ef715778608859c6c09a2a50affc25d99e0bb0742380
7edd07ea8c3cd6fc14431d7072ce4901e8127cc022d203e21e4624ae349c55b5
800abd7b93ce8b0d48cf5a71399993a8b024f4f0b350b4f85f65855072107dab
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8184c03402eaf1cb7b4f91736960aeaccdfe02bd13d0a895131d5878c51772e6
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8331c7ac7844ebd69695f504793d556d9804c6a112e9833717044ec628288b81
85b85b3a907c03eabbbbf958f7c5524522e1bc3dd34494581a5ab76d150b620b
86a42998901a959efd223ee932d392efb17b8ad862b2439bd30267bb9fc1612e
875e2dbb46ed3ac5de6ffb948be3670674574c75bf0c963ad68edb8832f06d44
88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf
89417b7e7e602e0e469946d8971f4a48d69e6511d2755b5933d95260f9771529
894d0b829da11fd23016a7e9c0e5f2ed68f727a5d5ec0834503a78d29e043eb1
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8a94a990f0af4a7a814dc009df3fbb1a4b14ca58d89b3dae0936b48646ebff68
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8c2488b897e28a890a67498f78e07766b9c3b732d0f22905e627d609fae53c5c
8f92f9cb1a5ec54c42398b05555be2920e647a348da21b20f453df8f650a5a67
8fd59ce9cad7ff06c865b324648531261f6b38294b4755f537dd164c82f74f2a
91b4ae56883f1dd4b65f2af46126d91e2fcaf4d40c4b4a3ed260bea709853b42
938821ff9c63082ff30895cfe872fb5e3ac8fed797db0ec4f41a08a1a83b2945
94ccf9b12044666534ed3c190b46629b5b21e03d948f9663e9d7fe7b0b92f6ec
94f88ed2b636a66000b1a1f2480244e4641529f9e4303dd6497941d22dc525c8
97011c31b9b5b44ae9f929233aad0c8af990d596f933e378bc093e652abef155
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24
9c9681d8f41104acbaf00c730c16f060ddd798f97cfcbba631fe1781cccfdbc9
9d1b6db6af2e0ec1fc8465d55cfad297cabcf721cde00b98e5e6c4b47c7c4dc5
9e0e29c5fae09dc59ec136bd64ae0c7737af9176d36961f7c38fec04b24ef7c1
9f8a7f93503827827e8277dcf975e1a74724a5a8aec4863f4d165abeb75a4e82
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a57e5869c88a460c3a1eb5beeefe8594f46e8f530a14b6d723d8ce940209b318
a61500a342875a17afc10c79e9c1596ae0e18182bf57f34390b4a68dad5ce1cd
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aac5f7810aa4009b33815d64bf3cb9b7de375adcef8cbdd8954394605acd557c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
adfb5ae2c0f62d3a5b035d61ab7bfc8213a8a2da65d0cb8505be548957195458
aeefdb59a530585244dd2afbbaec040f62d5e5de3789294c478c2d6e9bb647ea
b2d51b6e2b65ea8713f9620a657f9578f3c04cb3afed5d6d8240f88d16b42c18
b6361e4b6dae5c8b780b028520cc3857b97a6755a76f5707d9b7fd9d18674456
b693ff17985bc54be8d357b5ac2ddc78e06c64df046d38aadad3d9bee7ec2439
b8464dcb7e2e01bf45bea28cd900120b54874408b41a83ccd573931cae12fac8
bdd1aca384755cc0567af739bb0d064e5593012c2cb60828ef34c46857f94093
befe6ce4a2024bfae944e369e15700b2401399aaf2e0c117e6d70d87dd2e581f
bf503a23e4e0eba3b3bf84282a360bf0c1664232cffb781aae272e8e77f2c63d
c34a591607f8416f5c97bfafc5f18d15868de7b201bc575f28a8aa483210132b
c4317b85ce58155bd79c593334b5d1b79f6b23664a529820db132d5e695497fb
c537d51233d2521f6b21b8b304fa129049f38c1c8ef9a3af5998f45deb3f5d3d
c7f9261566de1c9e35469441d0d5fad75180ce66a37cd7a02ac3a607b89f257b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca43996ca54b18561784f90c00c49a442865985639053f46214ac2757bf8a8ab
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
cec7c42dfaecacf48338aaa45367fe8133c3defdd3e57e6e8a0c2a60e24c1b1e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d2c7f0be31f6c8135d6f493ffcaa2f4a6df898ffb688e13383bc8f77888feae3
d40a10dc1eb2243e89f9ff06e223cc9aaf40f4ee8ca9d4ec941828b57d2482c1
d516f64867936fce8631e3fcab05a99587bf1deec98607473942d583da92a813
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d8dff116fab3b590edc96545362a67e3485980b894f08b303cdd78491c1eebbe
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510
d9ee514bcfac3c14f66b5b05947902d9c9713922c631760e5d3a64185ae09f59
d9f5945e80f23ab8addc1908230c8aa3ffabffd8aaa4827fa91afa5785a64169
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
dadc6ca0e3869997ce4d2f4f0870391b922900baad7ad28398e6b7eae5131f33
db66bcc0be3d8c0ebef24695348e506fc4e08e1da99455465f097bd34f9a7424
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c
e0fcf7e037718dc4737d04d4d06f25a612379d220ed0bb11d55ec250251b623e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8
e4d91306b7a0d556e8333a647a2069cdfaa281567fc9919b804e6678f78e4a7d
e62d4215000c609cb37a09aee086661e70b0726223049384ea35b159970578ac
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
e8578396b1b92c9c86641ef39b7ee6f7c675d2f6fd2127cb3a1d7b518aa7eb6d
e90a2bf79625a2edcc926bece790049ab84d97d88859242c3c2e31811e6c6e34
e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249
ee3a0d5fdb112ed694c74932552ca126e2ae56fe0d2260a757af6e2c0fcc698d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
efd8e07b3a0b0bc85c0185b004ae6a7d6a85c4b8492a8ea983f6a81a2dedbc7d
f0610670f531c2abc80b33bfda4a7874fa00ab23ba213f3a7910f52e16594df2
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f2de48828c639abbb08864cc035c53a5e3a36323cc3cfa1d27945942d6e37feb
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f4d95c512a8c3663cd91310face3537e1a4fe6ddf011217ca8c2c62f9cc4a990
f5647c47fb1b581202f34328775140b59a860d678f541caf98adf2e3d48900f2
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9
fb9b154b0310341a89e238556489b1dca1c4fcd93befe9abe543f68802902017
fdba8926b943ef611fc6efc98f34bf6b946006bca29a6ca711c03f94e9b770ba